Author: admin

Categories
Data Driven Compliance

Data Driven Compliance: Sherlock Holmes on Pattern Recognition in Data-Driven Compliance

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data-Driven Compliance podcast, hosted by Tom Fox. This podcast features an in-depth conversation around the uses of data and data analytics in compliance programs. Data-Driven Compliance is back with another exciting episode. Today, I take a solo turn to talk about data analytics and pattern recognition for the compliance professional in the context of the Sherlock Holmes short story, The Adventures of the Dancing Men. For a deep dive into the story, check out the episode on my Sherlock Holmes pod, Adventures in Compliance.

In this story, Holmes decodes stick figures to solve the mystery. One of the tools he uses is pattern recognition, which plays a pivotal role in data-driven compliance programs, serving as a tool to identify anomalies and potential compliance issues. It involves the systematic observation of data to identify recurring elements or trends, even in seemingly random data, and interpreting these patterns within the appropriate context to provide meaningful insights. The importance of this process for the compliance professional cannot be overstated.

Pattern recognition requires both creativity and flexibility, and it can help predict future outcomes, optimize processes, and inform decision-making in compliance programs. I also discuss the significance of an iterative approach, which involves continuous improvement based on new information and collaboration with others to enhance analytic capabilities and gain deeper insights. Check out this most unique and interesting episode of the Data-Driven Compliance podcast, where Sherlock Holmes instructs the modern compliance professional on Data-Driven Compliance.

 Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Innovation in Compliance

Innovation in Compliance – Jeff Grant on The 400th Meeting of The White Collar Support Group

Innovation comes in many areas and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Jeff Grant, a compassionate leader and the founder of a white collar support group, a platform dedicated to assisting individuals prosecuted for white collar crimes and their families.

Jeff’s perspective on the importance of such support groups is shaped by his extensive experience going through the full white collar criminal experience, including jail, disbarment, release, and recovery. He has organized over 400 meetings, creating a safe space for individuals to share their experiences and challenges. Jeff views these groups as a vital resource, filling a significant gap in the criminal justice system by providing knowledge, empathy, and compassion to those who have been isolated and stigmatized. His advocacy for the rights and leniency of individuals prosecuted for white collar crimes is driven by his desire to bring their complex human tragedies to light and promote noncustodial sentences for low-level and nonviolent crimes. Through his work, Jeff continues to expand the impact of these support groups, viewing them as a lifeline for those navigating the challenges of the impact of  their white collar crimes.

Key Highlights:

  • The 400th Meeting
  • Supporting Families of White Collar Criminals
  • Transforming Lives Through Spiritual Guidance
  • Supporting White Collar Crime Victims and Advocacy

Resources:
Jeff Grant on LinkedIn | Twitter
Grant Law
Prisonist.org

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: What The Pandemic Changed for Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider the ongoing trends that accelerated during the pandemic year of 2022 and how these changes have impacted compliance literally forever.

These changes include:

  1. Compliance Convergence
  2. Public/private partnership in the ABC fight
  3. Data, Data, Data
  4. Compliance as an ethical & business advantage

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Daily Compliance News

Daily Compliance News: February 13, 2024 – The Quiet Hiring Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • What is quiet hiring?  (FT)
  • Xi’s never-ending corruption hunt. (BBC)
  • More Ohio state charges in the FirstEnergy corruption scandal. (WSJ)
  • A Huawei killer. (WaPo)

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Blog

Solar Winds Under GDPR: Corporate Responsibility and Risks in Data Protection

The General Data Protection Regulation (GDPR) has significantly changed how organizations handle data protection and privacy. It emphasizes the importance of transparency and honesty in disclosing data breaches and vulnerabilities. In a recent episode of the podcast Life with GDPR, Tom Fox and Jonathan Armstrong from Cordery Compliance discussed the topic of corporate responsibility and risks in data protection, with a particular focus on the SolarWinds case.

To recap, in late 2023, the SEC filed a lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, bringing the issue of executive liability in cybersecurity disclosures to the forefront. The lawsuit raised important questions about the personal liability of senior executives for inaccurate risk disclosures and has potential implications for other industries under US securities law.

The 2020 breach, orchestrated by Russian hackers, targeted SolarWinds’ software, Orion, and exposed highly sensitive information. The hackers gained access to SolarWinds and planted spyware in the Orion program. SolarWinds then distributed an update to its corporate customers, unknowingly spreading the Russian spyware. This allowed the hackers to access the highest levels of the US government and major corporations.

The SEC’s lawsuit against SolarWinds and Tim Brown focused on the poor disclosures about the company’s information security throughout 2018, 2019, and 2020. While SolarWinds publicly claimed to have good cybersecurity, internal communications revealed that employees were aware of the company’s cybersecurity issues and considered them a mess. This discrepancy between internal knowledge and external disclosures formed the basis of the SEC’s allegations.

The SEC complaint alleged that SolarWinds’ public statements about its cybersecurity practices and risks were at odds with its internal assessments, including a 2018 presentation prepared by a company engineer and shared internally, including with Brown, that SolarWinds’ remote access set-up was “not very secure” and that someone exploiting the vulnerability “can do whatever without us detecting it until it’s too late,” which could lead to “major reputation and financial loss” for SolarWinds. Similarly, as alleged in the SEC’s complaint, 2018 and 2019 presentations by Brown stated, respectively, that the “current state of security leaves us in a very vulnerable state for our critical assets” and that “[a]ccess and privilege to critical systems/data is inappropriate.”

Beyond this SEC enforcement action, there were other implications as well. One key takeaway from the episode is the pressure on corporate leaders, including CISOs, Data Protection Officers, and Compliance Officers, to disclose data breaches promptly. While GDPR offers some protection to Data Protection Officers, they are not entirely exempt from liabilities. The SolarWinds case serves as a reminder of the need for specific and timely disclosure of breaches and the importance of addressing system vulnerabilities.

The risks associated with data breaches are not limited to regulatory fines. Litigation risks are a significant concern for organizations, with shareholders and whistleblowers potentially seeking legal action. The episode highlights the importance of transparency and not misrepresenting information to regulators. Misrepresentations can lead to severe consequences for individuals in positions of responsibility within corporations.

Budget constraints can also hinder the timely fixing of vulnerabilities, ultimately leading to breaches. Organizations need to take proactive measures to identify and address vulnerabilities promptly. Realistic resource assessments are crucial to ensuring that adequate resources are allocated to data protection efforts. Additionally, having adequate insurance protection, such as Directors and Officers (D&O) insurance, can help protect individuals in positions of responsibility from potential liabilities.

The episode also emphasizes the need for organizations to consider the impact on their stock exchange filings when deciding whether to disclose a data breach. The decision to admit a violation of a stock exchange can be challenging and depends on factors such as materiality. Organizations need to assign a dedicated team to consider these factors, mainly when engaged in transactions like mergers and acquisitions or fundraising.

Transparency and honesty are key principles in data protection and privacy. Audit reports and investigation findings must be acted upon promptly to address vulnerabilities. Emails and other forms of communication can serve as evidence in legal proceedings, highlighting the importance of careful communication within organizations.

The potential for litigation is significant in data breach cases. Shareholders may seek legal action if they believe the value of their stock has been affected. Whistleblowers, incentivized by various jurisdictions, may also come forward with information. This highlights the need for organizations to maintain a culture of transparency and integrity and for individuals to review their remuneration packages to avoid conflicts of interest.

In conclusion, GDPR, corporate responsibility, and risks in data protection are interconnected. Organizations must prioritize transparency, honesty, and timely disclosure of breaches and vulnerabilities. Proactive measures, realistic resource assessments, and adequate insurance protection are crucial to mitigating risks. By considering the impact on stock exchange filings and maintaining a culture of integrity, organizations can navigate the challenges associated with data protection and privacy in the GDPR era.

Categories
All Things Investigations

All Things Investigations – Kevin Carroll on The Trump Immunity Appeal

Welcome to the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group’s podcast, All Things Investigation. In this podcast, I joined HughesHubbardReed partner Kevin Carroll to take a deep dive into the DC Court of Appeals opinion on the immunity claim of Citizen Trump.

Kevin Carroll’s perspective on the percussive opinion on Trump’s immunity doctrine claims is that it was a significant and positive development for democracy. Carroll expresses satisfaction with the unanimous opinion and believes that it comprehensively addresses the issues at stake. His understanding of the resolution of Bill Clinton’s special counsel case further reinforces his belief that former presidents can be held criminally liable for conduct committed in office. He also emphasizes the importance of the opinion being written in a way that is understandable to non-lawyers and the weight of the per curium nature of the opinion, indicating that all three judges signed it, making it difficult to challenge or dismiss any part of it.

Join Tom Fox and Kevin Carroll on this episode of All Things Investigation to delve deeper into this topic.

Key Highlights:

  • Unified and Authorless Judicial Decisions
  • Expiration and Integration of Presidential Terms
  • Influence and Binding of the Opinion
  • The Crucial Role of the Appeal Process
  • Wither the Mandate?

Resources:

Hughes Hubbard & Reed website

Kevin Carroll on LinkedIn

Categories
Corruption, Crime and Compliance

Trade Compliance Trends and Expectations with Gabrielle Griffith

Gabrielle Griffith, Director of BPE Global, is an expert in trade compliance issues. Gabrielle assists clients in implementing effective trade compliance programs by addressing improvements within organizations’ people, processes, and systems. In the area of U.S. export controls, she advises clients on compliance with the International Traffic in Arms Regulations, the U.S. Export Administration Regulations and the various embargo and sanctions programs administered by the Office of Foreign Asset Controls. On import compliance matters, she advises on classification, country of origin, special duty programs such as USMCA, focused assessments, C-TPAT, antidumping/countervailing duty, as well as Sections 232 and 301 matters. Gabrielle joins Michael to discuss current trade compliance trends and expectations for 2024.

  • The increase in national security risk has heightened the need for creative thinking to identify potential threats that may not be designated within regulations. This means that companies must go beyond traditional compliance measures and think outside the box to proactively address emerging risks to national security.
  • Global companies are facing unprecedented risks and challenges in today’s economy, leading to a greater emphasis on robust ethics and compliance programs. These programs are essential for promoting positive corporate citizenship and mitigating the legal and economic risks associated with corruption and crime.
  • Trade compliance is no longer a silo within a compliance department but must be integrated into the entire operation of a company. This means that trade compliance considerations should be incorporated into all aspects of a company’s business processes, from product development to supply chain management.
  • The Department of Justice is ramping up efforts to prosecute companies for trade compliance violations, particularly in relation to national security. This increased focus on enforcement means that companies need to be proactive in ensuring compliance with export control regulations and other trade compliance requirements.
  • Over-controlling trade compliance can hinder business operations while under-controlling can lead to violations. Finding the right balance is crucial. Companies should strive to implement effective trade compliance measures that align with their specific business needs, avoiding unnecessary restrictions while still ensuring compliance with applicable regulations.
  • The government should collaborate more with industry consultants to bridge the gap between enforcement agencies and companies, ensuring effective communication and guidance. This collaboration can help companies navigate the complex landscape of trade compliance and provide valuable insights to regulators on emerging technologies and industry practices.

Resources:

Gabrielle Griffith on LinkedIn

BPE Global

Michael Volkov on LinkedIn | X(Twitter)

The Volkov Law Group

 

Categories
Riskology

Riskology by Infortal Episode 19: Davos & Disinformation

Companies operating in today’s global economy face a multitude of risks, including the growing threat of misinformation and disinformation. In this episode of the Riskology Podcast, Dr. Ian Oxnevad and Chris Mason delve into the topic of misinformation and disinformation through the lens of the recent Davos conference. They explore the impact of these risks on businesses, the importance of active defense strategies, and the need for companies to be prepared to counter disinformation campaigns. With the evolving geopolitical landscape, it is crucial for companies to understand and navigate these risks to protect their bottom line and reputation.

Infortal Worldwide is a global risk management and investigation firm that specializes in helping businesses navigate complex risk landscapes. The company’s focus extends to various areas, including economics, politics, and geopolitical risk. By delving into these interconnected realms, Infortal Worldwide aims to provide clients with comprehensive insights that empower them to make informed decisions, especially in critical areas such as mergers and acquisitions, private equity investments, and other strategic moves.

You’ll hear Ian and Chris discuss:

  • Disinformation is the deliberate use of lying to sway a population, while misinformation is inaccurate information that spreads organically. Understanding the distinction is crucial in addressing the intent behind false information and developing appropriate strategies to combat its effects.
  • Misinformation and disinformation are identified as the number one risk on the World Economic Forum’s list of key fundamental risks to look at over a two-year horizon. This highlights the growing concern over the spread of false information and its potential impact on societies, elections, and businesses worldwide.
  • Disinformation and misinformation are not going away and will continue to impact media consumers, policymakers, and investors. With the rise of social media and emerging technologies, false information can spread rapidly, leading to confusion, manipulation, and erosion of trust in institutions.
  • The year of the election is highlighted as a significant time for disinformation and misinformation campaigns, with major elections happening in Mexico, the US, the UK, India, Indonesia, and Russia. The immediate impact of AI tools and the potential for foreign interference make it crucial to address these threats to ensure fair and informed elections.
  • AI tools have made it easier for anyone to run their own disinformation campaigns, posing a significant threat to elections and public perception. The accessibility of these tools amplifies the potential for manipulation, requiring increased vigilance and countermeasures to protect the integrity of democratic processes.
  • Disinformation and misinformation can have a massive impact on markets and a business’s reputation, leading to stock price crashes, media scandals, and lawsuits. The ability of false information to shape public perception and consumer behavior highlights the need for companies to actively defend against and counter false narratives.
  • Companies need to have an active defense against disinformation and misinformation, constantly monitoring and countering false narratives through press releases, investor reports, and social media presence. Proactive measures are necessary to protect a company’s reputation, maintain stakeholder trust, and mitigate potential financial and legal consequences.

Key Quotes:

“Disinformation, it’s not usually in isolation. It’s usually over time…  you create a big enough lie, you repeat it over and over and over again. Pretty soon you own that narrative, even though that narrative is based on absolutely nothing.” – Ian

“Disinformation and misinformation are not going to go away as problems. They’re still going to be here 10 years from now because of social media. It’s just going to be a fact of everyday life for media consumers, policymakers and investors.” – Ian

“No matter how strong your defenses are, a disinformation campaign can still appear suddenly. It can come out of nowhere. It can really catch you off guard. And really, once that happens, it becomes an art of communication and public affairs in terms of how your company’s planning to respond.” – Chris

Resources:

Infortal Worldwide

Email

Dr. Ian Oxnevad on LinkedIn

Chris Mason on LinkedIn

Categories
Adventures in Compliance

The Return of Sherlock Holmes – Data – Driven Compliance from The Adventure of The Dancing Men

Welcome to a review of all the Sherlock Holmes stories that are collected in the work “The Return of Sherlock Holmes.“. It is a collection of thirteen detective stories written by Sir Arthur Conan Doyle, marking the reappearance of the brilliant detective Sherlock Holmes after his apparent death in “The Final Problem.” The collection spans various intriguing cases and mysteries that Holmes and his loyal friend Dr. John Watson tackle. Today we take up the Adventure of the Dancing Men and mine its insights into data-driven compliance through pattern recognition.

The intriguing world of Sherlock Holmes’ investigative methods offers a wealth of lessons for compliance professionals. Pattern recognition, the ability to discern order in a chaotic environment, is a fascinating topic that holds significant importance in various fields, including investigations and compliance work. Pattern recognition as a critical skill in unraveling mysteries and establishing connections within a compliance program. His perspective is shaped by his emphasis on the importance of meticulous attention to detail, the study of symbols to identify patterns, and the understanding that having data is just the beginning—pattern recognition is the crucial next step in data analysis. Fox also highlights the value of specialized knowledge and skills, such as cryptology, in deciphering codes and solving complex puzzles. He underscores the need for creative thinking, collaboration, and critical analysis in the work of a compliance professional, demonstrating how these elements can enhance pattern recognition.

Data-Driven Compliance Lessons:

  • What is data-driven compliance?
  • Once you have the data, how do you use it?
  • The Importance of Meticulous Pattern Recognition
  • Decoding Symbols and Making Connections
  • Pattern Recognition and Creative Corporate Code Breaking

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: February 12, 2024 – The Invidiousness of Corruption Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Corruption burrowed into Nigerian business. (NYT)
  • BASF is finally spinning off from 2 Xinjiang based JVs. (WSJ)
  • EY lost $700MM in failed spin-off. (FT)
  • The dark side of tech. (BBC)

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.