Author: admin

Categories
Blog

How Transparency Reporting is Transforming Life Sciences

What is transparency reporting in life sciences? How does it impact your compliance program? I recently had the opportunity to visit with Lucas Croteau, an innovator in the life sciences compliance sector, to explore these and other questions, highlighting the challenges, opportunities, and innovative solutions that are reshaping compliance practices in the life sciences sector today. (The full podcast is available here.) Croteau shared his journey and expertise in transparency reporting—a critical yet often overlooked component of life science compliance.

Lucas Croteau’s professional journey is nothing short of fascinating. With over a decade in consulting and eight years dedicated to compliance, Lucas has become a leading figure in transparency reporting. His initial foray into this niche area began at Medispend, a pioneer in software solutions for compliance. Over the years, Lucas noticed a significant gap: while many tools existed, the expertise to implement and manage transparency programs effectively was lacking.  This realization led Lucas to found TracedData, a company dedicated to bridging the gap between technology and practical application. His mission? Compliance should be manageable and accessible, particularly for small to mid-sized life sciences companies.

Since 2010, the most recurring theme in all my compliance-related speeches, talks, and presentations has been the critical importance of documentation. As I often say, any compliance program’s three most important aspects are document, document, document. Croteau shares this sentiment, emphasizing that meticulous documentation is the backbone of any successful transparency program. It is not simply about meeting regulatory requirements but about creating an auditable, transparent system that can withstand scrutiny from regulators and business partners.

Croteau identified a market need for expert support in transparency reporting, especially for small to mid-sized companies, which need to be more significant to have a dedicated Chief Compliance Officer or corporate compliance function. These organizations often run lean compliance programs, requiring more internal resources to handle the complexities of transparency reporting. This is where TracedData steps in, offering a solution that is both cost-effective and comprehensive.

Croteau prefers “insourced” over “outsourced” to describe his approach. His team integrates seamlessly into client organizations, functioning as an extension of their staff. This model ensures compliance is a checkbox activity and a well-managed, ongoing process.

TracedData’s primary customers are small to mid-sized pharmaceutical, medical device, and biotech companies. These organizations often struggle to maintain robust compliance programs due to limited resources. For them, outsourcing transparency reporting to a specialized partner like TracedData provides significant value. It allows them to focus on their core business activities while ensuring compliance with regulatory requirements.

Croteau explained that many small—to mid-sized companies either need to help hire full-time compliance experts or delegate tasks to employees who lack the necessary expertise. TracedData fills this gap by offering specialized services at a fraction of the cost of an in-house team. Lucas and his team handle everything from data capture to report submission. They work closely with clients to build audit-ready programs, ensuring all documentation and regulatory requirements are in place. This comprehensive approach allows companies to achieve compliance without the associated stress and resource drain.

Artificial Intelligence (AI) is a hot topic in compliance, and for good reason. It has the potential to revolutionize how we manage and report data. Lucas sees AI as a significant opportunity in the life sciences sector, particularly for data monitoring and proactive risk mitigation. While AI is still emerging, its potential to streamline compliance processes and enhance accuracy is undeniable.

Croteau highlighted the work of Helio, a company at the forefront of AI in life sciences. They utilize AI to monitor data effectively, providing a glimpse into the future of compliance management. At TracedData, AI is already used to identify and correct misclassified transactions, demonstrating its practical benefits.

Compliance in the life sciences sector is not confined to the United States. Companies operating globally face myriad regulatory requirements, each with its own nuances. Lucas explained that transparency reporting varies significantly from country to country, making it a complex and ever-evolving challenge. Some companies build global reporting structures to manage this, while others handle compliance country-by-country. This tailored approach ensures that local regulations are met but also requires a deep understanding of each market’s requirements.

My conversation with Croteau underscored the importance of expertise, documentation, and innovative solutions in life sciences compliance. Companies must adapt as the regulatory landscape evolves by leveraging specialized partners and embracing new technologies like AI. For small to mid-sized companies, outsourcing transparency reporting to experts can provide the assurance and efficiency needed to thrive in this challenging environment.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance: Episode 31— AI, Compliance and Crypto

What happens when two top compliance commentators get together? They talk compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

In this episode of 2 Gurus Talk Compliance Podcast, hosts Kristy Grant-Hart and Tom Fox discuss AI’s role in unmasking whistleblowers, the latest fallout from cryptocurrency firms under SEC scrutiny, advancements in tracking sanctioned commodities, and the humorous mishap involving a Florida man and laxatives. They also delve into the implications of workplace violence prevention laws, BP’s new office relationship rules, and check in on corruption and legal developments involving figures like Bob Menendez and Benny Steinmetz. Ending on a lighter note, a Florida man finds himself in trouble after substituting opioids with laxatives.

Stories Include:

  • Tyson Foods CFO was suspended for drunk driving. (Bloomberg)
  • 5 takeaways from Menendez trial.(CNN)
  • FAA says greater oversight needed over Boeing.(NYT)
  • Terraform settles with SEC for $4.5bn.(FT)
  • Beny Steinmetz profile.(OCCPR)
  • The Double-Edged Impact of AI Compliance Algorithms on Whistleblowing (National Law Review)
  • BP Tightens Rules Over Office Relationships in Wake of Former CEO’s Departure (WSJ)
  • Keeping Sanctioned Russian Timber Out of the EU Is Tricky. This Nonprofit Has a Solution (WSJ)
  • New York Bill Would Provide Protections Against Workplace Violence for Retail Employees (Seyfarth)
  • Florida Man Steals Constipation Drugs Thinking They Were Opioids (Florida has a right to know) 

Resources:

Kristy Grant-Hart on LinkedIn

Spark Consulting

Prove Your Worth

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance and AI

Compliance and AI: Lucas Croteau on AI and Reporting within Life Sciences Compliance

What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These are but three of the many questions we will explore in this cutting-edge podcast series, Compliance and AI, hosted by Tom Fox, the award-winning Voice of Compliance.

In this episode, Tom visits Lucas Croteau, a leader in life sciences compliance.

This podcast delves into Lucas’s professional journey, his work with transparency reporting for companies, and his tenure with MediSpend, which led him to co-found TracedData. Croteau discusses his target market, primarily small to midsize pharmaceutical, medical device, and biotech companies, and the pressing need for transparency and compliance in these industries. The conversation also explores the role of artificial intelligence in compliance reporting, the challenges of managing regulatory requirements globally, and the importance of strategic partnerships for efficient compliance programs.

Key Highlights:

  • Lucas Croteau ‘s Professional Background
  • Founding TracedData and Market Needs
  • Making Compliance Easy with TracedData
  • Data Capture in Life Sciences Compliance
  • AI in Compliance Reporting
  • Global Regulatory Challenges
  • Future of Life Sciences Compliance

Resources:

Lucas Croteau on LinkedIn

TracedData

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: June 21, 2024 – The Corruption in The Bankruptcy Court Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • The best report yet on the corruption in the Houston Bankruptcy Court.  (WSJ)
  • Adidas probes corruption allegations. (WSJ)
  • Unusual betting patterns before the British election announcement. (FT)
  • A judge says BBVA should face a corporate espionage trial. (Bloomberg)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
12 O’Clock High-a podcast on business leadership

12 O’Clock High: Gary De Rodriguez on Garnering The Competitive Capitalistic Edge

In this episode, Tom Fox welcomes Gary De Rodriguez, an expert in humanistic neuro-linguistic psychology. We take a deep dive into his unique journey from volunteer work in the AIDS community to becoming an expert in neuro-linguistic programming and humanistic psychology.

De Rodriguez shares insights into how he developed accelerated change techniques to help people resolve issues quickly, leading to his current role in training and consulting. They discuss the importance of self-leadership, the impact of executive alignment on organizational culture, and the significant role of emotional intelligence in fostering successful work environments.

De Rodriguez also highlights the transformative power of kindness and humanity in bridging generational gaps within the workforce.

Key Highlights:

  • Professional Background and Early Career
  • Transition to Neuro-Linguistic Programming
  • Corporate Training and Self-Leadership
  • Humanistic Business and Conscious Capitalism
  • Implementing Cultural Change in Organizations
  • The Importance of Self-Awareness in Leadership
  • Challenges of Multi-Generational Workforces

 Resources:

Gary De Rodriguez on LinkedIn

Gary De Rodriguez

Peopleistic

Humanistic Business: Profit Through People with Passion and Purpose on Amazon.com

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 20 – Compliance Lessons from Court Martial

In this episode of Trekking Through Compliance, we consider the episode Court Martial, which aired on February 2, 1967, with a Star Date of 2947.3.

Story Synopsis

After sustaining severe damage in an ion storm, the Enterprise is forced to seek repairs at Starbase 11, where Commodore Stone investigates the death of records officer Ben Finney, who died in the storm. Stone finds it was Kirk’s negligence that led to Finney’s death. A trial ensues, and Kirk’s former flame, Ariel Shaw, is the prosecuting attorney. Kirk seeks the services of attorney Samuel T. Cogley.

Spock discovers something amiss in the Enterprise’s program bank after he beats the computer five times, even though its program should not be capable of losing. Recognizing the computer has been tampered with, they find Finney and Kirk’s record is cleared, and Samuel Cogley takes on a new case: defending Finney.

Commentary

In this episode of ‘Trekking Through Compliance,’ host Tom Fox explores the compliance lessons learned from the ‘Star Trek’ original series episode ‘Court Martial.’ Featuring the trial of Captain Kirk for an alleged violation during an ion storm, the episode delves into themes of due process, conflicts of interest, evidence preservation, and the role of expert testimony in compliance investigations. Tom draws parallels between the show’s narrative and key compliance principles such as transparency, accountability, and whistleblower protections, providing insightful takeaways for compliance professionals.

Key Highlights

  • The Incident at Starbase 11
  • Kirk’s Court Martial Begins
  • Spock’s Discovery and the Final Verdict
  • Compliance Lessons from Court Martial

Resources

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Regulatory Ramblings

Regulatory Ramblings: Episode 47 – The Biggest Bank Heist in History Is Coming with Linda Jeng

Linda Jeng is a digital economy leader and strategist with over two decades of experience in FinTech, policy, and regulation. She is the founder & CEO of Digital Self Labs, a Washington D.C.-based Web3 advisory firm. Digital Self Labs is a cross-disciplinary advisory firm combining blockchain software expertise with policy and regulatory strategy.

Linda helps clients design and implement innovative solutions that empower individuals and enable interoperability, transparency, and efficiency in the financial and digital sectors. 

She is also a renowned scholar and educator, with affiliations at Georgetown University Law Center, Duke University Law School, and the Bank for International Settlements. She conducts cutting-edge research and teaches courses on open banking, digital identity, and decentralized finance (DeFi). and has authored several publications and contributed to influential books on these topics. She is a frequent media speaker, commentator, and a Forbes contributor. Linda holds a J.D. from Columbia Law School and a master’s in EU and International Law from Université Toulouse Capitole. She speaks Mandarin Chinese, French, and essential German. 

In this episode of Regulatory Ramblings, she talks to host Ajay Shamdasani about an op-ed piece she wrote, which Coindesk published entitled “The Biggest Bank Heist in History Is Coming.” 

The discussion’s premise and focus are that regulators permit banks to tokenize financial assets such as bank deposits, U.S. Treasuries, and corporate debt. Yet, they want institutions to use permissioned networks rather than the decentralized blockchains that keep assets safe from hackers. 

As Linda stated in her article: “In February, the Office of the Comptroller of the Currency’s acting head, Michael Hsu, announced plans for new rules on operational resilience for large banks with critical operations, including third-party service providers. Critically, what wasn’t discussed was that the rules would “treat the use of permissioned networks by the big banks to tokenize real-world assets and liabilities, an omission that neglects critical new vulnerabilities for the global financial system.” 

A key theme of the conversation is that encouraging permissioned networks over permissionless blockchains will inevitably lead to cybersecurity attacks “on a scale previously unknown as the financial system moves to tokenize trillions of dollars worth of real-world assets and liabilities. The biggest bank heist in history is in the making.” 

“By contrast, most successful crypto hacks usually involve centralized protocols where hackers only need to hack the admin keys of one or a few actors to gain control and steal digital assets. Similarly, permissioned networks are controlled by only a few parties so that they can be more easily hacked than blockchains maintained by thousands of validators. The concentration of attack vectors in the big banks that control these permissioned networks (or the central banks that control non-blockchain ledgers) is like sticking targets on their backs,” she said. 

Linda discusses how she ended up in the legal profession, what drew her to digital assets as a scholar, and how she believes the worst attacks against banks are yet to come. 

Podcast Discussion

3:51 The journey of the family rebel to empower self and community 

12:34 Taking on the challenge of understanding the causes of the 2008 financial crisis 

17:23 The Dodd-Frank Act is still relevant today 

21:36 The role of Big Tech in the financial system is a significant issue 

22:43 Fractional reserve banking: CBDCs and Stablecoins, design is key 

24:37 The nature of money is changing—exciting times in FinTech 

27:22 Tokenized real-world assets must be in the most resilient system possible 

31:21 The security advantage of permissionless systems over permission systems 

33:27 Seeing the parallels between tech and law: working in a cross-disciplinary way 

37:28 Lawyers should have a seat at the product design table 

38:42 The biggest regulatory challenge: a lack of understanding about the benefits of decentralization 

40:40 Self-empowerment: Why web3 matters 

42:09 The future web should restore personal control to identity and assets 

45:01 Taking back our rights from Big Techs 

48:42 It is an Exciting time to be studying law as technology fundamentally changes most things 

50:41 AI, Google Search, and new tools: The need to change how we research and write 

Connect with RR Podcast at:

LinkedIn: https://hk.linkedin.com/company/hkufintech 
Facebook: https://www.facebook.com/hkufintech.fb/
Instagram: https://www.instagram.com/hkufintech/ 
Twitter: https://twitter.com/HKUFinTech 
Threads: https://www.threads.net/@hkufintech
Website: https://www.hkufintech.com/regulatoryramblings 

Connect with the Compliance Podcast Network at:

LinkedIn: https://www.linkedin.com/company/compliance-podcast-network/
Facebook: https://www.facebook.com/compliancepodcastnetwork/
YouTube: https://www.youtube.com/@CompliancePodcastNetwork
Twitter: https://twitter.com/tfoxlaw
Instagram: https://www.instagram.com/voiceofcompliance/
Website: https://compliancepodcastnetwork.net/

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 19 – Tomorrow is Yesterday

In this Trekking Through Compliance episode, we consider Tomorrow is Yesterday, aired on January 26, 1967, Star Date 3113.2.

The USS Enterprise is thrown back in time to Earth during the 1960s by the effects of a high-gravity “black star.” Enterprise ends up in Earth’s upper atmosphere, is picked up as a UFO on military radar, and photographed by a USAF jet. Fearing the pilot could disrupt the timeline if returned to Earth, Kirk at first decides that the pilot must stay with the Enterprise. After learning of the existence of film taken off the Enterprise by Christopher’s wing cameras, Kirk and Sulu beam down to the airbase to recover the film and any other evidence of their visit.

After they return to the ship, Spock and Chief Engineer Scott inform Kirk of a possible escape method: slingshotting around the Sun to break away and return to their time. Kirk okays the maneuver, and time on board slows down. The Enterprise then successfully returns to the 23rd century.

Commentary

In Episode 19 of ‘Trekking Through Compliance,’ host Tom Fox explores the Star Trek episode ‘Tomorrow is Yesterday’ to highlight important compliance lessons. The episode centers on the Enterprise crew’s accidental trip back to 1960s Earth and their efforts to minimize disruption to the timeline.

Key compliance takeaways include:

  • the importance of systematic information gathering,
  • minimizing disruption,
  • leveraging contextual clues,
  • adapting communication styles, and
  • judicious use of technological advances.

These insights are tied back to core compliance and investigative practices, offering practical advice for compliance professionals.

  • Episode Summary: Tomorrow is Yesterday
  • Key Compliance Takeaways
  • Lesson 1: Systematic Information Gathering
  • Lesson 2: Minimizing Timeline Disruption
  • Lesson 3: Leveraging Contextual Clues
  • Lesson 4: Adapting Communication Styles
  • Lesson 5: Judicious Use of Technology
  • Conclusion and Final Thoughts
Categories
Blog

Enterprise Risk Assessment: Essential Strategies for Compliance Professionals

An Enterprise Risk Assessment is fundamental to managing an organization’s strategic and operational landscapes. For compliance professionals, navigating the intricate world of risk can be particularly complex yet crucial. It includes risk identification, analysis, risk assessment, management, ongoing monitoring, and continuous improvement. The enterprise risk assessment process helps organizations to identify and manage potential risks proactively, allocate resources more effectively to address the most critical risks, improve decision-making and strategic planning, enhance resilience and adaptability to changing conditions, comply with regulatory requirements and industry standards, and protect the organization’s reputation and stakeholder confidence.

It all begins with identifying risk, as the first step in enterprise risk management is identifying potential risks. These areas can include consulting management and executive leadership. Often, key insights come from asking management about what concerns them the most. These discussions can provide a broad view of issues that could become significant risks. You can analyze your competitors by reviewing competitors’ regulatory filings, such as the 10-K and 10-Q reports. This can allow you to identify risks that are common in the industry. You can review litigation patterns: By regularly understanding the types of litigations your company faces, you can pinpoint areas that require mitigation. It can also come through a manner as straightforward as your daily interactions in regular conversations with employees across different functions, which can bring to light operational risks that are not immediately apparent.

The next crucial step is assessing these risks. Here, you should design and calculate both inherent and residual risks. An inherent risk is a level of risk without any controls. For instance, a company with significant foreign operations inherently has a higher risk concerning the Foreign Corrupt Practices Act (FCPA). A residual risk is determined when, after implementing control measures, the remaining risk is termed residual risk. This reflects how effective the control measures are in mitigating the identified risks.

A company with only a domestic company would generally have a low inherent FCPA risk, whereas a multinational corporation would face high inherent risks due to its global operations.

From there, you should assess the risks you have determined. You should prioritize the identified risks based on residual risk levels, focusing on the highest-priority risks requiring immediate attention and action. This helps the organization allocate resources and attention to the most critical risks.

You must also evaluate whether the residual risk levels for each identified risk are within the organization’s defined risk appetite and tolerance thresholds. Identify any risks that exceed the organization’s risk appetite and require further risk treatment or mitigation measures.

The next step is your overall risk management strategy. This will depend on the position of various risks on a heat map, a visual representation of risks based on their impact and likelihood. It starts with high-impact, low-likelihood risks that fall into the quadrant, such as cybersecurity threats, which can be managed by transferring them to third parties via insurance policies. Next are high-impact, high-likelihood risks, requiring robust internal controls to minimize occurrence. Finally, low-impact, low-likelihood risks can be monitored and accepted without intensive mitigation efforts. A key part of risk management involves continuous monitoring and reassessment, reflecting the dynamic nature of the business environment. For instance, the shift to remote working during the COVID-19 pandemic introduced new risks that required novel mitigation strategies.

Determining an organization’s risk appetite involves discussing it with executive leadership and possibly the board of directors. It’s about balancing taking on certain risks and having strategies to manage them effectively. Risk appetite discussions often revolve around the results of the risk assessments. The objective is to align the company’s strategies with its willingness and ability to tolerate various risks.

A critical challenge in risk assessment is achieving consensus when there are differences in risk perceptions. Some methods for bridging this gap include:

  • Pre-Surveying Key Stakeholders: Stakeholders are surveyed for risk rankings before detailed discussions.
  • Calibration Sessions: These sessions involve detailed discussions among knowledgeable stakeholders aligned against the survey results and the risk assessment calculations.
  • Iterative Adjustments: Participants agree upon the risk scores through a structured dialogue, ensuring that the assessment is robust and reflective of collective insights.

Complex businesses with specific risk factors, like those in the technology or healthcare sectors, might require deep-dive assessments. These assessments focus intensely on areas such as cybersecurity or regulatory compliance, providing detailed insights into the broader risk management framework.

Resistance to implementing risk mitigation strategies can be a significant hurdle, especially for low-likelihood but high-impact risks. You should ensure that all recommendations and management refusals are well-documented. This protects the compliance team and provides a clear record should issues arise. You can also explore insurance options for transferring specific risks, making compliance a cost-effective ally to business operations.

Effective enterprise risk management is a continuous, multi-faceted process that balances risk identification, assessment, mitigation, and monitoring. By leveraging structured methodologies and collaborative approaches, compliance professionals can ensure that their organizations are well-prepared to navigate the complex global risk landscape. Understanding and managing enterprise risks is not just about compliance—it’s about fostering a resilient, proactive, and forward-thinking organizational culture.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Data Analytics for Law and Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In today’s episode, we explore the intersection of data analytics and both law and compliance.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.