Day: June 12, 2025

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending June 12, 2025

Welcome to 10 For 10, the podcast which brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

You can purchase a copy of my new book, Upping Your Game, on Amazon.com

Categories
FCPA Compliance Report

#Risk New York Speaker Series – Exploring the Future of GRC with Michael Rasmussen

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration.

At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy and combating misinformation. All while meeting with the country’s top #Risk management professionals.

In this episode, Tom Fox welcomes Michael Rasmussen, a renowned expert in Governance, Risk Management, and Compliance (GRC), often referred to as the ‘father of GRC.’ Michael shares insights into his contributions to the field, including his work with the SEG GRC Capability Model. The conversation highlights Michael’s anticipated presentation on ‘The Future of GRC’ at the upcoming risk conference in New York City. Drawing inspiration from Star Trek (TOS, and how can you not love that?), Michael emphasizes the importance of managing business risks effectively. The discussion also touches on the benefits of face-to-face interactions and networking opportunities at such conferences.

Resources:

#Risk Conference Series

#RiskNYC—Tickets and Information

Michael Rasmussen on LinkedIn

Categories
Everything Compliance

Everything Compliance: Episode 155, To Tesla and Beyond Edition

Welcome to this edition of the award-winning Everything Compliance. In this episode, we have the quartet of Matt Kelly, Jonathan Marks, Jonathan Armstrong, and special guest panelist Hemma Lomax, all hosted by Tom Fox, the Compliance Evangelist.

  1. Hemma Lomax examines the customers of a compliance program and introduces us to the terms EX and CX. She shouts out to AI for podcasters.
  2. Matt Kelly delves into Google’s compliance spending announcement and asks why the company does not have a Chief Compliance Officer. He both shouts out and rants about Marjorie Taylor Greene and her reading list.
  3. Jonathan Marks gives us a primer on corporate governance. He shouts out the quiet compliance professionals who do the day-to-day spadework of compliance.
  4. Jonathan Armstrong takes a deep dive into the finances of Tesla and its profitability. He shouts out to Operation Spider’s Web.
  5. Tom Fox highlights Wells Fargo’s compliance remediation, the Fed’s asset cap placed on Wells Fargo, and its subsequent removal.

The members of Everything Compliance are:

Tom Fox, the Voice of Compliance, is the host, producer, and sometimes panelist of Everything Compliance. He can be reached at tfox@tfoxlaw.com. The award-winning Everything Compliance is part of the Compliance Podcast Network.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Code of Conduct as an Internal Control

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How does your Code of Conduct act as an internal control?

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Daily Compliance News

Daily Compliance News: June 12, 2025, The Brutal Truth Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, and general interest, all of which are relevant to the compliance professional.

Top stories include:

  • 4 questions to ask employees. (WSJ)
  • The Brutal Truth About Layoffs in 2025. (FT )
  • The CITGO auction date has been extended (yet again). (Reuters)
  • Rubio is pressing the DOJ to investigate Harvard. (NYT)
Categories
Blog

Wells Fargo, Risk Management and Reputational Recovery – Part 1: The Penalty

On June 3, 2025, the Federal Reserve lifted its unprecedented $2 trillion asset cap on Wells Fargo, marking the symbolic end to one of the most consequential compliance enforcement actions in modern U.S. banking history. For the compliance and risk management community, this moment is not a victory lap—it is a case study of how compliance failures cascade, reputational risk becomes operationally tangible, and regulatory patience has its limits.

Over the next two blog posts, I want to explore what happened, why it mattered, and what lessons every compliance professional should carry forward. These blog posts are based on two primary articles. The First Wells Fargo Is Allowed to Grow Again After 7 Years Under Asset-Cap Penalty, by Gina Heeb in the Wall Street Journal. The second is “Wells Fargo Asset Cap Lifted by Fed, Paving Way for Growth” by Yizhu Wang in Bloomberg. The final is an op-ed piece in Bloomberg, entitled “Wells Fargo’s Asset Cap Has Been a Good Punishment,” by Paul Davies.

The Scandal That Shook the System

The Wells Fargo saga began with a simple, albeit stunning, revelation: employees had opened millions of unauthorized deposit and credit card accounts to meet aggressive internal sales goals. Between 2009 and 2016, over 3.5 million accounts were opened without the customer’s consent. Many of these accounts generated fees, tarnishing customer relationships and shaking public trust in one of the most storied names in American banking.

As the crisis deepened, it was not just a case of bad apples. It was a system-wide failure of controls, risk oversight, and a corporate culture that incentivized misconduct. The sales quotas that fueled the behavior were directly tied to compensation and job security, creating a high-pressure environment where fraud became a means of survival.

Regulators acted swiftly. In 2016, Wells Fargo was fined $185 million. In 2018, the Federal Reserve took the rare and dramatic step of capping the bank’s total assets at approximately $2 trillion, essentially freezing its ability to grow until it could demonstrate a wholesale overhaul of its risk management and governance practices.

The Asset Cap: Punishment with Purpose

We need to be clear: this was not just a penalty. It was a structural constraint that directly impacted Wells Fargo’s ability to operate and compete in its core business. The $2 trillion asset cap imposed by the Federal Reserve in 2018 did not simply send a signal; it built a wall. It limited Wells Fargo’s ability to grow its balance sheet, take on new deposits, issue new loans, and expand into revenue-generating business lines, such as investment banking, trading, and wealth management. Unlike traditional enforcement actions, which often result in fines or deferred prosecution agreements, the asset cap attacked the bank’s future potential, not just its past misdeeds.

In short, it was a period of growth stagnation. For a publicly traded institution that relies on growth to attract investors, increase shareholder value, and maintain market position, such a freeze is devastating.

The restriction forced the bank into a defensive crouch. Instead of competing for market share or innovating with new financial products, Wells Fargo was compelled to pour resources into compliance remediation and cultural rehabilitation. According to public filings and internal estimates, the bank spent more than $2.5 billion above its 2018 baseline to maintain the risk, control, and compliance infrastructure needed to satisfy dozens of consent orders. This included the hiring of more than 10,000 employees dedicated to risk and regulatory functions—a remarkable mobilization of resources that most firms would struggle to afford.

As Davies aptly observed, “The asset cap has become a feared punishment for banks in the U.S.; they will want to avoid it at all costs.” And banks should. Because it not only restricts current operations, it sends a clear signal to markets, analysts, and regulators: this institution is not yet trusted to grow.

However, here’s the twist: in the case of Wells Fargo, it did work.

The asset cap’s forced pause compelled the bank to undertake a comprehensive review of its governance and culture. Under the leadership of CEO Charlie Scharf, who joined BNY Mellon in 2019 and previously held senior roles at Visa and JPMorgan, Wells Fargo began the arduous but necessary work of rebuilding. Scharf wasted no time restructuring the risk and compliance functions, streamlining reporting lines, and replacing much of the leadership team that had presided over the bank’s previous failures. Perhaps most importantly, he made compliance the focal point of executive decision-making, beginning every operating committee meeting with a thorough review of regulatory progress.

In effect, the asset cap did not simply punish Wells Fargo; it saved the bank from itself. It forced the kind of systemic, sustainable change that no fine or press release could have achieved. Wells Fargo emerged leaner, more disciplined, and more compliant. In many ways, it became a model for what the Federal Reserve, the Department of Justice (DOJ), and numerous other regulatory agencies now expect. Not simply accountability but a demonstrable and lasting commitment to cultural transformation.

This is remediation before reward. It is tone at the top in action. And for compliance professionals everywhere, it is proof that when structural enforcement is coupled with leadership willing to change, reform is not only possible but, as Theranos might say, “inevitable.”

Why It Worked: Enforcement as a Governance Driver

For corporate compliance professionals, Wells Fargo is more than a cautionary tale. It is proof that regulatory enforcement, when aligned with structural consequences, can drive actual change. The asset cap was not a mere symbolic gesture. It constrained Wells Fargo’s operations at its core, limiting everything from loan issuance to deposit intake to investment banking expansion.

Even more significantly, it reshaped how the bank’s board and senior executives prioritized compliance. For years, every operating committee meeting began with updates on regulatory matters. This became the bank’s daily bread.

The message is clear: when enforcement bites into business, executives listen.

Join us tomorrow as we delve into Part 2, where we examine lessons learned for the compliance professional.

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 11 – Compliance Lessons from Menagerie, Part 1

In this episode of Trekking Through Compliance, we consider the episode The Menagerie (Part One), which aired on November 17, 1966, Star Date 3012.4.

Story Synopsis

This was the original pilot episode presented to NBC. Set in 2267, the Enterprise arrives at Starbase 11 in response to a subspace call Spock reported receiving from the former captain of the Enterprise, Christopher Pike, under whom Spock had served. Pike cannot move or communicate except by answering yes/no questions with a device operated by his brainwaves. Pike refuses to communicate with anyone except Spock.

Spock, meanwhile, commandeers the Enterprise using falsified recordings of Kirk’s voice and orders the ship to depart under the computer’s control. After several hours, upon learning from the computer that the shuttlecraft does not have enough fuel to return to the starbase, Spock brings them aboard and then surrenders, confessing to mutiny. Mendez convenes a hearing, at which Spock requests an immediate court-martial, which requires the presence of three command officers. The tribunal begins, and Spock offers as his testimony what seems to be video footage of the Enterprise’s earlier visit to Talos IV in 2254.

In 2267, the scene is interrupted by a message from Starfleet Command, which reveals that the images they have been viewing are transmitted from Talos IV. Mendez is placed in command of the Enterprise, but Spock begs Kirk to see the rest of the transmission.

Key highlights:

1. Ethical Mutiny—When Following the Rules Would Break the Mission

🖖 Illustrated by: Spock falsifying orders and commandeering the Enterprise to take Pike to Talos IV. Spock’s act is textbook mutiny—yet deeply principled. He disobeys protocol to serve the well-being of a former captain who can no longer speak for himself. This parallels real-world dilemmas in which compliance officers must advocate for doing the right thing, even when it contradicts rigid procedures.

2. Whistleblowing with Intent—The Value of Transparent Testimony

🖖 Illustrated by: Spock turning himself in and requesting a formal court-martial to reveal the truth. Rather than flee or hide his actions, Spock insists on full transparency, even when the consequences may include imprisonment or execution. Compliance professionals must champion this level of courageous transparency, especially in internal reporting environments.

3. Disability Rights and Inclusion—The Silent Voice Must Still Be Heard

🖖 Illustrated by: Captain Pike communicating only via a blinking light system—yes or no responses. Despite his physical limitations, Pike’s agency and dignity are respected—especially by Spock. Compliance officers should consider how their programs support employees with disabilities, from accessible reporting channels to inclusive policy design.

4. Data Privacy and Consent—Who Has the Right to Reveal Personal History?

🖖 Illustrated by: Spock transmitting footage of Pike’s original mission to Talos IV as part of his defense. The court is shown deeply personal footage without Pike’s verbal consent. Companies must walk a fine line between disclosure and discretion, particularly when reputations or protected personal information are involved.

5. Navigating Conflicts Between Law and Ethics—The Role of Judgment in Compliance

🖖 Illustrated by: Spock knowingly violating Starfleet’s highest general order to save Pike from a life of suffering. Talos IV is strictly off-limits. Spock knows this. Yet he also knows that Talos IV is the only place where Pike can live in peace and happiness. The best compliance leaders prepare teams to apply judgment, not just rules, when navigating moral gray zones.

Final Starlog Reflections

“The Menagerie, Part 1” is one of the most powerful episodes in Star Trek canon, not for its action, but for its ethical implications. It reminds us that sometimes the greatest compliance hero is not the one who follows every rule but the one who understands when rules must bend to protect justice, human dignity, and long-term integrity.

Compliance is not about obedience; it’s about stewardship. Spock may have committed mutiny, but he also modeled moral courage, transparent reporting, and respect for the voiceless. And in that, he speaks volumes to us all.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Hill Country Authors

Hill Country Authors Podcast – Unveiling Camptown: Charles Swenson’s Journey Through Forgotten Texas History

Welcome to a new season of the award-winning Hill Country Authors Podcast, sponsored by Stoney Creek Publishing. In this podcast, Hill Country resident Tom Fox visits with authors who live in and writes up the Texas Hill Country. In this episode, Tom Fox visits Charles Swenson, a passionate historian and author of Voices of Camptown.’

Swenson delves into the rich history of Camptown, a freedmen’s colony established in Brenham, Texas, following the Civil War. He explains his involvement in uncovering this lost community’s legacy, spurred by the discovery of the overgrown Camptown Cemetery. Swenson shares insights into the lives of the African American families who once resided there, their struggles during Reconstruction, and their achievements despite the adversities of Jim Crow. He also emphasizes the crucial role of education and the significant contributions of military veterans to these communities. Swenson’s research methods and collaboration with the Brenham Heritage Museum, along with local individuals like Eddie Harrison, highlight a neglected chapter of Texas history that he is dedicated to preserving. The episode closes with information on how listeners can learn more about Swenson’s work and his upcoming book.

Key highlights:

  • Discovering Camptown: A Historical Overview
  • Uncovering Camptown Cemetery
  • Research and Stories from the Past
  • The Importance of Historical Designation
  • Educational and Community Impact
  • Writing Process and Publication Journey

Resources:

Charles Swenson’s on Stoney Creek Publishing

Voices of Camptown on Texas A&M University Press

Stoney Creek Publishing Website

Podcast Cover Art

Nancy Huffman Fine Art

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The Menagerie, Part 1 – Rules, Mutiny, and the Ethics of Exceptional Compliance

Show Summary

In this episode of Trekking Through Compliance, we beam down into one of the most compelling courtroom dramas in Star Trek canon—The Menagerie, Part 1. This two-part saga is not just a creative reuse of Star Trek’s unaired original pilot (The Cage) but a deep dive into the themes of loyalty, risk, duty, and the tension between rigid compliance and ethical decision-making. When Mr. Spock commandeers the Enterprise in direct violation of Starfleet orders, fabricates communications, and defies his captain, all to bring his former commander, the incapacitated Christopher Pike, to the forbidden planet Talos IV, it sets up one of the most dramatic ethical showdowns in Starfleet history.

In today’s blog post, we examine how this episode provides rich material for compliance professionals, particularly those navigating the delicate balance between adhering to policy and upholding higher principles. We break down five core compliance lessons and link each one to specific incidents in the episode that bring those lessons to life. Along the way, we will also consider how compliance leaders can apply these lessons to build more ethical, resilient, and human-centered organizations.

1. Ethical Mutiny: When Breaking the Rules Is the Right Thing to Do

Illustrated by Spock, hijacks the Enterprise by falsifying voice commands from Captain Kirk, overrides ship controls, and charts a course to Talos IV, a planet placed under the most severe travel prohibition in Starfleet history.

This opening act is one of the most jarring in the history of Star Trek. Spock, the emblem of logic and duty, commits mutiny. And he does not hide it. After allowing Kirk and Commodore Mendez to catch up to the Enterprise, he turns himself in and demands a court-martial.

Compliance Lesson:

Doing the right thing for an individual or stakeholder may technically violate internal policy or even law. While compliance is generally rooted in the enforcement of established rules, the ethical dimension of compliance leadership sometimes calls for courage, the kind Spock displays.

For example, think of the whistleblower who exposes illegal conduct despite violating a non-disclosure agreement. Or the compliance officer who bypasses a sluggish internal protocol to alert regulators of an imminent safety risk. These are modern-day echoes of Spock’s actions.

What matters most in these scenarios is intent, proportionality, and documentation. If you break protocol to serve a higher ethical obligation, make your reasoning transparent, and be prepared to accept scrutiny. Spock did just that, and compliance professionals can learn from his model.

2. Informed Consent and the Rights of the Vulnerable

Illustrated by Captain Pike, now confined to a life-support chair following a catastrophic accident, is capable of communicating only through blinking lights, one blink for “yes,” two for “no.” Despite this profound disability, Spock makes decisions on his behalf, presumably with his blessing, to bring him to Talos IV.

Compliance Lesson:

One of the most overlooked yet essential aspects of modern compliance is ensuring that all individuals, regardless of their ability or role, are given the opportunity to provide informed consent. Too often, we see vulnerable populations—such as individuals with disabilities, language barriers, or economic dependence—marginalized in decision-making processes.

In Spock’s case, we are left to infer that Pike approved of the plan. However, the lack of transparency and documented consent raises important questions. In corporate settings, this would be akin to assuming a disabled or junior employee is on board with a high-risk strategy without fully briefing them or securing a formal agreement.

The key takeaway for compliance professionals is to consistently seek and document informed consent, particularly when an individual’s ability to communicate or resist is compromised. It’s not just about legal risk—it’s about human dignity.

3. Due Process and Transparency in Internal Investigations

Illustrated by Spock’s court-martial, it begins aboard the Enterprise, with Commodore Mendez presiding. Instead of denying the charges, Spock cooperates fully and presents a surprising defense—video footage from a previous classified mission to Talos IV.

Compliance Lesson:

Investigations must be conducted fairly, transparently, and supported by evidence. What makes this incident so interesting is that Spock does not simply confess; he insists on a formal process to air the whole truth. He respects Starfleet’s legal structure and uses it not to avoid punishment but to contextualize his actions.

This approach mirrors what strong compliance programs should look like: not about covering up or avoiding accountability, but about utilizing internal mechanisms, such as hearings, audits, and investigations, to surface the truth, not suppress it. Always remember that compliance is the guardian of institutional justice and institutional fairness.

Moreover, it emphasizes the importance of allowing investigations to run their course. By submitting himself to judgment, Spock reinforces trust in the system, even as he challenges its rigidity. Competent compliance officers will recognize that transparency and integrity go hand in hand—even during a breach.

4. Data Use, Privacy, and Chain of Custody

Illustrated by: The footage Spock presents to the court-martial board is revealed to be an unauthorized transmission from Talos IV, one of the most tightly controlled sources of information in the galaxy. The footage itself is emotionally charged and deeply personal and raises questions about how it was obtained and used.

Compliance Lesson:

This is a prime example of modern data privacy risks. In today’s world, this would be akin to accessing and sharing confidential patient or employee data without formal approval, even if done with good intent. For compliance professionals, the lesson is clear: the ethical use of data requires a secure chain of custody, limited access, and an articulated purpose. Even benevolent motives, such as restoring dignity to a suffering colleague, do not justify breaching established data protections. If the situation is exceptional, escalation to legal or ethics committees is essential.

5. Leadership Accountability and Ethical Stewardship

Illustrated by Kirk being blindsided by Spock’s actions and struggling with the realization that someone he trusts deeply has broken the chain of command. Yet, Kirk doesn’t retaliate in anger. He allows the investigation to proceed, listens to the evidence, and reflects carefully before responding.

Compliance Lesson:

This is a case study in mature leadership. Compliance leaders are often put in the uncomfortable position of adjudicating actions by trusted colleagues. Emotional responses, especially when loyalty is called into question, can cloud judgment. Kirk’s restraint is a model for those faced with internal breaches by high performers or close allies. Accountability does not mean vengeance; it means ensuring the rules apply equally and fairly, even when your friends are involved. Ethical stewardship encompasses empathy, as well as clarity and responsibility.

Final ComplianceLog Reflections

The Menagerie, Part 1 is not just a legal drama in space; rather, it is a parable about leading with principle in the face of policy. Spock’s decision to violate orders in service of a higher ethical goal challenges us to ask, “What do we do when the rules are wrong?” When does policy block compassion? When does protocol punish empathy? Compliance professionals are uniquely positioned at this crossroads every day. And while very few of us will hijack a starship in the name of justice, we will all face situations that test whether we are rule followers or ethical leaders. Let Spock’s courage and Kirk’s humility remind us that compliance is not about blind enforcement. It is about ethical discernment, moral courage, and doing right by people, even when it means breaking the mold.