Day: June 17, 2026

Categories
Blog

When Employees Are Drowning in Compliance Change

Compliance professionals know the drill. A new policy is issued. A new training module goes live. A new third-party platform is rolled out. A new AI use standard is announced. A new M&A integration plan hits the field. A new sanctions update requires immediate attention. Each initiative may be defensible on its own. Taken together, they can overwhelm the very employees the compliance program depends upon.

That is the central compliance lesson from David Grossman’s MIT Sloan Management Review article, “When Employees Are Drowning in Change.” Grossman argues that effective leaders do not simply manage change; they manage how people experience change. His article identifies three disciplines that matter: make dialogue nonnegotiable, align leaders around a shared change narrative, and sequence change with employee capacity in mind. For compliance professionals, this is not merely a communications issue. It is a program effectiveness issue.

The DOJ’s Evaluation of Corporate Compliance Programs (ECCP) asks three core questions: Is the program well designed? Is it adequately resourced and empowered? Does it work in practice? The DOJ also makes clear that prosecutors look at whether compliance policies, training, reporting lines, incentives, discipline, and controls are integrated into the company’s operations and workforce. That means a compliance change that employees cannot absorb is not fully implemented. It may exist in a slide deck, an LMS platform, a policy portal, or a board report. But if it does not change behavior, it is not yet operating as a control.

Compliance Fatigue Is a Real Risk

Compliance professionals often think about risk in categories: anti-corruption, sanctions, fraud, conflicts, privacy, cybersecurity, antitrust, money laundering, books and records, and now AI governance. Employees do not experience risk in neat categories. They experience messages, requirements, approvals, certifications, controls, deadlines, and consequences.

That distinction matters. A sales manager may receive anti-bribery training, a gifts-and-hospitality update, a new distributor due diligence process, a revised approval matrix, an AI acceptable use notice, and a speak-up campaign in the same quarter. Compliance may see six separate risk-based initiatives. The employee sees a wall of instructions.

When that happens, the program creates noise. Employees may technically complete training but not internalize it. They may certify to policies but not understand how to apply them. They may attend a town hall but not know what has changed in their daily work. Worse, they may stop asking questions because the system feels too heavy to navigate. That is where Grossman’s change management lessons become directly relevant to the Chief Compliance Officer and the compliance team.

Make Dialogue a Compliance Control

The first discipline is dialogue. In compliance, dialogue should not be treated as a courtesy or a soft engagement tool. It is a control input.

The ECCP asks whether training and communications are tailored to the audience’s size, sophistication, subject matter expertise, needs, interests, and values. It also asks whether employees can ask questions arising out of training and whether the company measures training effectiveness, engagement, learning, and behavioral impact. This is a direct invitation for compliance teams to move beyond “push” communications. A one-way compliance rollout looks like this: publish the policy, assign the training, send three reminder emails, track completion, and report 98% completion to leadership.

A better model looks like this: identify the affected employee groups, ask where the new requirement will create friction, test the message with managers, build scenarios from real operational issues, provide a practical decision tool, hold short Q&A sessions, track questions and exceptions, and adjust the rollout based on what employees tell you.

Dialogue also requires closing the loop. When employees raise concerns about a new control, compliance does not have to accept every suggestion. But it should explain what it heard, what it changed, and what it could not change. Silence breeds skepticism. In compliance, skepticism becomes a workaround.

Build One Compliance Change Narrative

Grossman’s second discipline is alignment around a shared change narrative. This may be the most underused tool in the compliance function. Compliance teams frequently communicate in fragments. Legal explains the law. Compliance explains the policy. Internal audit explains control gaps. HR explains discipline. IT explains system access. Procurement explains third-party onboarding. Finance explains approval requirements. Each message may be accurate. Together, they may feel disconnected.

A compliance change narrative answers four practical questions:

  • Where have we been?
  • Where are we today?
  • Where are we going?
  • What must employees do differently?

For example, an AI governance rollout should not begin with a policy citation. It should begin with the business reality: employees are already using AI tools; the company wants innovation; customer and confidential information must be protected; decisions must remain accountable; and the company needs a consistent control framework. Then the compliance team can explain the required behavior: approved tools, prohibited uses, human review, data restrictions, escalation points, and monitoring.

This is also where middle management becomes essential. The DOJ expects senior leaders to communicate ethical standards clearly and demonstrate adherence by example. It also asks how middle management reinforces those standards and encourages employees to abide by them. In practice, employees often take their cues not from the CCO but from their direct supervisor. If the supervisor treats a new compliance requirement as administrative noise, the employee will do the same. Before any significant program change, compliance should align leaders on the story. Not a script. A shared narrative. What risk are we addressing? Why now? What will be easier? What will be harder? What support will employees receive? What does good look like?

Sequence Change With Capacity in Mind

The third discipline is sequencing. This is where compliance teams can create immediate business value. Grossman’s article notes that organizations often fail not because they are doing too much, but because they are doing too much at the same time without discipline. Compliance is vulnerable to this problem because every risk owner believes their initiative is urgent. The answer is not to do less compliance. The answer is to sequence compliance change with the same rigor applied to capital projects, technology rollouts, or major business transformations.

A mature compliance function should maintain a compliance change calendar. It should show what is hitting which employee population, when, and why. It should identify collision points. It should distinguish regulatory deadlines from preferred deadlines. It should flag high-risk groups that are already carrying heavy control burdens, such as sales, procurement, finance, logistics, government affairs, and third-party management teams.

The ECCP supports this risk-based discipline. Prosecutors ask whether the company deploys compliance resources in a risk-based manner, whether risk assessments are current, and whether updates to policies, procedures, and controls reflect lessons learned and evolving risks. Sequencing is part of that risk-based resource allocation. It is how compliance protects both the business and the control environment.

This is especially important in M&A integration. After closing, compliance must integrate codes, policies, hotline access, third-party controls, financial controls, training, investigation protocols, and audit plans. The DOJ specifically asks about the post-transaction compliance program, compliance oversight of the new business, incorporation into risk assessments, and post-acquisition audits. If compliance imposes all requirements on the acquired business at once, it may create both formal coverage and practical confusion. A sequenced plan gives employees a path from old expectations to new standards.

Measure Whether the Change Landed

Completion rates are not enough. Certifications are not enough. Attendance is not enough. The ECCP asks whether the program works in practice, whether it evolves, whether the company uses data to assess the program’s effectiveness, and whether it measures culture and seeks input from all levels of the organization. That means compliance change management must be measurable.

For training and communication, useful measures include questions asked, policy search data, guidance requests, hotline and speak-up trends, control exceptions, approval delays, audit findings, investigation themes, manager feedback, and pulse survey results. The issue is not simply whether employees received the message. The issue is whether they understood it, trusted it, and used it.

This is the practical bridge between Grossman’s article and the ECCP. Change management is not separate from the effectiveness of the compliance program. It is how effectiveness is achieved.

Practical Takeaways

  1. Create a compliance change inventory. List every major policy, training, system, control, campaign, certification, and reporting change scheduled for the next two quarters.
  2. Map the impact by employee group. Identify who is being asked to absorb the most change and whether those employees sit in high-risk roles.
  3. Require a change narrative for every significant rollout. The narrative should explain the risk, the business rationale, the required behavior, and the available support.
  4. Build dialogue into the process. Use listening sessions, manager huddles, Q&A channels, post-training feedback, and office hours. Then close the loop.
  5. Sequence based on risk and capacity. Not every compliance initiative can be first. Prioritize what is legally required, what addresses the highest risk, and what enables other controls to work.
  6. Measure behavior, not just delivery. Report to leadership on whether the change landed in the business, not merely whether the email was sent or the training was completed.

The compliance lesson is clear. Employees do not fail to follow compliance programs only because they lack information. Sometimes they fail because the organization has given them too much change, too little context, and no practical path to execution. A better compliance program does not simply say more. It listens better, aligns better, sequences better, and measures whether the business can actually do what compliance has asked.

Categories
Compliance Into the Weeds

Compliance into the Weeds: OFAC’s Warning Shot: FTI Consulting Fined for Indirect Dealings with Sanctioned Bank

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore it in greater depth. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode of Compliance into the Weeds, Tom Fox and Matt Kelly discuss a recent OFAC enforcement action fining FTI Consulting $1.05 million for a sanctions violation involving indirect dealings with Russia’s state-owned VTB Bank.

FTI provided economic analysis for VTB in litigation, but, knowing VTB was sanctioned, used a law firm as an intermediary to invoice and receive payment, which OFAC said does not avoid liability because prohibitions apply to indirect transactions as well as direct ones. OFAC doubled the base penalty of $525,000 explicitly to promote future compliance by similarly situated companies, signaling strong disapproval of “middleman” structures. The case also involved unpaid invoices that became an impermissible extension of credit to a sanctioned entity, highlighting the need for rigorous contract and payment-term review beyond basic sanctions screening and for dedicated sanctions expertise.

Key highlights:

  • Introducing the OFAC Case
  • Middleman Billing Scheme
  • Why Screening Misses Indirect Risk
  • Did Compliance Approve It?
  • OFAC Expectations and Capability
  • Penalty Doubled Warning Shot
  • Unpaid Invoices as Credit Extension

Resources:

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

A multi-award-winning podcast, Compliance into the Weeds was most recently honored as one of the Top 25 Regulatory Compliance Podcasts, a Top 10 Business Law Podcast, and a Top 12 Risk Management Podcast. Compliance into the Weeds has been conferred the Davey, Communicator, and W3 Awards, all for podcast excellence.

Categories
Daily Compliance News

Daily Compliance News: June 17, 2026, The Book-Cation Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • AI compliance failures. (TechRepublic)
  • Sounds like heaven. (NYT)
  • Brendan Sorsby is now the NFL’s problem. (WSJ)
  • Did JLR hide fire risks in its cars? (FT)

To learn about the intersection of Sherlock Holmes and the modern compliance professional, check out Tom’s latest book, The Game is Afoot-What Sherlock Holmes Teaches About Risk, Ethics and Investigations on Amazon.com.

Categories
Blog

The Squire of Gothos – Training and Communication Lessons

Show Summary

As compliance professionals, our roles often require us to explore diverse sources to glean valuable lessons in compliance. “Star Trek: The Original Series” consistently provides profound insights applicable to our daily challenges. The episode “The Squire of Gothos” serves as an excellent illustration of essential lessons in training and communications crucial for compliance practitioners today.

In this episode, the USS Enterprise, led by Captain Kirk, encounters the mysterious planet Gothos, governed by the whimsical and capricious character Trelane. Initially appearing as a refined and gracious host, Trelane soon reveals himself to be an unpredictable entity, wielding tremendous power but with little accountability. His lack of understanding and misinterpretation of human behavior laid the groundwork for significant insights into compliance. Let’s examine the key lessons in training and communication that can be gleaned from this engaging narrative.

1. Clarity is Essential in Communication

Illustrated by Trelane, this work enthusiastically recreates an elegant yet bizarrely inaccurate representation of Earth’s history, misunderstanding fundamental human behaviors and values. His superficial interpretation leads to confusion and conflict with Kirk and his crew.

In compliance communications, similar pitfalls occur when employees misunderstand critical guidance due to vague or incomplete messaging. Clear, concise, and contextual communication ensures that employees understand compliance requirements, practical applications, and the consequences of missteps. Compliance professionals must consistently review their messages for clarity, using precise, accessible language to eliminate ambiguity and align understanding across the organization.

2. Adapt Training to Your Audience’s Realities

Illustrated By: Trelane’s understanding of human culture proves drastically outdated and disconnected from the contemporary realities of Kirk’s era, referencing Earth’s distant past without comprehending current circumstances. His inability to relate properly alienates his audience rather than engages them. 

Similarly, compliance training must align closely with employees’ actual workplace realities and challenges. Generic or irrelevant training content quickly loses effectiveness. Instead, compliance officers should tailor scenarios, examples, and training methods to reflect genuine operational contexts, contemporary risks, and real-life situations employees encounter daily. Authentic relevance significantly improves learner retention and practical application.

3. Interactive Communication Engages and Educates

Illustrated By: Trelane draws Captain Kirk and his crew into an interactive scenario, complete with costumes and props, to engage them. Though misguided in execution, his effort to create engagement is evident—he understands engagement is essential to capturing attention.

Compliance training should similarly prioritize interactive methods to create engaging, participatory experiences. Scenario-based simulations, role-playing activities, gamified e-learning, and collaborative exercises can effectively involve employees. By actively participating rather than passively listening, employees deepen their understanding, ensuring that training is more memorable, impactful, and effectively translated into compliant behaviors.

4. Feedback Loops Are Crucial

Illustrated By: Trelane repeatedly dismisses feedback from Kirk and the crew, ignoring their corrections and pleas. His refusal to acknowledge or integrate feedback escalates misunderstandings, leading to increased conflict and mistrust.

This vividly demonstrates the critical need for robust feedback loops within compliance training and communications. Soliciting, acknowledging, and acting upon feedback are essential components of effective compliance training programs. Compliance officers should continuously evaluate training effectiveness through surveys, post-session discussions, and informal feedback channels, ensuring continuous improvement and alignment with employee needs and concerns.

5. Balance Authority with Empathy and Understanding

Illustrated By: Trelane initially wields his immense power autocratically, indifferent to the crew’s concerns and fears. His lack of empathy creates resentment, anxiety, and, ultimately, defiance among the Enterprise’s personnel.

Compliance professionals also risk alienating employees when they wield compliance mandates without empathy or understanding. Successful compliance programs strike a balance between authoritative requirements and genuine compassion. Demonstrating an understanding of employee pressures, organizational realities, and practical challenges fosters greater trust and collaboration, thereby nurturing a culture of compliance where adherence is willingly embraced rather than resented.

6. Beware the Perils of Misplaced Assumptions

Illustrated by: Trelane assumes an inaccurate knowledge of human culture based solely on superficial observation from afar. His unchecked assumptions repeatedly cause confusion, mistakes, and frustration as he misunderstands core human motivations and behaviors.

Compliance professionals must avoid similar pitfalls. Unchecked assumptions about employees’ knowledge levels, behavior, or organizational culture can lead to ineffective training and costly compliance breakdowns. Training must be grounded in data-driven insights, direct employee engagement, and empirical validation, ensuring assumptions are continuously tested and adjusted accordingly.

7. Leverage Leadership as Communication Champions

Illustrated by Captain Kirk, who effectively navigates the challenging interactions with Trelane, leading his crew decisively. Kirk’s clear communication, authoritative yet empathetic demeanor, and consistent leadership reassure and guide his team through uncertainty and conflict.

In the compliance realm, leadership plays a similarly critical role in amplifying the effectiveness of training and communication. Senior leaders who champion compliance messages, actively participate in training, and visibly embody compliance principles significantly enhance program credibility and employee engagement. Leadership engagement reinforces training lessons, ensuring compliance is deeply embedded within organizational culture and behavior.

 Final ComplianceLog Reflections 

Star Trek’s “The Squire of Gothos” offers compelling lessons in clear communication, tailored and interactive training methods, effective feedback integration, empathetic leadership, validated assumptions, and communication-driven decision-making. Compliance professionals can learn from both Trelane’s shortcomings and Kirk’s strategic interactions to significantly enhance the impact of their compliance training programs.

By embracing these lessons, compliance professionals strengthen their communication, foster meaningful employee engagement, and ultimately build more robust compliance cultures. Like the crew of the USS Enterprise, navigating mysterious challenges effectively requires proactive, adaptive, and thoughtfully designed communication and training strategies. Let us boldly incorporate these insights to ensure our compliance programs resonate, educate, and inspire employees across our organizations.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
The Hill Country Podcast

The Hill Country Podcast: Post-Flood Recovery, Mental Health Trends, and Naloxone Outreach in Kerr County

Welcome to the award-winning The Hill Country Podcast. The Texas Hill Country is one of the most beautiful places on earth. In this podcast, Hill Country resident Tom Fox visits with the people and organizations that make this one of the most unique areas of Texas. In this episode, host Tom Fox speaks with Abby Filyaw and recovery coach Clayton Evans of the Hill Country Council on Alcohol & Drug Abuse.

They discuss Kerr County’s recovery roughly 11 months after the flood, noting increased demand for mental health services, anxiety triggered by renewed rain warnings, and ongoing community impacts along the Guadalupe River. They discuss how disasters can have delayed substance-use effects, PTSD-like reactions, and the need to support both substance use disorder and co-occurring mental health conditions simultaneously, including referrals to an addictionologist. Abby outlines a naloxone/Narcan initiative deploying large purple “Barney” dispensing boxes at locations such as vape stores and the Kerr County Jail, driven by overdose risks from kratom and potent 7-OH, including deaths when mixed with alcohol, and supported by law enforcement through education and stigma reduction. They also address youth risk prevention and summer triggers and provide contact information for services.

Highlights include:

  • Post-Flood Mental Health
  • River Anxiety And PTSD
  • Naloxone And New Drugs
  • Clayton Recovery Story
  • Youth Prevention And Teens

Resources

Hill Country Council on Alcohol & Drug Abuse

Other Hill Country Focused Podcasts

Hill Country Authors Podcast

Hill Country Artists Podcast

Texas Hill Country Podcast Network

Cover Art

Nancy Huffman

Categories
AI Today in 5

AI Today in 5: June 17, 2026, The End of Fragmented AML Edition

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider five stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

Top AI stories include:

  1. End of fragmented AML. (FinTechGlobal)
  2. AI compliance failures. (TechRepublic)
  3. AI for an always-ready audit. (PharmacyPracticeNews)
  4. AI for finance is leaving healthcare in the dust. (HealthExec)
  5. New social norms are needed in the age of AI. (AP News)

For more information on the use of AI in compliance programs, Tom Fox’s new book, Upping Your Game, is available. You can purchase a copy of the book on ⁠Amazon.com⁠.

To learn about the intersection of Sherlock Holmes and the modern compliance professional, check out Tom’s latest book, The Game is Afoot-What Sherlock Holmes Teaches About Risk, Ethics and Investigations on ⁠Amazon.com⁠.

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 17 – The Squire of Gothos – Training and Communication Lessons

Show Summary

The episode “The Squire of Gothos” serves as an excellent illustration of essential lessons in training and communications crucial for compliance practitioners today.

In this episode, the USS Enterprise, led by Captain Kirk, encounters the mysterious planet Gothos, governed by the whimsical and capricious character Trelane. Initially appearing as a refined and gracious host, Trelane soon reveals himself to be an unpredictable entity, wielding tremendous power but with little accountability. His lack of understanding and misinterpretation of human behavior laid the groundwork for significant insights into compliance. Today, we examine the valuable lessons in training and communication that this engaging narrative offers.

Key highlights:

1. Clarity is Essential in Communication

Illustrated by Trelane, this work enthusiastically recreates an elegant yet bizarrely inaccurate representation of Earth’s history, misunderstanding fundamental human behaviors and values.

Clear, concise, and contextual communication ensures that employees understand compliance requirements, practical applications, and the consequences of missteps. Compliance professionals must consistently review their messages for clarity, using precise, accessible language to eliminate ambiguity and align understanding across the organization.

2. Adapt Training to Your Audience’s Realities

Illustrated by Trelane’s understanding of human culture, it proves drastically outdated and disconnected from the contemporary realities of Kirk’s era, referencing Earth’s distant past without comprehending current circumstances. 

Compliance training must align closely with employees’ actual workplace realities and challenges. Generic or irrelevant training content quickly loses effectiveness. Authentic relevance significantly improves learner retention and practical application.

3. Interactive Communication Engages and Educates

Illustrated By: Trelane draws Captain Kirk and his crew into an interactive scenario, complete with costumes and props, to engage them. 

Compliance training should similarly prioritize interactive methods to create engaging, participatory experiences. By actively participating rather than passively listening, employees deepen their understanding, ensuring that training is more memorable, impactful, and effectively translated into compliant behaviors.

4. Feedback Loops Are Crucial

Illustrated by: Trelane repeatedly dismisses feedback from Kirk and the crew, ignoring their corrections and pleas. 

This vividly demonstrates the critical need for robust feedback loops within compliance training and communications. Compliance officers should continuously evaluate training effectiveness through surveys, post-session discussions, and informal feedback channels, ensuring continuous improvement and alignment with employee needs and concerns.

5. Balance Authority with Empathy and Understanding

Illustrated By: Trelane initially wields his immense power autocratically, indifferent to the crew’s concerns and fears.

Compliance professionals also risk alienating employees when they wield compliance mandates without empathy or understanding. Demonstrating an understanding of employee pressures, organizational realities, and practical challenges fosters greater trust and collaboration, thereby nurturing a culture of compliance where adherence is willingly accepted rather than resented.

6. Beware the Perils of Misplaced Assumptions

Illustrated by Trelane, he assumes an inaccurate knowledge of human culture based solely on superficial observation from afar. 

Compliance professionals must avoid similar pitfalls. Training must be grounded in data-driven insights, direct employee engagement, and empirical validation, ensuring assumptions are continuously tested and adjusted accordingly.

7. Leverage Leadership as Communication Champions

Illustrated by Captain Kirk effectively navigating the challenging interactions with Trelane, leading his crew decisively. 

Leadership plays a critical role in amplifying the effectiveness of training and communication. Leadership engagement reinforces training lessons, ensuring compliance is deeply embedded within organizational culture and behavior.

Final ComplianceLog Reflections

Star Trek’s “The Squire of Gothos” offers compelling lessons in clear communication, tailored and interactive training methods, effective feedback integration, empathetic leadership, validated assumptions, and communication-driven decision-making. Compliance professionals can learn from both Trelane’s shortcomings and Kirk’s strategic interactions to significantly enhance the impact of their compliance training programs.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Timothy and Fiona are AI-generated voices.