Day: August 12, 2025

Categories
AI Today in 5

AI Today in 5: August 12, 2025, The Creating Billionaires Episode

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider five stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

For more information on the use of AI in compliance programs, see Tom Fox’s new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
Word of the Week

Word of the Week with Kenneth O’Neal – The Importance of Balance in Life: Insights and Practices

Each week, Kenneth O’Neal discusses a word that describes a principle or value of the Qualities of Success. We suggest you use the Word of the Week in your thoughts, deeds, and actions. You may currently possess the qualities and desire to develop them to a higher level. You could replace a bad habit with a good habit. Write an action step and use it daily to produce the quality in your life. In this episode, Kenneth discusses the word – Balance.

Kenneth discusses the significance of balance across various aspects of life, including physical, mental, emotional, spiritual, and relational stability. He introduces the word ‘balance’ as the word of the week and delves into its Latin origins and practical applications. Key points include aligning priorities, time, and energy with purpose and values, avoiding burnout, protecting relationships, and promoting clarity and resilience. He also highlights historical examples, notably President Eisenhower’s approach to time management and balance. The episode ends with advice on intentional living and the assessment of personal balance through seven key areas of life.

Key highlights:

  • Word of the Week: Balance
  • The Importance of Balance
  • Historical Example: President Eisenhower
  • Creating Balance in Your Life

Resources

KRONEAL Consulting

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Extending Compliance Value Across Your Organization

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we consider how the value added of a compliance program improves overall business ROI.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Daily Compliance News

Daily Compliance News: August 12, 2025, The ABC Angle Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Dems should lead the fight against corruption. (Foreign Affairs)
  • The bribe-based bill remains the law in Ohio. (Cleveland.com)
  • 21 ways to use AI at work. (NYT)
  • CZ pushes for a pardon. (NYT)

You can donate to flood relief for victims of the Kerr County flooding by going to the Hill Country Flood Relief here.

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 72 – From Zetar to the C-Suite: Why Expertise Matters in Internal Investigations

In the corporate compliance world, an internal investigation is often the moment of truth. Whether triggered by a whistleblower complaint, a regulatory inquiry, or a suspicious transaction, the investigation’s quality can determine whether the organization resolves the matter cleanly or faces prolonged legal, financial, and reputational damage.

Star Trek: The Original Series’ “The Lights of Zetar” offers a surprisingly apt allegory for why skilled professionals must handle these investigations. The crew must conduct what is, in effect, a complex and high-stakes investigation. Their approach yields five lessons that every compliance professional should apply when running an internal investigation.

Lesson 1: Preserve and Protect Critical Evidence Immediately

Illustrated By. When the lights first strike, the Enterprise experiences sudden and unexplained system failures. The crew immediately records sensor data, secures operational logs, and isolates the damage.

Compliance Lesson. Without swift action, crucial evidence can be lost, whether through routine data overwrites, deliberate destruction, or simple mishandling.

Lesson 2: Bring in the Right Expertise Early

Illustrated By: Once Mira Romaine exhibits strange symptoms, Dr. McCoy, Spock, and Scotty each contribute their specialized knowledge, medical science, Vulcan telepathy, and engineering diagnostics, to piece together what is happening.

Compliance Lesson. A proper internal investigation is rarely a one-person job. Complex matters often require diverse expertise: forensic accounting, cybersecurity, HR policy, legal analysis, and industry-specific regulatory knowledge.

Lesson 3: Keep an Open Mind—The First Explanation May Be Wrong

Illustrated By: Only after gathering more evidence do they realize the lights are disembodied intelligences, survivors of the destroyed planet Zetar, seeking a human host.

Compliance Lesson. In corporate investigations, jumping to conclusions based on initial appearances can lead to flawed outcomes.

Lesson 4: Protect the People Involved Throughout the Process

Illustrated By: Mira Romaine is not treated merely as a subject of inquiry; she is a valued crew member whose well-being is a priority. The investigation’s goal is not just to “solve the problem” but to save her life.

Compliance Lesson. In internal investigations, individuals, whether complainants, witnesses, or subjects, must be treated with dignity and fairness. Mishandling these relationships can result in legal claims, loss of employee trust, and reputational harm.

Lesson 5: Deliver Actionable Solutions, Not Just Findings

Illustrated By: Once the crew determines that the Zetarians are inhabiting Lt. Romaine’s body, they devise a targeted plan to remove them using controlled atmospheric pressure in a medical isolation chamber.

Compliance Lesson. An investigation that ends with a report but no corrective action is a missed opportunity. The ultimate measure of success is not uncovering what happened but ensuring it does not happen again.

Final ComplianceLog Reflections

The Lights of Zetar reminds us that investigations are not abstract exercises; they are missions with real people, high stakes, and long-term consequences. The Enterprise crew approached their challenge with urgency, thoroughness, and empathy. For compliance officers, the lesson is clear: every internal investigation is an opportunity to demonstrate integrity, competence, and leadership. The quality of your investigative process will be remembered long after the incident itself fades from memory.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Blog

The Importance of Expert Internal Investigations: Five Lessons from Star Trek’s The Lights of Zetar

In the corporate compliance world, an internal investigation is often the moment of truth. Whether triggered by a whistleblower complaint, a regulatory inquiry, or a suspicious transaction, the investigation’s quality can determine whether the organization resolves the matter cleanly or faces prolonged legal, financial, and reputational damage.

Star Trek: The Original Series’ “The Lights of Zetar” offers a surprisingly apt allegory for why skilled professionals must handle these investigations. In this episode, the Enterprise is on its way to Memory Alpha, the Federation’s central library, when it encounters a mysterious, pulsating light phenomenon. The lights incapacitate crew members, damage ship systems, and, most dangerously, invade the mind of Lieutenant Mira Romaine, who is accompanying the mission.

The crew must determine what the lights are, what they want, and how to neutralize them before they destroy both Romaine and Memory Alpha’s priceless archives. In doing so, they conduct what is, in effect, a complex and high-stakes investigation. Their approach yields five lessons that every compliance professional should apply when running an internal investigation.

Lesson 1: Preserve and Protect Critical Evidence Immediately

Illustrated By. When the lights first strike, the Enterprise experiences sudden and unexplained system failures. The crew immediately records sensor data, secures operational logs, and isolates the damage.

Compliance Lesson. In corporate investigations, the “scene of the incident” may be a server containing emails, a ledger of transactions, or a manager’s office with physical records. Without swift action, crucial evidence can be lost, whether through routine data overwrites, deliberate destruction, or simple mishandling.

How to apply this to investigations?

  • Secure relevant electronic and physical records as soon as the investigation begins.
  • Suspend auto-delete protocols and ensure data preservation orders are issued.
  • Document the chain of custody for all materials.

In The Lights of Zetar, the crew’s rapid evidence capture gave them the information needed to trace the lights’ origins and capabilities. Without it, they would have been operating blind.

Lesson 2: Bring in the Right Expertise Early

Illustrated By: Once Mira Romaine exhibits strange symptoms, Dr. McCoy, Spock, and Scotty each contribute their specialized knowledge, medical science, Vulcan telepathy, and engineering diagnostics to piece together what is happening.

Compliance Lesson. A proper internal investigation is rarely a one-person job. Complex matters often require diverse expertise: forensic accounting, cybersecurity, HR policy, legal analysis, and industry-specific regulatory knowledge. Relying solely on generalists can miss critical nuances.

How to apply this to investigations?

  • Assemble a multidisciplinary team at the outset, including internal experts and outside specialists if needed.
  • Ensure each team member understands their role and investigative boundaries.
  • Involve counsel early to maintain privilege over sensitive findings.

Just as the Enterprise crew leveraged multiple skill sets to solve a problem no one discipline could crack alone, compliance officers should make strategic use of the right expertise from day one.

Lesson 3: Keep an Open Mind—The First Explanation May Be Wrong

Illustrated By: Initially, the crew assumes the lights are a natural space phenomenon. Only after gathering more evidence do they realize the lights are disembodied intelligences, survivors of the destroyed planet Zetar, seeking a human host.

Compliance Lesson. In corporate investigations, jumping to conclusions based on initial appearances can lead to flawed outcomes. What looks like simple employee misconduct may be part of a larger systemic control failure; what appears to be a minor accounting error may conceal intentional fraud.

How to apply this to investigations?

  • Form working hypotheses, but treat them as provisional until confirmed by evidence.
  • Explore alternative explanations, even if they seem less likely.
  • Allow the facts, not convenience or organizational pressure, to drive conclusions.

Expert investigators, like the Enterprise crew, pivot their theories as new facts emerge.

Lesson 4: Protect the People Involved Throughout the Process

Illustrated By: Mira Romaine is not treated merely as a subject of inquiry; she is a valued crew member whose well-being is a priority. The investigation’s goal is not just to “solve the problem” but to save her life. Kirk ensures she receives medical care and emotional support even as they work to understand her condition.

Compliance Lesson. In internal investigations, individuals, whether complainants, witnesses, or subjects, must be treated with dignity and fairness. Mishandling these relationships can result in legal claims, loss of employee trust, and reputational harm.

How to apply this to investigations?

  • Maintain confidentiality to the fullest extent possible.
  • Protect against retaliation for cooperation.
  • Provide updates when feasible to those affected, balancing transparency with investigative integrity.

A humane approach builds trust in the compliance function and encourages future reporting.

Lesson 5: Deliver Actionable Solutions, Not Just Findings

Illustrated By: Once the crew determines that the Zetarians are inhabiting Lt. Romaine’s body, they devise a targeted plan to remove them using controlled atmospheric pressure in a medical isolation chamber. They do not stop at identifying the cause; they implement the cure.

Compliance Lesson. An investigation that ends with a report but no corrective action is a missed opportunity. The ultimate measure of success is not uncovering what happened but ensuring it does not happen again.

How to apply this to investigations?

  • Pair findings with concrete, practical recommendations for remediation.
  • Address both the immediate problem and any systemic weaknesses uncovered.
  • Follow up to confirm that corrective actions are implemented and effective.

The Enterprise crew’s solution not only saved Mira but also prevented the Zetarians from posing a future threat, exemplifying the kind of preventive mindset compliance investigations should aim for.

Why “The Lights of Zetar” Resonates for Compliance

In The Lights of Zetar, the stakes were both personal and institutional: the survival of a crew member and the preservation of Memory Alpha’s vast knowledge. The investigation had to be thorough, rapid, multidisciplinary, and compassionate, precisely the hallmarks of a high-quality corporate internal investigation.

An expert investigation:

  • Safeguards evidence before it’s lost.
  • Leverages the right mix of skills.
  • Keeps the fact-finding process objective.
  • Protects people while uncovering the truth.
  • Produces actionable, lasting solutions.

When these principles are followed, the compliance function not only resolves incidents but also strengthens the organization’s overall resilience.

Final ComplianceLog Reflections

The Lights of Zetar reminds us that investigations are not abstract exercises—they are missions with real people, high stakes, and long-term consequences. The Enterprise crew approached their challenge with urgency, thoroughness, and empathy.

For compliance officers, the lesson is clear: every internal investigation is an opportunity to demonstrate integrity, competence, and leadership. The quality of your investigative process will be remembered long after the incident itself fades from memory.

In other words, be the Enterprise—methodical, humane, and relentless in pursuit of the truth.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Innovation in Compliance

Innovation in Compliance – Constructive Conversations: Insights with Nina Sunday

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Nina Sunday, a podcaster, author, and speaker, to discuss the nuances of difficult conversations and leadership.

Nina shares her experiences and insights from her podcast ‘Manage Self, Lead Others,’ which has been running for six years. She elaborates on her career transition from teaching and film production to training and self-employment. Nina also introduces her new book based on her podcast and discusses effective conversation techniques, including using non-threatening language openings. She advocates for a learning culture within organizations and speaks about the importance of middle managers in fostering a productive and innovative work environment. The episode concludes with information on how to connect with Nina and access her various works.

Key highlights:

  • Nina Sunday’s Podcast Journey
  • Exploring Difficult Conversations
  • Nina’s Professional Background
  • Middle Management Challenges
  • Effective Communication Techniques
  • The Role of Vulnerability in Leadership
  • Developing Future Leaders
  • Utilizing Podcasts for Business Growth

Resources:

Visit Nina Sunday’s Website

Brain Power Training

Substack

New Book: Manage Self, Lead Others: Constructive Conversations, True Self Leadership and Culture You Can’t Fake on Amazon

Follow Nina Sunday on:

Facebook

LinkedIn

C-Suite Radio

C-Suite TV

Grab Nina Sunday’s book on Amazon

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Red Flags Rising

Red Flags Rising: S01 E24 – Preventing Diversion Starts Close to Home

Mike and Brent break down the key takeaways from an affidavit by a Bureau of Industry & Security Special Agent in Los Angeles, which was unsealed on August 5, 2025, and is a masterclass in how BIS is identifying and analyzing “red flags” indicating potential export control violations.

Mike and Brent discuss the basics of the case (00:58), the value of the detailed affidavit prepared by the BIS Special Agent in support of the arrests (02:19), the value of the case to those making broader strategic decisions for companies in illustrating the competitive advantages—and ability to maximize the benefits of America’s AI Action Plan—through effective export controls compliance (03:00), the most-relevant details of the allegations (04:20), the dangers of doing business with “fly-by-night” operations of any type (05:45), how these allegations underscore the importance of dynamic risk assessments, i.e., those that focus on changes in customers or orders around significant changes to U.S. export controls (06:14), what the affidavit signals for corporate enforcement (07:21), what we can learn about diversion risks from Brent’s studies of the Qing dynasty and frozen meats (07:40), what seized text messages revealed about the smugglers’ view of the current U.S. Administration (08:57), what the affidavit indicates that trade compliance teams realistically, at the front end, could or should have known (10:31), how to respond to BIS requests for information or outreach visits (13:58), Mike’s leaky dishwasher analogy for diversion (and why you need to fix both) (14:15), how the affidavit shows that BIS agents are applying a high probability mindset in their investigations (18:27), how not to “kick the hornet’s nest” when BIS visits or requests information (20:29), the expectations of U.S. regulators generally that companies that become aware of potential violations, whether or not they voluntarily disclose anything, at least do a “root cause” analysis and consider whether compliance program enhancements are necessary (22:17), and the relevance of General Prohibition 10 and the several inchoate provisions under 15 C.F.R. § 764.2 (23:10).

They then conclude with the ever-popular segment, Brent Carlson’s “Managing Up” (26:03).

Resources:

Edvard Pettersson’s article, with a link to the BIS Special Agent’s affidavit, “Chinese nationals charged with illegal exports of Nvidia chips” (Courthouse News, Aug. 5, 2025)

The DOJ Press Release

Brent LinkedIn

Mike LinkedIn

Mike & Brent’s “Fresh Looks” Series

Categories
Blog

The DCRO Institute’s 10 Guiding Principles for Reputation Risk Governance

If the Astronomer imbroglio reminded all corporate types of one thing, it is that a company’s reputation is not just a “soft” asset. It is a core driver of enterprise value and a powerful amplifier of risk. When things go wrong, it is rarely just about bad headlines. It is rather about broken trust, unmet stakeholder expectations, and long-term damage to market credibility.

The DCRO Institute’s Guiding Principles for Reputation Risk Governance (Guiding Principles) make a clear case that reputation must be treated with the same rigor as any other mission-critical risk. This is not the exclusive domain of the communications team. It is a strategic governance imperative that demands board-level oversight, integrated enterprise risk management, and proactive preparation well before a crisis hits.

The document outlines 10 guiding principles, grouped into three themes:

  • Integrated Oversight—reputation as a strategic and material driver of value, rooted in operations and culture, and embedded across the enterprise ecosystem.
  • Outside-In Context and Intelligence—governance that is company-driven, stakeholder-informed, and alert to geopolitical, digital, and technological disruption.
  • Board Readiness—systems, preparation, and agility to respond with credibility under pressure.

The Guiding Principles provide a roadmap for boards to integrate reputation oversight into the core of enterprise risk governance. Today I want to explore the 10 Principles. Tomorrow, we will consider how it applies to the compliance professional. Here is a breakdown of each principle for directors committed to protecting and enhancing stakeholder trust.

1. Reputation is Both a Strategic Asset and a Source of Material Risk

Boards must recognize reputation as a driver of enterprise value and resilience, not merely an intangible “soft” concern. A strong reputation can attract capital, talent, and customers, while a damaged one can accelerate financial losses, regulatory scrutiny, and operational disruption. This means defining a board-level “reputation risk appetite” and ensuring systems are in place to monitor, protect, and enhance reputation. Reputation governance includes aligning all public disclosures with the company’s purpose and operating reality. For directors, the question is not “Do we have a good reputation? ” but “Do we govern it with the same rigor as other strategic assets? ”

2. The Board Oversees Reputation Risk

Reputation risk oversight is ultimately the board’s responsibility. While it may not appear as a standalone item on the risk register, directors must ensure it is systematically addressed and that accountability is clear. This may involve assigning oversight to a specific committee, providing management reports regularly on reputation risk indicators, and probing for vulnerabilities across the enterprise. Globally, regulators and investors expect boards to demonstrate they can anticipate and respond to risks affecting stakeholder trust. Governance failures on this front can lead not just to enterprise harm but also to personal liability for directors.

3. Operations and Culture are the Roots of Reputation

Messaging cannot substitute for reality. Reputation is built on how the organization operates and the culture it sustains. Directors must oversee culture and operational integrity with the same discipline applied to financial performance. This means asking whether incentives support long-term trust, whether operations reflect stated values, and whether the organization maintains a credible speak-up culture. A misaligned culture will eventually undermine trust, regardless of how polished the communications are. Effective governance of culture and operations is governance of reputation at its source.

4. Reputation Risk Governance Must Be Embedded Across the Enterprise Ecosystem

Reputation risk can emerge from any corner of the business—internal operations, third-party relationships, digital ecosystems, or the supply chain. Boards should ensure reputation considerations are embedded into enterprise risk management, strategy, finance, operations, and technology governance. This includes evaluating upstream and downstream dependencies, assessing how vendors and partners affect trust, and stress-testing major decisions for reputational impact before they are executed. The goal is to move from reactive crisis management to proactive resilience-building by embedding reputation governance in the organization’s DNA.

5. Reputation Risk Governance Must Be Company-Driven, Stakeholder-Informed, and Context-Aware

Boards must balance the company’s purpose and strategy with an acute awareness of stakeholder expectations and the external environment. This requires monitoring political, legal, regulatory, and social trends that can affect trust and license to operate. Directors should expect management to integrate stakeholder intelligence into decision-making, identifying potential inflection points before they escalate into crises. Governance here is about foresight—using an outside-in perspective to anticipate risks and opportunities that may not yet be visible from inside the boardroom.

6. Boards Need Early, Integrated Intelligence to Govern Reputation Risk

Reputation can erode quickly in today’s environment, making early detection critical. Boards should insist on receiving integrated intelligence that connects signals from markets, regulators, stakeholders, and digital platforms. This intelligence should be real-time, forward-looking, and actionable—not just retrospective. Integrated reporting allows directors to connect the dots between seemingly isolated developments and spot emerging vulnerabilities. Without this, boards risk being blindsided and forced into reactive, high-stakes decision-making under pressure.

7. Reputation Oversight Must Consider the Convergence of Cyber, AI, and Digital Threats

The accelerating intersection of cyber risk, artificial intelligence, and digital influence creates a new frontier for reputation governance. Breaches and misinformation campaigns can now undermine trust faster than traditional crisis response can react. Boards must ensure risk, technology, and communications functions are not siloed. Instead, they should be aligned to anticipate and respond to digitally driven threats that can originate far outside the company’s direct control. For directors, this means adding technology fluency to the board’s skill set and integrating digital risk into reputation oversight frameworks.

8. Reputation Resilience Comes from Being Proactive, Systematic, and Adaptive

Resilient reputations are built over time through consistent preparation, not improvised in crisis. Boards should ensure that management maintains playbooks, conducts simulations, and has coordinated response protocols ready. Reputation resilience also includes ensuring that insurance strategies, including reputation insurance where applicable, align with the company’s risk profile. Ultimately, directors must oversee how leadership behaves under pressure and whether stakeholders can trust the organization’s values when it matters most.

9. Reputation Risk Can Create Organizational and Director Liability

Reputation damage can lead to financial losses, regulatory sanctions, and, in some cases, personal liability for directors. Evolving legal standards, such as the U.S. Caremark doctrine, now extend to oversight of culture, conduct, and stakeholder trust. Boards must understand both the organization’s exposure and their own. This includes evaluating whether D&O insurance adequately addresses reputational crises and considering supplemental protections such as reputation insurance. Governance here is as much about legal risk management as it is about stakeholder trust.

10. Overseeing Reputation Risk Requires Being Prepared, Agile, and Emotionally Aware

High-stakes situations often trigger intense emotions and competing instincts. Directors must be able to navigate these moments with emotional intelligence, self-awareness, and clarity. This requires both personal readiness and board-level discipline in applying values and principles under pressure. Boards should practice decision-making in simulated scenarios, ensuring they can maintain tone, empathy, and transparency while protecting the organization’s integrity. In the end, reputation governance is not purely technical; it is about the human capacity to lead under scrutiny.

These ten principles reinforce a truth every board should embrace: reputation is not a peripheral concern but a central pillar of corporate governance. Boards that integrate these principles into their oversight structures will not only better protect enterprise value but also strengthen their company’s capacity to lead with trust in a volatile, transparent world.

Join us tomorrow, where we explain what all this means for a compliance professional.