Day: July 30, 2025

Categories
Daily Compliance News

Daily Compliance News: July 30, 2025, The Corruption Kill Business Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Bain & Co. leaves South Africa. (FT)
  • The Trump Administration guts the Antitrust Division. (WSJ)
  • Starbucks has a bad vibe. (BBC)
  • Meta is under investigation in Italy (again). (Reuters)

You can donate to flood relief for victims of the Kerr County flooding by going to the Hill Country Flood Relief here.

Categories
Great Women in Compliance

Great Women in Compliance – The Power of Vulnerability with Cricket Snyder

Lisa Fine speaks with Cricket Snyder, the first Chief Compliance Officer for the Jefferson County Commission in Birmingham, Alabama, a role that was mandated by a US Federal District Court decree.

Cricket shares her experiences in shifting the compliance culture in Jefferson County from one where she was initially viewed as an extension of the monitoring to one where she overcame employee skepticism and built trust, connecting with people throughout the county.

Cricket also emphasizes the importance of vulnerability, particularly in a new, challenging role. She also reminds us of the power of being open about what you don’t know and how doing so helped foster a more transparent and collaborative environment. She also received support from the broader compliance community.

Lisa and Cricket also discuss strategies to increase engagement. Cricket introduced “Compliance Week” to Jefferson County, transforming compliance education into engaging, themed events. These have increased trust in the function among all county employees, leading to a positive culture shift.

Categories
Blog

The Final Frontier of Compliance Training: Five Lessons from Star Trek’s “Is There in Truth No Beauty?”

Corporate compliance is not just about rules, regulations, and policy manuals. At its core, compliance is about people—their perceptions, blind spots, willingness to communicate, and, above all, their ability to learn from each other in the face of risk and ambiguity. No franchise has dramatized the struggles of understanding, ethics, and communication better than Star Trek: The Original Series (TOS). And no episode is more apt for compliance professionals seeking to elevate their training and communications program than the third season gem, “Is There in Truth No Beauty?”

Set aboard the USS Enterprise, the episode revolves around the arrival of Dr. Miranda Jones and the enigmatic Medusan ambassador, Kollos. The Medusans are a race of beings whose appearance is so alien that to gaze upon them causes madness. It’s a parable about the dangers and necessity of confronting the unknown, understanding difference, and building bridges across divides.

As compliance professionals, we can mine “Is There in Truth No Beauty?” for powerful lessons on how to build a culture of effective training and communications that prepares our teams for the uncharted territory of tomorrow’s risks. Today, we set our phasers to “inspire” and explore five key compliance training and communications lessons from this classic Trek tale.

1. Embrace the Limits of Human (and Organizational) Perception

Illustrated By: The crew’s first briefing about the Medusan ambassador is laden with warnings: “No one may look upon a Medusan with the naked eye.” To the Medusan, human forms are equally incomprehensible, but they have developed technology, a protective visor, that allows safe interaction. Dr. Miranda Jones, specially trained and equipped, serves as a living bridge between the two species.

Compliance Lesson. Every organization has its own “Medusans” risks, regulations, and even people whose perspectives are so different they can seem incomprehensible. Too often, compliance training assumes everyone shares the same baseline understanding and comfort level. That is a dangerous assumption.

Your training must recognize the limits of perception, both cognitive and cultural. Not everyone will see risk the same way; not everyone will feel empowered to ask questions or speak up. Just as Dr. Jones brings specialized knowledge and equipment to the table, your compliance communications should equip employees with tools to recognize their blind spots and to bridge those gaps. This can mean scenario-based learning, peer-led discussions, or visual tools that help explain complex risks from multiple perspectives.

What should you do now? Acknowledge and proactively address the limits of human perception. Empower your team with adaptive tools and diverse viewpoints to “see” risk.

2. Communicate Expectations—Don’t Assume Understanding

Illustrated By: Early in the episode, Captain Kirk assembles his crew for a detailed briefing. He explicitly warns, “You must not look upon the Medusan ambassador.” Spock and Dr. Jones reinforce the message, and the procedures for safe interaction are laid out.

Compliance Lesson. How many compliance failures begin with, “Well, I thought I understood what was required…”? In Star Trek, lives depend on explicit, repeated communication of expectations. In your organization, regulatory and reputational survival depends on it as well.

Effective compliance training requires more than a one-time email or a paragraph in the handbook. Clear, repeated, scenario-based communication is essential. Explain the “why” as well as the “what.” Don’t just say “do not do X,” but explain the risk, the rationale, and the real-world consequences. Use multiple formats, including live, digital, visual, and narrative, to reinforce the message.

What should you do now? Never assume understanding. Communicate expectations explicitly and often, and use stories, scenarios, and repetition to anchor key messages.

3. Build Trust and Psychological Safety Before the Crisis

Illustrated By: The relationship between Dr. Jones and the crew is initially fraught. She is a telepath, guarded and secretive. Her sense of isolation is palpable. Yet as the episode progresses, Kirk and Spock earn her trust by inviting her into their confidence and acknowledging her unique expertise. This trust proves critical when disaster strikes.

Compliance Lesson. Effective communication is built on trust and psychological safety. If employees feel isolated, mistrusted, or afraid to speak up, no amount of “mandatory training” will make your compliance program effective. The Medusan can only safely interact through a trusted intermediary—just as employees will only engage with compliance if they feel respected and included.

Foster a compliance culture where people feel safe to voice concerns, ask questions, and share mistakes without fear of retaliation. Encourage managers to model vulnerability and openness. Use anonymous Q&A, “ask me anything” sessions, and real stories to build an environment of trust.

What should you do now? Trust is the engine of communication. Build psychological safety into your compliance training so that employees feel empowered to participate, especially when the stakes are high.

4. Prepare for the Unexpected—And Practice the Protocols

Illustrated By: When Kollos’s container is accidentally opened, crew member Larry Marvick is exposed to the Medusan and descends into madness, nearly destroying the Enterprise. The emergency procedures are put to the test, and Spock’s preparation (and his use of the protective visor) is the difference between disaster and survival.

Compliance Lesson. Crises never unfold according to plan, but they reveal the effectiveness of your training and protocols. Star Trek demonstrates that it’s not enough to have a policy in the binder; you must train, rehearse, and test those protocols until they are second nature.

Use tabletop exercises, drills, and “what if” scenarios in your compliance training. Walk teams through incident response steps—Debrief after near-misses or actual compliance failures. Emphasize not just the letter of the protocol, but the spirit, why each step matters, and how it protects the organization and its people.

What should you do now? Prepare, practice, and stress-test your compliance protocols. When the unthinkable happens, your team must be ready to act, not just recite policy, but live it.

5. Embrace Diversity—and the Value of the Outsider’s View

Illustrated By: The Medusan, Kollos, is physically incomprehensible to humans, yet he is also a being of great intelligence and empathy. Spock, uniquely Vulcan and human, can serve as a bridge—merging with Kollos to save the ship. In the process, both gain insight from the other’s perspective.

Compliance Lesson:

Homogeneity is a hidden compliance risk. Diverse teams bring broader perspectives, challenge assumptions, and spot blind spots that a monoculture would miss. In Star Trek, survival depends on learning from the outsider; in compliance, innovation, and vigilance depend on the same principle.

Include voices from across your organization and beyond in your compliance training and communications. Seek out the “outsiders” who can question the status quo. Value the contributions of people from different backgrounds, departments, and experiences. Remember: your “Medusan” might hold the key to your next compliance breakthrough.

What should you do now? Diversity is your compliance superpower. Embrace the outsider’s perspective and make inclusion a pillar of your training and communications.

Final ComplianceLog Reflections

Is There in Truth No Beauty?” is a meditation on the limits of perception, the power of communication, and the necessity of embracing difference. For compliance professionals, it offers a road map for building training and communications programs that are clear, inclusive, practical, and resilient.

As you chart the course for your compliance initiatives, ask yourself:

  • Are we equipping our people to see risk from every angle?
  • Do we communicate expectations, repeatedly, and meaningfully?
  • Is trust the foundation of our compliance culture?
  • Are we truly ready for the unexpected?
  • Are we harnessing the power of diverse perspectives?

The universe of compliance is ever-expanding. Let’s train and communicate so our teams are ready to boldly go where no one has gone before.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Compliance Tip of the Day

Compliance Tip of the Day – AI and 3rd Party Risk Management

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we consider how you can bring predictive analytics into your program to make it proactive rather than reactive.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 59 – Unmasking Compliance Blind Spots: Training and Communication Lessons from ‘Is There in Truth No Beauty?’

No TOS episode is more apt for compliance professionals seeking to elevate their training and communications program than the third season gem, “Is There in Truth No Beauty?”

As compliance professionals, we can mine “Is There in Truth No Beauty?” for powerful lessons on how to build a culture of effective training and communications that prepares our teams for the uncharted territory of tomorrow’s risks. Today, we set our phasers to “inspire” and explore five key compliance training and communications lessons from this classic Trek tale.

1. Embrace the Limits of Human Perception

Illustrated By: The crew’s first briefing about the Medusan ambassador is laden with warnings: “No one may look upon a Medusan with the naked eye.”

Compliance Lesson. Every organization has its own “Medusans” risks, regulations, and even people whose perspectives are so different they can seem incomprehensible. Too often, compliance training assumes everyone shares the same baseline understanding and comfort level. That is a dangerous assumption.

2. Communicate Expectations—Don’t Assume Understanding

Illustrated By: Early in the episode, Captain Kirk assembles his crew for a detailed briefing. Spock and Dr. Jones reinforce the message, and the procedures for safe interaction are laid out.

Compliance Lesson. How many compliance failures begin with, “Well, I thought I understood what was required…”? In Star Trek, lives depend on explicit, repeated communication of expectations. In your organization, regulatory and reputational survival depends on it as well.

3. Build Trust and Psychological Safety Before the Crisis

Illustrated By: The relationship between Dr. Jones and the crew is initially fraught. She is a telepath, guarded and secretive. Her sense of isolation is palpable. Yet as the episode progresses, Kirk and Spock earn her trust by inviting her into their confidence and acknowledging her unique expertise. This trust proves critical when disaster strikes.

Compliance Lesson. Effective communication is built on trust and psychological safety. If employees feel isolated, mistrusted, or afraid to speak up, no amount of “mandatory training” will make your compliance program effective.

4. Prepare for the Unexpected—And Practice the Protocols

Illustrated By: When Kollos’s container is accidentally opened, crew member Larry Marvick is exposed to the Medusan and descends into madness, nearly destroying the Enterprise.

Compliance Lesson. Crises never unfold according to plan, but they reveal the effectiveness of your training and protocols. Star Trek demonstrates that it’s not enough to have a policy in the binder; you must train, rehearse, and test those protocols until they are second nature.

5. Embrace Diversity—and the Value of the Outsider’s View

Illustrated By: The Medusan, Kollos, is physically incomprehensible to humans, yet he is also a being of great intelligence and empathy.

Compliance Lesson:

Homogeneity is a hidden compliance risk. Diverse teams bring broader perspectives, challenge assumptions, and spot blind spots that a monoculture would miss. In Star Trek, survival depends on learning from the outsider; in compliance, innovation, and vigilance depend on the same principle.

Final ComplianceLog Reflections

Is There in Truth No Beauty?” is a meditation on the limits of perception, the power of communication, and the necessity of embracing difference. For compliance professionals, it offers a road map for building training and communications programs that are clear, inclusive, practical, and resilient.

The universe of compliance is ever-expanding. Let’s train and communicate so our teams are ready to boldly go where no one has gone before.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Blog

Right-Sizing Your Fraud Defense: Building Proportionate Prevention Procedures

We continue our deep dive into the Economic Crime and Corporate Transparency Act 2023, which has elevated the expectations for senior leadership and boards across large organizations. Fortunately, the UK government has put out a document entitled “Economic Crime and Corporate Transparency Act 2023: Guidance to organisations on the offence of failure to prevent fraud.” (The Guidance). Section 3.3 of the official guidance, titled “Proportionate risk-based fraud prevention procedures,” should be required reading for every compliance professional seeking to build a credible, defensible, and sustainable anti-fraud culture.

Central to this preparation is the concept of proportionate, risk-based fraud prevention procedures. The keyword here is “proportionate,” that is, the measures your organization takes should directly correspond to the level and types of fraud risks identified. These procedures must be clear, practical, accessible, effectively implemented, and robustly enforced. Today, we take a deep dive into what a top-level commitment is.

Understanding Proportionality

The cornerstone of effective fraud prevention lies in creating procedures proportionate to the identified risks. Simply put, the greater the potential risk and impact of fraud, the more stringent and comprehensive your procedures must be. Conversely, lower-risk scenarios justify lighter-touch measures. It is imperative that your organization documents decisions around fraud prevention measures, especially when opting not to implement specific controls due to limited risk. Such documentation must include the rationale, the authorizing individual’s identity and role, and regular review cycles.

Leveraging Existing Controls and Procedures

Organizations subject to a variety of regulatory requirements, from financial reporting to environmental and health and safety, often already have robust compliance measures. It is prudent to evaluate whether these existing controls sufficiently address fraud risks highlighted in your fraud risk assessment. However, relying solely on regulatory compliance to satisfy the FTPF offense requirements is not sufficient. Organizations must actively validate and, if necessary, augment these controls to target fraud prevention specifically.

Proactive Reduction of Fraud Opportunities

Fraud prevention procedures should aim primarily at minimizing opportunities for fraud. This can include thorough pre-employment vetting, ongoing background checks for high-risk roles, and consistent anti-fraud training. Regularly evaluate the effectiveness of such training through monitoring and feedback loops. Systematically assessing emerging risks, conducting fraud impact assessments for new services or business partners, and ensuring robust fraud management throughout the P2P procurement cycle (in addition to the QuoteToCash cycle) are also critical steps.

Moreover, consider best practices such as segregation of duties, stringent account reconciliations, suitable approval arrangements, rigorous conflict-of-interest policies, and robust data security measures to minimize potential opportunities for fraud.

Addressing Motivations and Rationalizations

Understanding and managing the human elements of motive and rationalization behind fraudulent actions are crucial. Motive can often stem from incentive structures such as aggressive bonus schemes or time-sensitive pressures encouraging shortcuts. Evaluate and adjust these incentives to discourage fraudulent behaviors.

Rationalization, the mental justification individuals employ to legitimize unethical behavior, can erode even the most robust control environments. Combat this through proactive ethics training, reinforcing the adverse impacts of fraud on both the organization and broader society, and embedding strong ethical reminders within performance evaluations.

Establishing Clear Consequences

Effective fraud prevention strategies must communicate the internal disciplinary procedures for fraud. Organizations should transparently share the outcomes of fraud investigations with employees and other associated parties, reinforcing a zero-tolerance stance. Visible and consistent consequences serve as powerful deterrents, underpinning organizational integrity and commitment to ethical practices.

Preparing for Emergency Scenarios

Crises and emergency scenarios inherently elevate fraud risks. Whether facing economic downturns, natural disasters, or other unforeseen events, your organization must proactively embed emergency scenario planning within your fraud prevention strategy. Prepare detailed contingency measures and ensure rapid transition back to normal operational controls post-crisis, meticulously documenting all measures implemented and actions taken.

Ongoing Monitoring and Continuous Improvement

Your fraud prevention strategy should never be static—ongoing monitoring and validation of your prevention measures through independent internal reviews or external audits. Using external resources such as the Fraud Advisory Panel, Cifas, or specific industry insights can enrich your approach and ensure comprehensive risk coverage. Publicly available cases of fraud prosecutions or Deferred Prosecution Agreements (DPAs) can further inform and improve your prevention strategies.

Five Key Lessons Learned for Compliance Professionals:

  1. Proportionality is Essential: Always tailor your fraud prevention procedures directly to the level of identified risk. Document any decisions about reduced measures clearly and comprehensively.
  2. Do Not Rely Solely on Existing Compliance Mechanisms: Existing regulatory compliance processes may help prevent fraud, but are not automatically sufficient to meet FTPF obligations. Active validation and enhancement are necessary.
  3. Proactive Risk Mitigation is Crucial: Take active steps to mitigate fraud opportunities through regular vetting, comprehensive training, and robust management of procurement processes and sensitive information.
  4. Understand and Address the Human Element: Reduce motivations and rationalizations by managing incentives, fostering a strong ethical culture, and ensuring transparent and communicated consequences for fraudulent actions.
  5. Prepare and Continuously Test Emergency Measures: Integrate emergency scenarios into your fraud prevention plans and consistently test these strategies through independent assessments, ensuring your organization remains prepared and resilient.

As we approach the FTPF offense’s implementation, compliance professionals must reinforce their strategic roles, embedding robust, proportionate fraud prevention measures. This comprehensive approach not only safeguards organisations from fraud but also positions compliance as a proactive, essential pillar of organizational integrity and resilience. By continuously reviewing, refining, and reinforcing these measures, compliance teams will effectively mitigate potential fraud risks, uphold organizational values, and maintain stakeholder trust. Proportionate fraud prevention is not merely regulatory compliance; rather, it is a strategic imperative vital to your organization’s long-term success and sustainability.

Join us tomorrow as we consider due diligence, training, ongoing monitoring, and continuous improvement.