What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These questions are just three of the many we will explore in this cutting-edge podcast series, Compliance and AI, hosted by Tom Fox, the award-winning Voice of Compliance. In this episode, Tom Fox speaks with Sheila Slick, an entrepreneur and founder of PodtoBook.ai, a groundbreaking tool that repurposes podcast content into books.
Sheila shares her professional journey, from teaching math to founding a mobile application company, and her passion for sharing stories. She explains how her frustration with manual transcription and content creation led her to develop PodtoBook.AI. Sheila discusses the simplicity of the tool, which converts podcast episodes into first-draft manuscripts in just a few hours. She explores various innovative applications, including creating pitch books, event summaries, and preserving family stories. The conversation highlights the vast opportunities that AI offers in content repurposing and encourages listeners to embrace technological shifts to explore new business opportunities.
Key highlights:
Sheila’s Professional Journey
Founding PodtoBook.AI
The Power of AI in Content Creation
Using Pod to Book for Business and Personal Stories
Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.
Today, we conclude our 5-part series and consider several questions about compliance officers working with or on the Board. We also consider what you need to do to be successful after joining your first Board as a member.
For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing your Compliance Program, 6th edition, which was recently released by LexisNexis. It is available here.
Welcome to AI Today in 5, the newest edition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI, so start your day, sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5, all from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest related to AI.
Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, including compliance, ethics, risk management, leadership, or general interest, relevant to the compliance professional.
Top stories include:
A former Navy No. 2 was sentenced to 6 years for corruption. (NBC News)
SEC revokes arbitration prohibition for IPOs. (Reuters)
BCG employees to take Humanitarian Principles training. (FT)
In the initial spotlight segment of this episode, we speak with returning guest and regulatory compliance expert Oonagh van den Berg of Raw Compliance about an article she recently penned on LinkedIn titled “Rethinking AI Regulation: Why Current Approaches Are Falling Short” (check the links below).
Following that, we chat with anti-money laundering (AML) and financial crime scholars Dr. Mirko Nazzari and Prof. Peter Reuter about their new article in the Journal of Crime & Justice, published by the University of Chicago Press, entitled “How Well Does the Money Laundering Control System Work?”
Oonagh van den Berg is the founder of Raw Compliance, a compliance consultancy and training firm. Having grown up in Northern Ireland during the tumultuous 1980s, she is a compliance veteran.
A lawyer by training and an entrepreneur by vocation, she grew up during the dark chapter of her country – better known as “The Troubles”- and went on to achieve success after success: first as a lawyer, then as a compliance officer, a recruiter, and later, a consultant and educator. Having previously taken up roles in Asian financial hubs such as Singapore and Hong Kong, she is currently based in Braga, Portugal.
Dr. Mirko Nazzari is a postdoctoral research fellow in Political Science at Università degli Studi di Sassari, Italy. He holds a PhD in Criminology from Università Cattolica del Sacro Cuore (Italy), where he also served as a Research Fellow at Transcrime – Joint Research Centre on Innovation and Crime.
His research focuses on assessing and enhancing public policies for crime prevention and control, with particular emphasis on money laundering, cybercrime, and the policy challenges posed by emerging technologies. He has published extensively in these areas and contributed to applied policy research at both national and international levels.
Dr. Peter Reuter is Distinguished University Professor in the School of Public Policy and Department of Criminology at the University of Maryland. In 2019, he was awarded the Stockholm Prize in Criminology, the most prestigious award in the field. He founded the International Society for the Study of Drug Policy and RAND’s Drug Policy Research Center.
Discussion:
The podcast begins with a brief conversation between Oonagh and Regulatory Ramblings host Ajay Shamdasani about her September 8, 2025, article on LinkedIn, entitled “Rethinking AI Regulation: Why Current Approaches Are Falling Short.”
Her key takeaway for listeners and her readers is that: “AI isn’t just a technology—it’s an ecosystem. Regulating it requires cooperation, adaptability, and vision. Anything less will fail.”
Oonagh goes on to say: “Artificial Intelligence is evolving faster than regulators can keep up. Around the world, governments are racing to design frameworks to govern AI use, but the struggle is evident: how do you regulate something so pervasive, adaptive, and borderless without stifling innovation or missing critical risks?”
She assesses Hong Kong’s present dilemma – highlighted in a recent South China Morning Post article – thatillustrates such challenges. The city faces obstacles in enforcing rules that would necessitate AI-created content to be labelled. Experts, she says, warn that the city’s market is “too small” for supporting “bespoke legislation, and without robust enforcement mechanisms, rules around watermarking and labelling may simply be ignored.”
“This isn’t just a Hong Kong problem. It’s a global one. And it’s a sign that we need to rethink how AI regulation is designed and enforced,” she writes.
As the former British colony crafts its own AI rules regime, she highlights the challenges the city faces:
1. Fragmented and reactive regulation: Hong Kong currently relies on piecemeal laws—privacy, IP, finance—to govern AI. The lack of a unified statute leaves gaps and inconsistencies. This mirrors the situation in many jurisdictions where regulators patch AI onto existing frameworks rather than building something purpose-built.
2. Enforcement complexity
Even when rules exist, implementation is shaky. For example, China mandates labelling and watermarking of AI content. But technical evasion is easy, watermarking can be stripped, and compliance varies across platforms. Enforcement lags behind innovation.
3. Scale and coordination problems
Small markets like Hong Kong can’t realistically create standalone AI regimes that diverge too far from global standards. With multiple regulators (PCPD, HKMA, SFC) touching AI issues, coordination becomes another hurdle.
4. Ethical and societal risks remain unaddressed
Labelling helps promote transparency, but it doesn’t address deeper concerns, such as misinformation, deepfakes, privacy breaches, biased algorithms, or liability for harm.
Ultimately, Oonagh notes the Special Administrative Region (SAR) needs to learn from other models.
For example, the EU AI Act is a superb piece of legislation. “The European Union has introduced the world’s most ambitious attempt at AI regulation,” she says. “Its risk-based approach divides AI systems into categories:
• Unacceptable risk (e.g., social scoring) – outright bans.
• High risk (e.g., biometrics, healthcare AI, financial services AI) – strict compliance, human oversight, mandatory audits.
• Low/minimal risk – lighter obligations.
“This is a principle-driven and comprehensive framework, but critics warn that its heavy compliance burden may stifle innovation in smaller companies. Enforcement capacity will also be tested—many national regulators are underfunded compared to the scope of responsibility,” she wrote.
Then there is the Singaporean model, which she acknowledges is “a more agile, industry-friendly approach with its Model AI Governance Framework.” Instead of rigid laws, it provides:
• Voluntary best practices (transparency, explainability, fairness).
• Industry sandboxes to experiment safely.
• A strong focus on multi-stakeholder collaboration between regulators, academia, and industry.
“This approach supports innovation while nudging companies toward responsible AI. But without legal force, it risks leaving gaps where bad actors can exploit weaknesses,” she says.
For Hong Kong to have a more workable approach, therefore, she recommends borrowing what works and is relevant to the local context. Namely:
Unified AI Regulation: Move beyond fragmented laws and adopt a dedicated AI framework, grounded in core principles: accountability, transparency, fairness, privacy, and safety.
Risk-Based Oversight: Like the EU Act, differentiate between high-risk and low-risk AI use, applying strict oversight only where harms could be severe.
Practical Enforcement Tools: Invest in watermarking and labelling standards that are technically robust, enforceable, and difficult to evade—while recognizing that labelling alone isn’t a silver bullet.
Dedicated Oversight Body: Create a central AI regulator to coordinate across sectors, avoid duplication, and respond quickly to emerging risks.
Public Engagement & Education: Foster societal trust by educating citizens on the risks, rights, and safeguards associated with AI, ensuring transparency in the decision-making process surrounding AI.
Global Alignment: For small markets like Hong Kong, aligning with global regimes—whether the EU Act’s structure or Singapore’s collaborative model—is key to avoiding regulatory isolation and easing compliance for international companies.
As Oonagh concludes, AI regulation cannot be built on ad hoc legal fixes or unenforceable guidelines. “Hong Kong’s struggles highlight the real-world limitations of trying to bolt rules onto outdated systems. The EU shows the power of principle-based, risk-tiered regulation, while Singapore demonstrates the agility of a collaborative, innovation-friendly approach,” she writes.
“The answer lies in combining these lessons: a unified, principle-driven law; proportionate, risk-based oversight; enforceable standards; and international harmonisation. Regulation must evolve as quickly as AI itself—not to slow it down, but to ensure that innovation happens safely, transparently, and for the benefit of society,” she says.
Moving into the lengthier discussion portion of the episode, Mirko and Peter discuss their article, published earlier this summer, entitled “How Well Does the Money Laundering Control System Work?”
The article takes a critical look at the global AML system and poses a simple yet fundamental question: Has it actually made money laundering more challenging or risky for criminals? The answer is more complicated— and less encouraging—than many might hope. And it’s a question for which there may be different answers at local, national, transnational, and global levels.
Mirko & Peter’s essay offers a critical and data-driven analysis of the global AML regime, highlighting:
▪️ The lack of empirical evidence that ML has become more difficult or less prevalent
▪️ The often symbolic nature of international evaluations, such as the Financial Action Task Force Mutual Evaluations
▪️ The high costs and unintended consequences of AML measures, including derisking, and
▪️ The central role of private entities in detecting suspicious activity, with significant operational implications. Although lengthy, it is highly recommended reading for anyone working in or interested in AML, financial crime, and public policy evaluation.
Simply put, Money laundering remains a significant concern worldwide, with substantial resources dedicated to preventing illicit funds from entering the financial system. Yet, despite decades of legislative and regulatory development, the effectiveness of AML frameworks remains dubious.
Again, the article is a sharp, data-informed critique of the current state of the international AML apparatus. The authors highlight seven key findings that challenge conventional wisdom:
Major banks regularly face hefty fines, but executives very rarely face criminal convictions
Money laundering is often no more complex or expensive today than it was in the late 1980s
Most laundering methods remain surprisingly basic
The system disproportionately benefits wealthy jurisdictions
AML measures yield valuable intelligence for law enforcement
But they also carry risks, including de-risking and data misuse
The real costs of AML compliance are never part of public debate. Only occasionally is there mention of the costs borne by banks.
The abstract to their piece states: “The continued globalization of finances has generated an ever-larger array of methods for making criminal earnings appear legitimate. The global regime to control money laundering has become more sophisticated and comprehensive (i.e., expensive and intrusive). There is no evidence that money laundering is declining or becoming more difficult or expensive. The system’s failure has many sources. Nations that pushed for its creation and development have been unwilling to implement critical elements. Major banks have repeatedly failed to meet their obligations, suggesting either insufficient commitment or a lack of the necessary skills and systems to comply. Regulatory oversight has been inadequate. There is, however, evidence that the system aids enforcement of laws against criminal enterprises. Despite the consensus that the system works poorly, there is almost no discussion of substantial reforms.”
Their key observations or conclusions are that simple laundering strategies remain pervasive, there has been, relatively speaking, limited adoption of sophisticated methods like crypto, and most launderers tend to launder their own funds rather than avail themselves of the “professional services” of more experienced financial criminals.
The challenges they cite include the limited policy debate over AML and financial crime compliance in general, a tendency for policymakers and regulators to focus on incremental improvements rather than comprehensive reforms, and whether the current system of ever-growing suspicious activity report (SAR) filings is sustainable in the long term.
As Mirko says, “SARs are contributing to investigations,” but it is unclear whether such a system is sustainable over time. He highlights a common practice among money laundering reporting officers (MLROs) of reporting everything to avoid fines, sanctions, or personal reprimands—a phenomenon known as “defensive filing.”
However, the example of the U.S. Treasury Department’s FinCEN shows that four million SARs are filed annually, which cannot be effectively managed. This places a significant strain on Financial Intelligence Units and law enforcement agencies, whose limited resources make it challenging to keep pace with the volume of reports.
Mirko added that not all money launderers are the same: the typologies of how a drug dealer, a kleptocrat, and a cryptocriminal launder funds may be very different.
When asked what policy choices they would advocate for regulators and law enforcement to adopt, both Mirko and Peter stressed the need to set realistic goals, develop alternative effectiveness metrics, and strike a balance between the competing yet compelling goals of AML controls and financial inclusion.
As the conversation concluded, Peter acknowledged that the White House’s statement earlier this year, indicating it would scale back AML enforcement, could lead to selective enforcement of such rules under the current Trump administration.
Regulatory Ramblings podcasts is brought to you by The University of Hong Kong – Reg/Tech Lab, HKU-SCF Fintech Academy, Asia Global Institute, and HKU-edX Professional Certificate in Fintech, with support from the HKU Faculty of Law.
Ed. Note: this blog post concludes our 5-part series this week on Board issues for the compliance professional.
For many compliance professionals, being selected to serve on a board of directors is a career milestone. It signals that your judgment, risk insights, and crisis-tested leadership are valued at the highest level of governance. But stepping into that boardroom for the first time can feel daunting. The expectations are high, the norms are unspoken, and the stakes — governance, strategy, and shareholder value — could not be greater.
The good news? Compliance leaders already have many of the tools needed to thrive. You understand oversight, you know the difference between management and governance, and you have a keen sense of risk. What you need now is a roadmap for the first 90 days and beyond. Drawing from hard-won lessons and my own experiences, here is a playbook for how compliance professionals can not only survive but excel when they take their first board seat.
Mastering the First 90 Days
How you arrive determines how long and how well you serve.
1. Listen Hard
Your first task is to absorb as much as possible. That means reading everything, including board books, minutes, charters, risk registers, and committee reports—to map who influences what and how decisions are made. Pay attention not just to the formal processes but also to the informal alliances and power dynamics. And always keep in mind the golden rule of governance: noses in, fingers out. Boards are not there to manage operations. You are there to oversee, question, and guide, not to run the business.
2. Pick Your Moments
New directors often feel pressure to speak up quickly to demonstrate their belonging. Resist that urge. Early on, focus on asking clarifying questions rather than staking strong positions. For example:
“Can you walk me through the assumptions behind this forecast?”
“How does this proposal fit into our risk appetite?”
If you sense a question may take the discussion into weeds, make a note and raise it later with the chair, CFO, or committee lead. This shows respect for the board’s time and demonstrates that you know when and how to engage.
3. Add Value in Your Lane
Compliance professionals bring unique expertise that most boards need. Use it wisely. Offer short, focused contributions that advance the discussion without grandstanding. Boards value directors who are helpful, not those who are performative. Demonstrate your ability to contribute in ways that strengthen governance. Examples include:
A memo on third-party risk in an emerging market.
A list of key oversight questions for AI adoption.
A template for crisis after-action reviews.
4. Build Relationships
Your effectiveness as a director depends on trust. Schedule one-on-ones with committee chairs, the CFO, the general counsel, and the CHRO. These conversations will help you understand priorities, build rapport, and identify how your skills can best complement the board. Ask open-ended questions such as:
“What keeps you up at night?”
“How can I be useful to you in this role?”
5. Model Integrity
Boards need truth-tellers, and compliance professionals are uniquely qualified for this role. If messaging strays from your values in a crisis or if you sense spin overtaking substance, speak up. Deliver the truth with respect, but do not shy away from speaking it. Integrity, modeled consistently, builds credibility faster than any technical expertise.
Learning the Subtle Arts: EQ, Voice, and Timing
Technical skills will get you to the boardroom. Emotional intelligence will determine your influence once you’re there.
1. Ask the Deceptively Simple Question
The best directors are not the ones who speak most often; they’re the ones who move the conversation the farthest. One way to do that is by asking questions that reframe the discussion. For example:
“What would have to be true for this initiative to fail?”
“Which stakeholders haven’t we heard from?”
“What’s our escalation trigger if this risk materializes?”
These questions cut through complexity and shift the board from passive review to active oversight.
2. Use Tone Intentionally
Tone is a powerful instrument. There are moments when it is necessary to be assertive, such as when the stakes are high or values are at stake. At other times, your role is to synthesize, invite, and build consensus.
By modulating your tone, you signal confidence without arrogance and influence without domination. Consider phrases like:
“I’m curious…” to open space for dialogue.
“I recommend…” when it’s time to guide toward a decision.
3. Find a Mentor
Every first-time director should find a seasoned board member to serve as an informal mentor. A five-minute call before or after a meeting can provide invaluable insight into board culture, expectations, and unwritten rules.
Ask them candidly: “How did I land in that discussion? Was my intervention useful? What would you have done differently?” That kind of feedback can accelerate your growth exponentially.
Beyond the First 90 Days: Building Long-Term Effectiveness
Once you’ve navigated your first board cycle, the question becomes: how do you sustain credibility and build influence over time?
1. Deepen Your Governance Acumen
Compliance professionals often arrive with strong risk instincts but limited exposure to broader governance topics, such as executive compensation, shareholder engagement, and capital allocation. Make it a goal to broaden your perspective. Read widely, attend director education programs, and seek assignments on committees outside your comfort zone.
2. Balance Oversight with Strategic Contribution
Boards do not want directors who only highlight risks; they want directors who help balance risk with opportunity. As a compliance professional, learn to frame your insights in terms of strategic choices. This positions you as a partner in growth, not just a gatekeeper. For example:
Instead of: “This market carries high corruption risk.”
Say: “Here are the three risk mitigation strategies we can pursue if we want to expand into this market. Each has different costs and oversight implications.”
3. Stay Curious and Current
The regulatory environment evolves constantly. Bring fresh insights on new enforcement trends, ESG requirements, AI governance, or data privacy. Share these in concise, board-relevant formats, such as one-page updates, dashboards, or curated case studies. Being the director who consistently adds current, relevant context makes you indispensable.
4. Protect Your Independence
Finally, never forget that your duty is to the organization and its stakeholders, not to management. Independence is your north star. If you sense pressure to conform or remain silent, remember that your value lies in your judgment, courage, and integrity. Serving on a board for the first time is both an honor and a responsibility. For compliance professionals, it is also a natural progression. You already live in the space between risk and resilience, rules and judgment, compliance and culture.
To succeed, you must combine that technical expertise with the subtler arts of listening, timing, and relationship-building. Arrive prepared, model integrity, and contribute strategically. Do that, and you will not only occupy a seat at the table but also shape decisions that steer the organization toward long-term success.
