Author: admin

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 1 – Compliance Lessons from The Man Trap

In this episode of Trekking Through Compliance, we examine “The Man Trap,” which aired on September 8, 1966, at Star Date 1515.1.

A landing party from the Enterprise beams down to perform an annual checkup of scientist Bob Crater and his wife, Nancy, who have lived on the planet M113 for 5 years. Dr. Crater and Nancy appear to be in good health, but Dr. Crater goes out of his way to request an additional salt supply from the Enterprise’s stores. A crewman wanders off and dies under mysterious circumstances. Further tests show that his body is completely devoid of salt.

Scanning the planet’s surface reveals only a single life form, so Spock and Kirk realize that Nancy must have beamed aboard the Enterprise and start searching for her. They question Dr. Crater and learn that Nancy is dead and that her form has been taken over by the planet’s last remaining indigenous creature, which can assume any form and requires salt to live.

Kirk and Spock then beam Dr. Crater aboard the Enterprise, who prevents Kirk from killing the creature (whom he still sees as Nancy Crater) and then stands idly by as she begins to drain the salt from Kirk’s body. At this juncture, Spock rushes in and demonstrates to McCoy that the woman attacking Kirk could not be Nancy by striking her repeatedly and forcefully. Nancy does not flinch, sending Spock flying across the room with a single counterblow. When the creature attacks Kirk again, its proper alien form is revealed, and Bones kills it with a phaser, even after it reverts to Nancy’s form.

Key highlights:

1. Compliance and Leadership Lessons—The Cost of Denial

🖖 Illustrated by Dr. Crater’s refusal to acknowledge the danger posed by the creature impersonating his wife, Nancy.

Leadership is about facing difficult truths, not indulging in convenient fantasies. Dr. Crater’s emotional attachment blinds him to reality, echoing the risks faced when leaders ignore clear signs of compliance breakdowns. Just as he stalls Kirk and enables the creature’s deception, real-world executives who refuse to confront corruption or misconduct put the entire organization at risk.

2. Character Dynamics—Trust, Bias, and Team Decision-Making

🖖 Illustrated by the landing party’s conflicting views of Nancy, each member sees her in a different light.

This episode reminds us how biases cloud judgment. The creature manipulates the crew’s perceptions, much like a charismatic con artist might deceive auditors or compliance officers. Effective compliance teams must cultivate objectivity and challenge assumptions, especially when red flags appear under familiar disguises.

3. Ethical Decision-Making and Vigilance—When Loyalty Becomes Liability

🖖 Illustrated by McCoy’s inability to act until it’s almost too late.

McCoy’s emotional paralysis shows the danger of misplaced loyalty in corporate settings. Compliance professionals must prioritize facts over feelings. Only when Spock physically assaults the creature and reveals its true nature does McCoy accept the need for lethal action. It’s a painful but powerful lesson in balancing empathy with professional duty.

4. Storytelling and Visual Branding—Make the Message Memorable

🖖 Illustrated by the unforgettable reveal of the creature’s true alien form.

The creature’s transformation is a visual metaphor for uncovering the truth beneath appearances. For compliance programs, this underscores the importance of storytelling, compelling visuals, and emotional engagement. Dry policies don’t stick—memorable messages do. Think of the salt vampire’s final scene as a compliance training module with a bite.

5. Balancing Security and Compassion—Don’t Let the Monster in the Room Stay Hidden

🖖 Illustrated by the crew’s initial desire to give Nancy space, contrasted with the need for containment.

Compassion is vital—but so is security. The crew’s hesitation to confront “Nancy” creates a vulnerability that costs lives. In corporate compliance, this translates to having the courage to investigate suspicions swiftly and without prejudice. The longer you let a problem impersonate a solution, the greater the risk to your organization.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Blog

The Fall of the Alamo and Empowerment of the Compliance Professional

Today is the anniversary of the most historic day of many in the history of the great state of Texas, the date of the fall of the Alamo. While March 2, Texas Independence Day, is when Texas declared its independence from Mexico, and April 21, San Jacinto Day, is when Texas won its independence from Mexico, both probably have more long-lasting significance. If there is one word that Texas is known for worldwide, it is the Alamo. The Alamo was a crumbling Catholic mission in San Antonio where 189 men were held out for 13 days by the Mexican Army of General Santa Anna, which numbered approximately 5,000. But in 1836, Santa Anna unleashed his forces, which overran the mission and killed all the fighting men. Those who did not die in the attack were executed, and all the deceased bodies were unceremoniously burned. Proving he was not without chivalry, Santa Anna spared the lives of the Alamo’s women, children, and slaves. But for Texans across the globe, this is our day.

While Thermopylae will always go down as the greatest ‘Last Stand’ battle in history, the Alamo is in contention for Number 2. Like all such battles, sometimes the myth becomes the legend, and the legend becomes the reality. In Thermopylae, the myth is that 300 Spartans stood against the entire 10,000-man Persian Army. However, there was also a force of 700 Thespians (not actors, but citizens from the City-State of Thespi) and a contingent of 400 Thebans fighting alongside the 300 Spartans. Somehow, their sacrifices have been lost to history.

Likewise, the legend that elevates the Alamo battle to myth is the line in the sand. The story goes that William Barrett Travis, on March 5, the day before the final attack, when it was clear that no reinforcements would arrive in time and everyone who stayed would perish, called all his men into the plaza of the compound. He then pulled out his saber and drew a line in the ground. He said that they were surrounded and would all likely die if they stayed. Any man who wanted to stay and die for Texas should cross the line and stand with him. Only one man, Moses Rose, declined to cross the line. The immediate survivors of the battle did not relate this story after they were rescued, and the line-in-the-sand tale did not appear until the 1880s.

But the thing about ‘last stand’ battles is that they generally turn out badly for the losers. Very badly. I thought about this when Chuck Duross, back when he was head of the Department of Justice’s (DOJ) Foreign Corrupt Practices Act (FCPA) unit, said at a conference that he viewed anti-corruption compliance practitioners as “The Alamo” in terms of the last line of defense in the prevention of compliance violations. I gingerly raised my hand and acknowledged his tribute to the great state of Texas, but pointed out that all the defenders were slaughtered, so perhaps another analogy was appropriate. Everyone had a good laugh at the conference back then. But in reflecting on the history of my state and what the Alamo means to us all, I have wondered if my initial response was too facile.

What happens to a Chief Compliance Officer (CCO) or compliance practitioner when they have to make a stand? Do they make the ultimate corporate sacrifice? Will they receive the equivalent of a corporate execution as the defenders of the Alamo received? This worrisome issue occurred even if the person had resigned to pursue other opportunities.’ Michael Scher has been a leading voice in protecting compliance officers. In a post entitled Michael Scher Talks to the Feds, he said, “A compliance officer (CO) working in Asia asked for recognition and protection: “A CO will not stand up against the huge pressure to maintain compliance standards if he does not get sufficient protection under the law. Most COs working in the overseas operations of U.S. companies are not U.S. citizens, but they are usually the first to identify violations. Since the FCPA deals with foreign corruption, how could the DOJ and SEC not protect these COs? “

The DOJ is now looking at the quality of your CCO and compliance function and how they are perceived, treated, and received in the corporate setting. In the 2024 Evaluation of Corporate Compliance Programs (2024 ECCP), the DOJ expanded its inquiry to evaluate the “sufficiency of the personnel and resources within the compliance function, in particular, whether those responsible for compliance have: (1) sufficient seniority within the organization; (2) sufficient resources, namely, staff to effectively undertake the requisite auditing, documentation, and analysis; and (3) sufficient autonomy from management, such as direct access to the board of directors or the board’s audit committee.”

Further, there were four specific areas of inquiry and evaluation: (1) Structure, (2) Experience and Qualifications, (3) Funding and Resources, and (4) Autonomy.

In the section entitled “Structure,” the evaluation made the following inquiries:

  • How does the compliance function compare with other strategic functions in the company in terms of stature, compensation levels, rank/title, reporting line, resources, and access to key decision-makers?
  • What has been the turnover rate for compliance and relevant control function personnel?
  • What role has compliance played in the company’s strategic and operational decisions? How has the company responded to specific instances where compliance raised concerns?
  • Have any transactions or deals been stopped, modified, or further scrutinized due to compliance concerns?

In the section entitled “Experience and Qualifications,” the 2024 ECCP made the following inquiries:

  • Do compliance and control personnel have the appropriate experience and qualifications for their roles and responsibilities?
  • Has the level of experience and qualifications in these roles changed over time?
  • Who reviews the compliance function’s performance, and what is the review process?

In the area of “Funding and Resources,” the 2024 ECCP asked:

  • Has there been sufficient staffing for compliance personnel to effectively audit, document, analyze, and act on the results of the compliance efforts?
  • Has the company allocated sufficient funds for this?
  • Have there been times when requests for resources by compliance and control functions have been denied, and if so, on what grounds?

Finally, in the area of “Autonomy,” the 2024 ECCP asked:

  • Do the compliance and relevant control functions have direct reporting lines to any member of the board of directors and/or the audit committee?
  • How often do they meet with directors?
  • Are members of the senior management present for these meetings?
  • How does the company ensure the independence of the compliance and control personnel?

These were all deeper and more robust, focusing on the CCO and the DOJ compliance team. If your compliance team is run on a shoestring, you will likely be downgraded for your overall commitment to FCPA compliance. The same is true for promotions and other advancement opportunities within an organization. Not many organizations have a compliance function so mature that a CCO is appointed to another senior-level position.

Upon further reflection, Duross was correct, and the Alamo reference was appropriate for compliance officers. Sometimes we must draw a line in the sand with management. And when we do, we have to cross that line to get on the right side of the issue, and the consequences be damned. The DOJ has clarified that it expects CCOs and compliance professionals to draw that line when necessary, and that when they do, companies must heed their warnings.

Categories
Blog

A Merry (Compliance) Christmas and Tribute to Jim McGrath

Ed. Note: Jim McGrath was a great friend and a trusted colleague who passed away in 2014. As a tribute to McGrath and for Christmas this year, I submit the post below for your enjoyment, which initially appeared on McGrath’s Internal Investigations Blog on December 24, 2012.

The allegations under investigation involve gifts given by individual businessmen to the family of an Israeli government official several years ago. These businessmen, Mr. Balthasar, Mr. Gaspar, and Mr. Melchior, supposedly provided a family in the royal line of King David with significant gifts, including gold, frankincense, and myrrh, in return for favorable consideration of an as-yet undetermined project in the Middle East.

The three men are believed to be third-party intermediaries for many Christian church organizations in the United States, and, if verified, any jurisdictional nexus would appear to be based on this fact.

Whether any family member who received the gifts was or is a “government official”—as the DOJ has expansively defined that term—is unverified but likely. While Transparency International’s Corruption Perceptions Index does not list them in its annual rankings, a large body of other sources appears to establish one or more of them as linked to the ruling family in Israel.

Regardless of the strength of the government’s case in these respects, there remains the hurdle posed by the age of the alleged violations.  They are reported to have occurred approximately 2,012 years ago.  The DOJ could be expected to assert that the clock did not begin to run until the government recently became aware of Balthazar’s, Gaspar’s, and Melchior’s conduct. However, there appears to be a strong argument that voluntary self-disclosure occurred some time ago, thereby commencing the statutory period’s running and its expiration.

I hope you and your family have a wonderful Holiday Season and Merry Christmas.

Categories
Blog

It’s The Great Pumpkin Charlie Brown – Lessons in Process Validation Through Continuous Monitoring

Halloween is almost upon us, and we celebrate the greatest Halloween cartoon in the world’s history, “It’s the Great Pumpkin, Charlie Brown,” which premiered in 1966. As usual, the story revolves around the Peanuts gang, who are preparing for Halloween; Linus writes his annual letter to the Great Pumpkin, despite Charlie Brown’s disbelief, Snoopy’s laughter, Patty’s assurance that the Great Pumpkin is a fake, and even his sister Lucy’s violent threat to make her brother stop.

On Halloween night, the gang goes trick-or-treating. On the way, they stop at the pumpkin patch to ridicule Linus, missing the festivities as he has done every year. Undeterred, Linus is convinced that the Great Pumpkin will come, and he even persuades Charlie Brown’s little sister, Sally, to remain with him and wait. At 4:00 AM the following day, Lucy notices Linus is not in his bed. She finds her brother asleep in the pumpkin patch, shivering. She brings him home and puts him to bed. Later, Charlie Brown and Linus are at a rock wall, commiserating about the previous night’s disappointments. Although Charlie Brown attempts to console his friend, admitting he has also done stupid things, Linus angrily vows that the Great Pumpkin will come to the Pumpkin Patch next year.

In corporate compliance, much like in the world of It’s the Great Pumpkin, Charlie Brown, expectations must meet reality. In the compliance world, Linus’s actions might be likened to a company that sets up its processes without validating or continuously monitoring them. Year after year, Linus is let down because he needs to adjust his process or monitor his outcomes in real time. This is where the critical lesson in process validation through continuous monitoring becomes clear: Hope without validation is not a strategy. Let’s dive deeper into the compliance lessons from this Halloween favorite.

The Importance of Process Validation

Linus believes that his sincere faith in the Great Pumpkin will yield results. However, more than faith is needed to cut it in compliance. In the same way, companies may implement policies and procedures they believe will lead to effective compliance, but they need to validate these processes to ensure they are effective. Process validation is essential for ensuring that your compliance program operates as intended. From anti-bribery controls to third-party risk management, validating that processes work under real-world conditions ensures you aren’t waiting in a metaphorical pumpkin patch, hoping for good results.

As a compliance professional, you must validate that a process works after designing it, whether it is a transaction monitoring system or a third-party due diligence program. You must validate through testing, audits, and benchmarks to see if it’s achieving your desired outcomes.

The Role of Continuous Monitoring

Linus returns to the same pumpkin patch every year, never adjusting his approach and hoping that next time will be different. This is akin to organizations that implement processes without continuous monitoring—hoping things will change but never keeping a close eye on what’s happening in real-time. In the compliance space, continuous monitoring means maintaining oversight of key processes and using data-driven metrics to spot potential problems before they grow into major risks. Whether monitoring third-party interactions, employee transactions, or internal controls, compliance officers must ensure that data is continuously fed into the system. When a process is off course, continuous monitoring enables you to catch it early and correct it before it becomes a regulatory issue.

Every compliance professional should understand that continuous monitoring is essential for refining compliance processes. Regularly assess your systems, monitor anomalies, and make necessary adjustments. It’s about being proactive, not reactive.

Adjusting to Changing Realities

One of the more poignant lessons from It’s the Great Pumpkin, Charlie Brown, is that Linus doesn’t adjust his expectations despite repeated failures. He continues to sit in the pumpkin patch year after year. In compliance, ignoring evidence and sticking to outdated processes can lead to serious issues. Regulations change, risks evolve, and market conditions shift. A method that was valid last year may no longer be effective under new rules or circumstances. The only way to ensure your compliance program stays relevant is through ongoing adjustments based on continuous feedback.

As the corporate compliance expert, you must ensure that your compliance processes evolve with changing regulatory landscapes. Use continuous monitoring data to validate that your program remains robust in real-time conditions.

Clear Communication and Buy-In

Throughout It’s the Great Pumpkin, Charlie Brown, Linus is adamant about the arrival of the Great Pumpkin, but he fails to bring others along with him. His friends and even his sister don’t believe in his mission, leaving him alone in the pumpkin patch.

This illustrates the importance of communication and stakeholder buy-in in the compliance world. If compliance officers or departments communicate the value of continuous monitoring and validation, the rest of the organization will be engaged and supportive. Building an ethical culture requires alignment across all levels, from senior management to line employees. With it, your compliance efforts may be more cohesive than Linus’s pumpkin patch vigil.

Effective compliance depends on clear communication and organizational buy-in for the compliance professional. Ensure everyone understands the importance of continuous monitoring and how it safeguards the organization.

Linus’s faith in the Great Pumpkin may not pay off in It’s the Great Pumpkin, Charlie Brown, but for compliance professionals, validation and continuous monitoring can deliver real results. Compliance is about something other than waiting in the pumpkin patch, hoping things work out. It’s about ensuring your processes are tested, validated, and continuously monitored to catch risks early and compliance remains proactive rather than reactive.

Moreover, by watching the TV show, reading this blog, and, most importantly, applying these lessons, compliance officers can avoid Linus’s fate and ensure their processes are strong, dynamic, and capable of delivering the results they need to meet today’s regulatory demands. I hope you can watch It’s the Great Pumpkin, Charlie Brown again this year. I did. When you watch, think about the compliance implications. Will anyone ever set a ‘second set of eyes’ on the Great Pumpkin? If not, will it ever be validated? I hope you will be safe and dry if you are trick-or-treating tonight.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a really sincere pumpkin patch! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll SEE the Great Pumpkin!

You wait, Tom Fox.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a real, sincere pumpkin patch! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll see the Great Pumpkin!

Just wait, Tom Fox.

Categories
Innovation in Compliance

Innovation in Compliance: Scaling Compliance Programs: Insights from a Navy Veteran and Compliance Leader

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. This series is introduced by Tom Fox and hosted by Roxeanne Petraeus. Ethena sponsors this special five-part series on Innovation in Compliance.

In this engaging episode, Roxeanne Petraeus sits down with LaSalle Vaughn, a seasoned compliance leader and Navy veteran. They delve into Vaughn’s extensive experience in scaling compliance programs for both large and small companies, emphasizing the importance of top leadership buy-in, cross-functional collaboration, and creative compliance training solutions. Vaughn shares his journey to becoming a board member, the significance of network relationships, and how his military background informs his approach to building a strong compliance culture. The discussion also highlights the unique qualities of the Ethena compliance platform and the necessity of effective customer support. Listeners gain valuable insights on effective compliance strategies and career development in the compliance field.

Key highlights:

  • LaSalle Vaughn’s Background and Experience
  • Scaling Compliance Programs
  • Getting C-Suite Buy-In for Compliance
  • Cross-Functional Collaboration in Compliance
  • Path to Board Service
  • Military Influence on Compliance and Culture

Resources:

LaSalle Vaughn on LinkedIn

Ethena Website

Roxanne Petraeus on LinkedIn

Ethena on LinkedIn

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Hill Country Authors

Hill Country Authors Podcast – Exploring Writing, Literature, and Texas Coastal Culture with Skip Rhudy

Welcome to a new season of the award-winning Hill Country Authors Podcast, sponsored by Stoney Creek Publishing. In this podcast, Hill Country resident Tom Fox visits with authors who live in and write up the Texas Hill Country. In this episode, Tom Fox visits Skip Rhudy, a writer with deep ties to the Texas Gulf Coast.

Rhudy shares his experiences growing up in Port Aransas and delves into the contrasts of living in a tourist spot. They discuss Rhudy’s two novels, ‘Under the Gulf Coast Sun’ and ‘One Punk Summer,’ touching on themes of setting as character, the punk music scene in Austin, and preserving Texas culture through fiction. Rhudy also discusses his writing process, inspirations from Ernest Hemingway, and future projects, including a novel interwoven with Greek mythology and a nonfiction account of building a kit plane.

Key highlights:

  • Life in Port Aransas
  • Port Aransas Culture and Community
  • Holiday Vibes and Seasonal Contrasts
  • Setting as a Character in Literature
  • Writing Process and Inspirations
  • Texas History and Cultural Preservation
  • Comparing Two Novels
  • Punk Music and Austin’s Scene
  • Publishing Journey and Editorial Insights

Resources:

Skip Rhudy on Stoney Creek Publishing

‘Under the Gulf Coast Sun on Texas A&M University Press

Stoney Creek Publishing Website

 Podcast Cover Art

 Nancy Huffman Fine Art

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Hill Country Authors

Hill Country Authors Podcast – Unveiling Camptown: Charles Swenson’s Journey Through Forgotten Texas History

Welcome to a new season of the award-winning Hill Country Authors Podcast, sponsored by Stoney Creek Publishing. In this podcast, Hill Country resident Tom Fox visits with authors who live in and writes up the Texas Hill Country. In this episode, Tom Fox visits Charles Swenson, a passionate historian and author of Voices of Camptown.’

Swenson delves into the rich history of Camptown, a freedmen’s colony established in Brenham, Texas, following the Civil War. He explains his involvement in uncovering this lost community’s legacy, spurred by the discovery of the overgrown Camptown Cemetery. Swenson shares insights into the lives of the African American families who once resided there, their struggles during Reconstruction, and their achievements despite the adversities of Jim Crow. He also emphasizes the crucial role of education and the significant contributions of military veterans to these communities. Swenson’s research methods and collaboration with the Brenham Heritage Museum, along with local individuals like Eddie Harrison, highlight a neglected chapter of Texas history that he is dedicated to preserving. The episode closes with information on how listeners can learn more about Swenson’s work and his upcoming book.

Key highlights:

  • Discovering Camptown: A Historical Overview
  • Uncovering Camptown Cemetery
  • Research and Stories from the Past
  • The Importance of Historical Designation
  • Educational and Community Impact
  • Writing Process and Publication Journey

Resources:

Charles Swenson’s on Stoney Creek Publishing

Voices of Camptown on Texas A&M University Press

Stoney Creek Publishing Website

Podcast Cover Art

Nancy Huffman Fine Art

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 8 – Miri

In this episode of Trekking Through Compliance, we consider the episode Miri, which aired on October 27, 1966, Star Date 2713.5. In this episode of Trekking Through Compliance, we explore one of the eeriest and most profound cautionary tales in the Star Trek canon: “Miri.” When the crew responds to a distress signal from a planet that’s an exact duplicate of Earth, they find a society ravaged by a failed experiment in human longevity. Only children remain, while the adults, the “grups,” have all died from a virulent disease.

This haunting story is not simply science fiction. It is a case study of what happens when risk management is treated as an afterthought. We draw parallels between the biohazard breakdowns on the planet and the kinds of failures that modern compliance officers must guard against, whether in public health readiness, supply chain risk, or workforce welfare.

Episode Summary

A disfigured man attacks a landing party, who die after Kirk strikes him. They discover a preadolescent, Miri, who ran away from them because “grups” kill and maim children before dying. She and her friends are “onlies,” the only ones left. The distress call is traced to an automated signal. The landing party, except for Spock, notices purple lesions on their bodies; Miri tells them that these are the first signs of the disease, and they will soon develop into the same condition as the other adults. When the disease begins, its victims have seven days to live. Although Spock is immune, he considers himself a carrier who could infect the Enterprise if he returns.

Back on the Enterprise, after vaccinating everyone and leaving the children in the care of a medical team, Kirk sends for teachers and advisers to help the children improve their lives.

Key highlights:

1. Disaster Preparedness—A Cure Without a Contingency Plan

🖖Illustrated by: The civilization’s experiment to extend life, which instead wipes out all adults.

This central failure underscores the risks associated with scientific advancement that lacks proper risk assessment. The developers had no fallback, no regulatory oversight, and no crisis management framework in place. For compliance professionals, this serves as a reminder that innovation must be paired with effective scenario planning and disaster recovery protocols.

2. Environmental and Public Health Compliance—Invisible Risks Become Existential Threats

🖖Illustrated by: The crew’s infection with the disease upon beaming down, with lesions appearing days later.

This serves as a metaphor for health and safety non-compliance. Enterprises must be vigilant about how workplace conditions, unseen hazards, and biological risks can impact staff and operations. Proactive monitoring and rapid-response mechanisms are essential components of any risk management strategy.

3. Data Governance and Early Warning Systems—Responding Too Late

🖖Illustrated by: The automated distress signal continued even though no adult survivors remained.

The signal was still active, but no one was listening until it was far too late. In modern organizations, this is equivalent to ignoring audit logs, internal control alerts, or whistleblower reports that go unread. A culture of attentiveness to data and signals is crucial to catching issues before they cascade.

4. Supply Chain Risk—Critical Resource Shortages in the Field

🖖Illustrated by: The crew’s struggle to develop a cure with limited time, no labs, and deteriorating conditions.

Kirk and McCoy were caught without adequate resources. This scenario mirrors the real-world risks companies face when they lack redundancy in their supply chains, fail to conduct thorough vendor audits, or fail to plan for logistical disruptions. A robust compliance framework includes stress-testing the supply chain for resilience under duress.

Employee Welfare and Isolation—Psychological and Ethical Concerns in Hazard Zones

🖖Illustrated by: Spock’s decision not to return to the Enterprise due to the risk of contamination.

Spock’s sacrifice is a model of ethical risk containment. In any risk environment, whether it is a pandemic, data breach, or financial misconduct, companies must empower employees to make ethically sound decisions while providing mental health support for those isolated by crisis response roles.

Final Starlog Reflections

Miri is a chilling illustration of what happens when ambition outpaces ethics and planning. The children left behind are the victims of a society that prioritizes progress over protection. For compliance professionals, this episode serves as a vivid reminder that a well-crafted compliance program is not just about preventing misconduct—it’s about preparing for the unknown.

Resources

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Blog

The Enemy Within: Duality, Decision-Making, and the Ethics of Power

Show Summary

Today, we examine one of the most psychologically compelling Star Trek episodes to date: The Enemy Within. A transporter malfunction splits Captain Kirk into two versions of himself: one good and one evil. Each represents different aspects of leadership, impulse, and integrity. As the crew struggles to respond to the fractured captain, we’re given a front-row seat to the ethical breakdowns and Me Too-era lessons still resonant today. I explore five key compliance takeaways from this tale of divided identity, linking them directly to scenes aboard the Enterprise that show what happens when power is unmoored from principle and when control systems, both technical and ethical, fail.

Key Highlights and Star Trek Case Studies

1. The Dangers of Unchecked Power—When ‘Authority’ Becomes Assault

Illustrated by: Evil Kirk attacking Yeoman Janice Rand in her quarters.

One of the most disturbing moments in early Trek canon, this assault serves as a stark warning about the abuse of power. Evil Kirk resembles the captain and carries his authority, but lacks a conscience. It’s a Me Too moment that reveals the need for every organization to install guardrails, even around its most powerful figures. Compliance must include mechanisms to protect the vulnerable from those who misuse rank or influence.

2. Ethical Decision-Making Requires Wholeness—The Fragmented Leader Can’t Lead 

Illustrated by: Good Kirk losing decisiveness, compassion becoming indecision.

As “good” Kirk weakens, Spock and McCoy realize that without the aggressive, assertive part of his personality, the captain cannot lead. This reinforces the idea that ethical leadership is not about being soft; it is rather about striking a balance. Compliance leaders need the courage to act and the heart to guide. Ethical strength is integrative, not binary.

3. Crisis Response and Chain of Command—When Leadership Wavers, Chaos Breeds

Illustrated by: Evil Kirk taking the bridge and ordering the ship away from orbit.

With no one certain which Kirk is in control, the crew becomes vulnerable to manipulation. This episode serves as a cautionary tale about the importance of clarity in the chain of command and protocols for handling leadership incapacitation. In corporate compliance, crisis scenarios must anticipate rogue actors with access to decision-making tools.

4. Investigating Allegations—Belief, Process, and Support Matter

Illustrated by: Spock and McCoy interviewing Rand after her assault.

Their interview is subtle but painful. The tension in believing victims, navigating hierarchical power, and confronting uncomfortable truths is deeply relevant today. A strong compliance program ensures that all allegations are taken seriously, investigated professionally, and addressed with empathy and integrity.

5. Reintegration and Remediation—Restoring What Was Broken

Illustrated by: The merging of good and evil Kirk through a restored transporter.

Rebuilding trust and a unified identity requires technology, trust, and time. Just as Kirk must reabsorb the parts of himself to lead again, organizations recovering from misconduct must integrate the lessons learned into their culture, policies, and leadership. The ultimate goal is not punishment alone but rather to restore the organization’s ethical function.

Final Compliance Log Thoughts

The Enemy Within is more than a science fiction tale. It’s a mirror to every compliance program, showing us how quickly things unravel when power is unrestrained, when voices are ignored, and when organizations fail to integrate strength with morality. It is also a hopeful reminder that even fractured systems can be repaired if we face the truth with clarity and courage.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Internal Controls for Third Parties

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How to make specific internal controls for 3rd parties.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.