Day: June 20, 2023

Categories
Blog

Building a Stronger Culture of Compliance Through Targeted and Effective Training: Part 2-The Value of Targted Training

Welcome to a special 5 part blog post series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, a Principal Instructional Designer; Andrew Rincon, Global Accounts Management Advisor at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third-parties, and the role of the Board of Directors. In this Part 2, we consider the the value of targeted training with Kevin McCoy.

Navigating the complex world of international compliance requires a thorough understanding of regional regulations and a commitment to keeping your workforce informed and prepared. As a corporate compliance and ethics professional, it falls upon you to create robust training programs that cater to the specific needs of your organization across various regions. Improved engagement and effectiveness of compliance training have significant implications on both personal and professional levels, ensuring that employees understand their responsibilities and the consequences of non-compliance. This blog post will guide you through essential steps to enrich your training content, provide additional resources, and establish a successful learning culture within your organization.

Targeting training is not just a buzzword; it is a necessary step towards improving engagement and effectiveness in our compliance and ethics training programs. By understanding our audience’s needs, creating interactive content, and measuring our efforts’ impact, we can significantly improve our employees’ compliance knowledge and behavior. Let’s make a commitment to prioritize targeted training in our strategies and achieve the desired results.Here are the steps to get Improved engagement and effectiveness of compliance training.:

1. Analyze regional regulatory requirements.

2. Customize training content for specific regions.

3. Develop engaging micro-learning modules.

1. Analyze regional regulatory requirements. Compliance training can be an essential aspect of the corporate landscape, ensuring that all employees remain up-to-date on the latest regulations and company policies. However, these training programs can sometimes be perceived as bland and disconnected from the day-to-day activities of the workforce. This is why it is vital for organizations to analyze regional regulatory requirements and create targeted training that is engaging and relevant to their participants. By understanding the specific compliance concerns for each region, organizations can develop tailored content that effectively addresses the most pressing issues. This not only produces more meaningful training sessions, but also increases the likelihood of employees retaining and applying the acquired knowledge in their jobs. Kevin McCoy, noted the importance of tailoring compliance training to regional regulatory requirements. He recommended examining the distinct rules and guidelines for each area where the company operates and utilizing this information to create targeted learning initiatives. By continually monitoring and updating training materials to reflect the evolving regulatory landscape, companies can ensure their employees are equipped with the knowledge and tools necessary to navigate today’s complex business environment.

2. Customize training content for specific regions. Customizing compliance and ethics training content for specific regional requirements is a crucial factor in ensuring its effectiveness. This approach ensures that the material is relevant, precise, and engaging, leading to better retention and understanding among employees. Adapting the content to suit regional rules and regulations, customs, and culture ensures that employees are better equipped to navigate the challenges they face in their specific locations. Furthermore, it demonstrates the company’s commitment to being culturally sensitive and respecting the diverse perspectives of its global workforce. Ultimately, this targeted approach fosters a more ethical, culturally aware, and regulatory compliant workforce, lessening the likelihood of legal and ethical breaches.

McCoy focused on the importance of targeted training in the global business landscape, emphasizing you should create compliance and ethics training content that caters to different regional requirements as well as varied risk-based areas within a company. For instance, sales teams would require training around conflict of interest while manufacturing teams would need training on health and safety regulations. He discussed strategies such as animated videos tailored for specific regions and languages, using native speakers to ensure the content is culturally sensitive and accessible to a wider range of employees. By adapting the content to the specific needs of your employees you will foster a more comprehensive understanding of compliance and ethics across diverse global teams.

3. Develop engaging micro-learning modules. Developing engaging micro-learning modules is an essential step to create effective compliance and ethics training programs for employees. Micro-learning consists of short, easily digestible pieces of training content that employees can access and engage with at their own pace. Implementing micro-learning modules allows companies to address specific topics and target unique segments of their workforce, ensuring that employees receive relevant and timely information. This ultimately leads to increased employee engagement, improved retention of knowledge, and a greater overall impact on the company’s compliance program.

McCoy noted that engaging,  micro-learning modules can focus on such diverse topics such as conflict of interest, anti-bribery, and anti-corruption. These modules can also be culturally sensitive and translated into different languages using native speakers to ensure proper understanding and engagement for a global audience. Moreover, they tailor the content to target different risk-based areas in the company— sales teams may receive training on conflict of interest, whereas manufacturing teams might focus on health and safety. By providing offline training options in various formats such as PowerPoint presentations and PDFs, they further enhance accessibility and engagement.

For corporate compliance and ethics professionals, mastering the art of delivering engaging and effective training is crucial in fulfilling their obligations and safeguarding their organizations. The steps outlined by McCoy, ranging from regional adaptation and micro-learning to offline training formats and supplemental resources, provide a comprehensive blueprint for achieving the desired result. By adopting these strategies, you are laying the foundation for a solid compliance training program that not only keeps employees engaged but also actively contributes to upholding the organization’s ethical standards. It’s time to put these tips into action and experience the remarkable transformation in your compliance training initiative.

For more information go to http://diligent.com/compliancetraining.

To hear more from McCoy on the value of targeted training, click here.

Join us tomorrow where we consider the difficult subject of what is effective training.

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 19 – Tomorrow is Yesterday

In this Trekking Through Compliance episode, we consider Tomorrow is Yesterday, which aired on January 26, 1967, Star Date 3113.2. 

 The USS Enterprise is thrown back in time to Earth during the 1960s by the effects of a high-gravity “black star.” Enterprise ends up in Earth’s upper atmosphere, is picked up as a UFO on military radar, and photographed by a USAF jet. Fearing the pilot could disrupt the timeline if returned to Earth, Kirk at first decides that the pilot must stay with the Enterprise. After learning of the existence of film taken off the Enterprise by Christopher’s wing cameras, Kirk and Sulu beam down to the airbase to recover the film and any other evidence of their visit.

After they return to the ship, Spock and Chief Engineer, Scott inform Kirk of a possible escape method by slingshotting around the Sun to break away and return to their time. Kirk okays the maneuver, and time on board, the Enterprise moves backward. The Enterprise then successfully returns to the 23rd century.

Compliance Takeaways:

  1. Sometimes unexpected developments can cause higher risk.
  2. What is your investigation protocol?
  3. How do you onboard new employees in your corporate culture?

 Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein for Tomorrow Is Yesterday
MissionLogPodcast.com-Tomorrow is Yesterday

Categories
Daily Compliance News

Daily Compliance News: June 20, 2023 – The End of CVs Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • How Huawei got caught spying and lost a $200MM contract. (Bloomberg)
  • Why JPMorgan settled. (WSJ)
  • Whistleblowing for personal revenge backfires. (WSJ)
  • AI-death of the CV? (FT)
Categories
Innovation in Compliance

Digital Commerce – Authentication and Access Management with Paul Trulove

 

In this rapidly evolving digital world, identity is at the heart of our personal and professional lives. On this week’s episode of Innovation In Compliance, Tom Fox and guest Paul Trulove, CEO of SecureAuth, explores the world of digital commerce, specifically delving into the realms of authentication and access management. Paul shares his insights on the evolution of the identity and access management space, the role of authentication in our daily lives, and the Zero Trust Initiative.

Paul Trulove is an expert in the identity and access management space, with an illustrious career spanning over 15 years. In his early career, he joined the startup SailPoint Technologies, where he helped the company evolve into a leading figure in identity governance and administration. Paul has seen and contributed to the changes within the industry up to this point where identity risk management has become a core element of our digital lives. Currently, as the CEO of SecureAuth, he oversees the company’s focus on authentication and access management.

You’ll hear Tom and Paul discuss:

  • Paul describes what authentication and access management entails and how it impacts our daily digital interactions.
  • SecureAuth is revolutionizing the authentication landscape, focusing on passwordless authentication and multi factor authentication to enhance security and reduce friction for end-users.
  • Continuous authentication is a new approach that significantly reduces the friction that a user experiences during authentication and offers varied authentication methods based on the level of risk.
  • Tom and Paul discuss the Zero Trust Initiative. This paradigm shift in security is based on the principle of trusting no one and verifying everyone, which has led to identity and access management becoming central to a zero-trust mindset.
  • Next generation authentication will lean heavily towards the principles of zero trust, passwordless authentication, and continuous authentication, Paul says. He predicts that the use of artificial intelligence and machine learning will greatly advance authentication processes, helping process more data in real time and make better decisions regarding access.
  • Paul suggests that authentication and access management has a large role in helping organizations comply with GDPR and other privacy requirements.
  • He views GDPR as a necessary step rather than a barrier to doing business in the EU, emphasizing that protecting consumer data is an essential cost of doing business.
  • Companies need to carefully consider their data collection, protection, and usage practices to maintain consumer trust and comply with regulations.

KEY QUOTES:

“Authentication and access management is a core discipline on how we let people get access to the things that they need access to in applications, data, repositories, platforms, infrastructure. Really you use authentication probably 10, 15, 20 times a day as you log into various systems… Everything that we do in our digital lives today is kind of bound by authentication. It is just a validation of who I am as a person and what I’m supposed to have access to on the back end.” – Paul Trulove

“Next generation authentication is going to continue to bind to that zero trust mindset of no longer implicitly trusting someone who says they are who they say they are. We’re going back to a model that says every single time you interact with a digital asset, I want to have a high level of assurance you are who you say you are.” – Paul Trulove

“But between now and 2030, people are going to have to plan ahead for what kinds of data they are collecting, how they’re collecting it, and ultimately how they’re protecting it and utilizing that. Otherwise they are going to run afoul of not just regulations, but maybe consumer trust. ” – Paul Trulove

Resources:

Paul Trulove on LinkedIn

SecureAuth

Categories
Data Driven Compliance

Data Driven Compliance: Igor Volovich – Compliance Therapy

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs.

Tom welcomes Igor Volovich, the Compliance Therapy doctor from Qmulos, to discuss how to bridge gaps between compliance, security, and risk management. Volovich emphasizes the need for education and evangelism to unlock the value that compliance could offer businesses. He introduces their compliance therapy branding and highlights the importance of evidence-based compliance management through automation to improve trustworthiness. As we move towards real-time risk governance, automation is key for continuous attestation. Compliance processes have been highly manual and outdated, but regulatory bodies recognize the importance of automation in managing risks.

In the podcast, Tom dives into the need for convergence in compliance and discussing risk in real-time and translating technical terms into risk frameworks. If you’re interested in the convergence of compliance, security, and risk, check out Qmulos’ published guide and resources on their website and social media profiles. Don’t miss out on the chance to learn from the experts and continue the conversation with Igor Volovich and Tom Fox. Listen today! 

Key Highlights

·      Introduction of Compliance Therapy Expert

·      Objective Compliance Management: From Opinion to Evidence

·      Importance of trust and governance in data

·      Revolutionizing Compliance Processes with Automation

·      Effective Risk Management for Businesses 

KEY QUOTES

“Most of the folks have these really weird misconceptions about what compliance is We need to reframe the mindset to rejoin the conjoined twins of compliance and security and risk and get them back together.”

“How do we evolve from this opinion-based compliance management, to objective evidence based compliance management. That’s the question that we asked. It’s more robust. It’s more trustworthy. it’s more real. Right? We’re moving from fiction to fact.”

“Within the sphere of influence that we actually do have, how much control can you exert? How much control can you demonstrate reliably, incredibly? To me, that’s the metric. How much can you prove about what you know? Is it belief or is it true? That’s the thing that we try to focus on.”

“The ultimate answer is, of course, automation, you can’t throw more people at the problem.”

Resources:

Igor Volovich on LinkedIn 

Qmulos

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Key Board Metrics for Compliance

What are metrics for a Board of Directors around compliance? Former Assistant Attorney General Leslie Caldwell laid out some that the Department of Justice (DOJ) would consider in a review of compliance programs. These metrics are:

  • Does the institution ensure that its directors and senior managers provide strong, explicit, and visible support for its corporate compliance policies?
  • Does the Board maintain a material role in overseeing a company’s overall compliance framework?

These requirements move beyond simply having the correct tone at the top, which every Board should articulate. The 2020 Update to the Evaluation of Corporate Compliance Programs added the following, under Oversight by posing the following questions: What compliance expertise has been available on the board of directors? Have the board of directors and/or external auditors held executive or private sessions with the compliance and control functions? What types of information has the board of directors and senior management examined in their exercise of oversight in the area in which the misconduct occurred?

Based on the foregoing, when determining the Board’s role, begin with two questions. First, does the Board of Directors exercise independent review of a company’s compliance program? Second, is the Board of Directors provided information sufficient to enable the exercise of independent judgment?

Three key takeaways:

  1. The DOJ expects active engagement by a Board around compliance.
  2. Does the Board exercise independent review of the compliance program?
  3. The convergence of the Yates Memo, Caldwell’s metrics, the Evaluation, and FCPA Corporate Enforcement Policy mandate Board metrics around compliance.

For more information, check out The Compliance Handbook, 4th edition, available here.

Categories
Innovation in Compliance

Building a Stronger Culture of Compliance Through Targeted and Effective Training: Part 2- The Value of Targeted Training

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 2, we consider the importance of targeted training Kevin McCoy.

In this episode, Tom sits down with Kevin McCoy, a customer success manager at Diligent, to talk about the importance of targeted training in compliance. They dive into the importance of engaging employees through microlearning and Diligent’s unique use of cartoon-animated videos to make the content accessible to different audiences. They also discuss the significance of translating the training into different languages and tailoring it to specific risk areas for different teams. The podcast emphasizes that training leadership and the board in compliance is crucial, and they touch on risk-based training for individuals with a significant impact on the company’s financials. This episode is a must-listen if you want to discover the best strategies for planning and analyzing training to achieve desired outcomes and where to find more information about Diligent training solutions. Join them for the next episode on training effectiveness and improving compliance today.

Key Highlights:

  • Targeted Training in Compliance & Ethics
  • Effective and Targeted Training Translation
  • Training and Leadership in High-Risk Industries
  • Effective Training Planning and Execution

Notable Quotes

“It’s very important then to have your content translated into different languages.”

“There’s a lot of progress has been made over the years with machine translation and also AI is getting very popular, but we still use human-based translators.”

“But within the board or within leadership within the company, he was almost untouchable. It was like he built up fear in the organization, and people were actually afraid to ask questions.”

“The really important thing is to have versatile different types of training.”

For more information, go to Diligent.com.

Join us in our next episode, where we define the effectiveness of compliance training.