Categories
Blog

Revolutionizing Compliance with RegOps

What is RegOps and how will it revolutionize compliance? I recently visited with Anil Karmel to help understand how this concept weds multiple concepts, including data analytics, Design Thinking, AI and other tools to create a powerful mechanism to drive compliance forward.

 The term Reg Ops is coined from the combination of regulation and operations, indicating its focus on streamlining the processes related to policy adoption, regulatory compliance, and risk management. Reg Ops brings a variety of software tools and practices that leverage automation to achieve compliance quickly and efficiently. This approach, with its focus on near real-time and near continuous compliance, is ideal for businesses looking to integrate compliance as part of their core operations without sacrificing productivity. RegOps specifically addresses the unscalable problem of regulatory compliance by incorporating lessons from DevOps. Karmel’s vision was to build a platform that could provide compliant software development continuously and in real-time, thereby changing the compliance landscape. As a result, RegOps introduces a holistic solution that encompasses both human and machine processes for improved efficiency in regulatory compliance.

Chief Compliance Officers (CCOs) and compliance professionals often face the daunting task of keeping up with ever-changing regulations and demonstrating compliance in an efficient and timely manner. The traditional methods for achieving compliance are manual and time-consuming, thus falling short of effectively tackling the increasing complexity of requirements. With the growing significance of compliance in ensuring organizational success, there is a pressing need for a more streamlined and automated approach that can address the compliance challenges at scale. Karmel emphasized the necessity of transforming the way businesses handle compliance. RegOps can do this, providing an evolution of compliance that shifts away from manual processes towards embracing automation and cultural transformation. By learning from the adjacent discipline of DevOps, Karmel and his co-founder Travis Howard developed an automated, real-time solution to help businesses better address compliance challenges, regardless of their size.

One key factor that determines the success of a compliance solution is user experience. It is crucial to develop a system that not only provides seamless communication between machines but also ensures a positive human interaction with the compliance artifacts. By designing the system with the users in mind, the platform becomes more effective and impactful. A RegOps platform should be built around providing a good machine experience for machines to interact and a good human experience for humans to engage with compliance artifacts. The API-centric platform integrates with an organization’s existing tools to gather evidence in near real-time and automates the creation of tickets and real-time reports for any compliance gaps. The user-friendly reporting features cater to stakeholders at various levels, enabling them to trust and rely on the insights derived from the platform.

Regulatory compliance is an ongoing endeavor, and businesses must constantly adapt to changes and improvements in their fields. Thus, adopting a continuous process that facilitates constant refinement of practices is a necessity for successful compliance operations. By liberating businesses from time-consuming manual processes, automated technological solutions enable them to focus on improving their overall compliance outcomes. Karmel’s vision for RegOps revolves around a continuous, real-time compliance journey that is constantly evolving and adapting to users’ needs. RegOps can help provide continuous, scalable solutions that conquer regulatory compliance challenges by harnessing the power of automation and cultural transformation.

As the business landscape evolves, the importance of compliance cannot be understated. Organizations need to embrace new approaches, technology, and cultural shifts in order to stay ahead of the curve when it comes to meeting regulatory requirements. This entails not only adopting automated solutions but also fostering a culture that prioritizes compliance and understands its impact on both the organization and its stakeholders. Compliance can leverage  RegOps in transforming the compliance ecosystem. Karmel highlighted the fact that without this shift in approach, businesses would find themselves lagging behind as regulations and the demonstration of compliance continue to change. By promoting near real-time and near complete compliance solutions, such as the ones offered by RegOps, businesses can triumph over the ever-evolving compliance challenges.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program for 3rd Parties – 3rd Party Compliance Terms and Conditions

The 2020 Resource Guide stated, “In addition to considering a company’s due diligence on third parties, DOJ and SEC also assess whether the company has informed third parties of the company’s compliance program and commitment to ethical and lawful business practices and, where appropriate, whether it has sought assurances from third parties, through certifications and otherwise, of reciprocal commitments. These can be meaningful ways to mitigate third-party risk.”

You should incorporate appropriate compliance terms and conditions into every contract with third parties. I would suggest that you prepare a template, which can be used as a starting point for your negotiations. The advantages of such a template are several, and they include: (1) the contract language is tested against real events; (2) the contract language assists the company in managing its compliance risks; (3) the contract language fits into a series of related contracts; (4) the contract language is straight-forward to administer; and (5) the contract language helps to manage the expectations of both contracting parties regarding anti-bribery and anti-corruption.

Many do not believe they will get the third party to agree to such compliance terms and conditions. I have found that while it may not be easy, it is relatively simple to get a third party to agree to these or similar terms and conditions. One approach to take is that they are not negotiable. When faced with such a position on non-commercial terms, many third parties will not fight such a position. There is some flexibility, but the DOJ will require minimum compliance terms and conditions. But the best position I have found is that if a third party agrees with these terms and conditions, they can use that as a market differentiator.

Three key takeaways:

  1. Compliance terms and conditions are mandatory for any best practices compliance program.
  2. A key clause is a right-to-audit clause.
  3. Third parties can favor robust compliance terms and conditions as a market differentiator.
Categories
The Hill Country Podcast

Karen Taylor on West Kerr Country Chamber of Commerce Annual Fundraiser, Shadow of the Moon

Welcome to the award-winning The Hill Country Podcast. The Texas Hill Country is one of the most beautiful places on earth. In this podcast, Hill Country resident Tom Fox visits with the people and organizations that make this the unique area of Texas. Join Tom as he explores the people, places, and activities of the Texas Hill Country. In this episode, host Tom Fox and Andrew Gay visit with Karen Taylor, Executive Director of the West Kerr County Chamber of Commerce, about their upcoming annual fundraiser, the Shadow of the Moon.

 Key Highlights

·      What is the event?

·      Sponsors and raffle items

·      Keynote Speaker-Jeff Stone

 Resources

West Kerr County Chamber of Commerce

Shadow of the Moon

Categories
Great Women in Compliance

Maria D’Avanzo – The Chief Evangelist Officer

Welcome to the Great Women in Compliance Podcast, hosted by Mary Shirley and Lisa Fine. In today’s episode, the Great Women in Compliance podcast delves into training and learning with Maria D’Avanzo, who is the Chief Evangelist Officer for Traliant.  Prior to joining Traliant, Maria was the Chief Ethics and Compliance Officer and Chief Privacy Officer for Cushman & Wakefield.

Like Lisa, many of you may be wondering what a “Chief Evangelist Officer” does in compliance, and Maria’s role is one which is more often seen in tech companies, where there is a person who is dedicated to improving the customer experience in all areas, from product development to customer servicing, using her perspective as an E&C officer.

She shares some of what she has learned from customers and her views on trends and current issues, including the use of AI and best practices.  She also talks about her experiences in financial compliance, and may be the first podcast guest who holds NASD Series 24, 7, and 63 licenses.

You can find the Great Women in Compliance Podcast on the Compliance Podcast Network (CPN) where you can find several other resources and podcasts to keep you up to date in the Ethics and Compliance world. You can also find the GWIC podcast on Corporate Compliance Insights (CCI) where you can learn more about the podcast, stream prior episodes and catch up on Mary’s monthly column “Living Your Best Compliance Life.”

Corporate Compliance Insights is a much-appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book; “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020). If you enjoyed the book, the GWIC team would be very grateful if you would consider rating it on Goodreads and Amazon and leaving a short review.  Don’t forget to send the elevator back down by passing on your copy to someone who you think might enjoy reading it when you’re done, or if you can’t bear parting with your copy, consider it as a holiday or appreciation gift for someone in Compliance who deserves a treat.

If you enjoyed the book, the GWIC team would be very grateful if you would consider rating it on Goodreads and Amazon and leaving a short review.  Don’t forget to send the elevator back down by passing on your copy to someone who you think might enjoy reading it when you’re done, or if you can’t bear parting with your copy, consider it as a holiday or appreciation gift for someone in Compliance who deserves a treat.

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

Microsoft OFAC Enforcement Action

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. In this episode, join Tom and Matt as they delve into Microsoft’s recent sanctions enforcement action with OFAC. They explore what went wrong and how to avoid costly compliance failures, from potential red flags to reseller relationships. But it’s not all doom and gloom as they discuss how Microsoft implemented three lines of defense model for sanctions compliance, setting a benchmark for the industry. With Tom and Matt going into the weeds on the importance of centralization and persistent screening technology, this podcast is a must-listen for any compliance officer looking to stay ahead of the curve. Tune in now to find out more!” 

Key Highlights 

·      Sanctions compliance case involving Microsoft

·      Microsoft’s Sanctions Compliance Model

·      Microsoft’s Sanctions Compliance Program Remediation

·      Sanctions Compliance and OFAC Guidance

·      Impact of Russia invasion on Microsoft operations

 Notable Quote:

“It’s well worth giving the case a good look. So it was, I thought, a great lesson on resellers and the way the hardware and software industry did business.”?

 Resources

Matt  on LinkedIn

Matt on Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

April 12, 2023 – The End of FDA Oversight Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Holmes must go to prison. (WSJ)
  • Chinese financial center rocked by corruption allegations. (FT)
  • Texas judge ruling may effectively end FDA oversight. (NYT)
  • Tyson Foods struggles with corporate governance. (WSJ)