In today’s edition of Daily Compliance News:
Author: admin
In this special podcast series sponsored by Convercent by One Trust, we celebrate Corporate Compliance and Ethics Week 2021. Over this podcast series, I have visited with Convercent by One Trust employees on why they are so passionate about driving ethics to the heart of business. In this episode, I visit with Asha Palmer, Chief Ethics & Compliance Officer & EVP, Converge at Convercent by One Trust. She feels that compliance is the culmination of her professional career about who she is and what she stands for. She has a great passion about passing along her zeal for compliance to the next generation of compliance professionals. Join the Convercent Converge community. It is the single best resource for information on all things ethics and compliance related. There are discussion threads, Q & A on specific topics and resources available to the compliance professional. Best of all, it is all free. Check out the Convercent Converge community by clicking here.
The Kitchen takes a look at a recent anti-trust action, as the DOJ aims to stop a proposed acquisition among major book publishers.
Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I have visited with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we broke down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports. Today, in our concluding episode, Part 5, I am joined by 6clicks co-founder Ant Stevens, as we look down the road for what will be next for 6clicks.
Stevens said that 6clicks was founded some two and half years ago to bring an affordable, accessible and easy to use, GRC capability to lots of businesses around the world. The second related mission “was to ensure that the platform was effective in driving productivity gains for both businesses and advisors and by advisors such as lawyers, accountants, general business management consultants and business advisors. These goals were achieved through a platform built from the ground up. We thought about GRC, we identified some things that were necessary for us to have in place to compete effectively in the market.”
There are other areas which Stevens believes are necessary to support the next generation of GRC products. 6clicks broke down the foundational building blocks into effectively four areas. The first was a functionality that supports the processes related to GRC. The second was content; “audit and assessment templates, risk libraries, policies, and controls sets, standards, rules, and regulations, basically all of the text or the reference points that companies need in order to make that functionality work.”
Next Stevens said, “we saw the future and we certainly see the future as having artificial intelligence baked into lots of areas of the products and the reason for that.” This last component allows a compliance or GRC professional “to take complex activities or time-consuming activities and make them a lot easier.” All of this is built around 6clicks platform, or “what we call a hub and spoke type approach which I know you discussed in Part 1 with Joe Schorr.” This makes the tool quite “useful for multinationals, with lots of divisions, useful for private equity companies, useful for holding companies. These are the four building blocks that 6clicks focuses on and we keep making those things better. That is what creates a foundation for us in terms of innovation.”
We turned specifically to AI. Here Stevens sees the application of AI into two buckets. The first is to help businesses automate or streamline what otherwise would be a complex and time-consuming activity. The second is to identify things in data that even a professional would struggle to do effectively, without the use of some sort of technology. That is what I have called ‘finding patterns in raked leaves.’
Here Stevens turned to Haley, the 6clicks AI intelligence engine. Now “Haley helps companies with two major challenges. One is to identify similarity across standards, laws, or regulations that they need to comply with. Most are still doing this using manually spreadsheets, multiple tabs and feed lookups. There is overlap across multiple jurisdictions around the world which are generally seeking to do similar things. Businesses need to think about that in a unified way. Haley’s first application is identifying similarity across standards, laws or regulations. The second challenge is to take an existing control framework within a company and quickly identify where the gaps are relative to a standard law regulation.”
These functions are what compliance and GRC professionals do all the time. While they can do this manually with “Haley you can do that in seconds. I think the opportunity in the GRC space is to continue to apply artificial intelligence and those sorts of ways. But also to start to think about how we can use artificial intelligence to identify trends in data or insights into data that otherwise would be difficult to identify.” Stevens provided the example of taking incidents and looking for those that might be demonstrating a broader trend or an issue within an organization. Alternatively, trying to understand overlap between different risks so we can develop treatment plans and remediation activities can be more effectively targeted.
I asked Stevens if he could look down the road a bit and perhaps give us a teaser about what 6clicks might be developing. He said, “it is around our mission focusing on making GRC affordable and accessible for businesses. In the long-term, I think there is much to further automate processes for advisors, and we’re going to focus on that. To me that represents huge opportunity for innovation. We are going to look at tools, techniques to enable GRC professionals make all of this more of a reality.” Another initiative is what Stevens termed “a marketplace” which can be “be tailored by advisors for their clients. What we want to do is take this concept to the next level and allow individuals to seamlessly share, as part of their community, in a crowdsource context, both content and best practices that they have identified within the 6clicks platform and make that available to all the 6clicks users around the world.” Most excitingly for me Stevens added, “we want to bring that same sort of capability into the world of risk and compliance.”
I concluded by asking Stevens about his innovation philosophy ensuring you hit the mark, in innovation recognizing there are multiple players just in the innovation process in the GRC and wider risk and compliance space. He said, “for us at 6clicks, we have a three horizon model in the way that we think about innovation. The first is to focus obviously on the very immediate needs that customers have things that might not be working the way they expect, to things that could be improved very obviously based on feedback. The second is things in the near term, which is a combination of things that people have told us that they need and things they have expressed some sort of interesting having.” The third and final horizon is a combination of the 6clicks “view of where the opportunity lies in terms of improvement. We strike a balance in being sufficiently bold about the future that we see, but at the same time grounded in it and getting feedback from customers. In this third horizon we think about innovation manner, as in the way that we think the world should work, which requires a lot of creativity.”
Stevens ended by relating “we try and get the balance right there. It’s not easy. It’s very tough. But that is the way we think about our engineering philosophy and innovation philosophy. It influences the type of people that we attract or that are keen to work with us. We share that focus of short, medium, long-term thinking.”
For more information on 6clicks, check out their website here.
Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the Compliance Podcast Network. In this concluding episode Ronnie and Tom finish out their a five-part series on creative ideas you can use during the 2021 Corporate Compliance and Ethics Week.
In this Part 5, we wrap up our series on things you can do to foster greater communication for your compliance messaging. You should use compliance communications to educate and entertain. They should be designed to influence employee behavior. Tom and Ronnie both agree that Compliance Week initiatives should only be seen as a starting point and must be followed up throughout the year.
Some of the ideas include:
- Have Managers lead compliance related discussions; you can create toolkits for them with talking points.
- Have senior management discuss an ethical dilemma they faced and how they resolved it.
- Use real world examples to stress your company’s values.
- Any initiatives you begin must be followed up throughout the year.
Resources:
Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)
Learnings & Entertainments (Website)
60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.
Workplace Tonight Show! Micro-learning – a library of 1-10-minute trainings and communications wrapped in the style of a late-night variety show, that explains corporate risk topics and why employees should care.
Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with a more engaging delivery.
Welcome to Presidential Leadership Lessons for the Business Executive. Today, Richard Lummis and Tom Fox begin a four-part series on leadership lessons from George Washington. We will look at lessons from Washington’s colonial and frontier period, focusing on the French and Indian War, leadership lessons from Washington’s generalship of the Continental Army, his leadership in both the Continental Congress and Constitutional Convention and we will end with leadership lessons from both terms of Washington’s presidency. In this first episode, we consider the leadership lessons learned by Washington in his colonial and frontier period and how his failures during the French and Indian War influenced his later leadership.
Highlights of this podcast include:
- Introduction into Washington’s early life.
- Washington’s Ambition and the Battle of Jumonville Glen.
- Battle of Fort Necessity and Washington’s surrender.
- Massacre of Braddock’s troops by the Iroquois.
- What did Washington learn from these experiences?
As Aaron Rogers is fined less than a player who had his shirttail untucked, he and Jay are back to reflect on some of the top compliance and ethics stories in the Immunized Not Vaccinated edition.
Stories
1. Will corruption forestall climate change? Monica Guy in the FCPA Blog.
2. Driving culture through sustainability. Linda Luty in Risk and Compliance Matters.
3. Stope little problems from becoming big ones. Mike Volkov in Corruption Crime and Compliance.
4. More on ‘effective compliance’? Michael Julian in the FCPA Blog.
5. What is ‘success’ in ABC compliance? Matthew Stephenson in GAB.
6. Revisiting your whistleblower program. Debevoise Plimpton lawyers in Compliance and Enforcement.
7. The role of BOD in ESG. Jurgita Ashley and Randy Vai Morrison in Harvard Law Forum on Corporate Governance.
8. Disclosing cybersecurity issues. Matt Kelly in Radical Compliance.
9. Mashreqbank fined $100MM by DFS. Jaclyn Jaeger in Compliance Week. (sub req’d)
10. Tailoring a Design Thinking program that fits for you. Carsten Tams on LinkedIn.
Podcasts and Events
11. How can a 1st responder deal with PTSD? One way is through poetry. Check out my interview with Detective Ed Gillespie, Policeman Poet of Baltimore in a very special episode of Greetings and Felicitations.
12. Are you exasperated? Then check, F*ing Argentina. In this podcast series co-hosts Tom Fox and Gregg Greenberg, author of F*ing Argentina explore the current American psyche of being overworked, over leveraged, overtired and overwhelmed. Find out about modern America’s exasperation with well…exasperation. In Episode 9, a lost purse and panic in Shubert Alley.
13. This month on The Compliance Life, I visit with Wendy Badger, CCO at Tennant. In Part 1, she details her academic career and early professional life. In Part 2, changing ladders to advance your career.
14. In a sponsored podcast series, I visit with 6clicks on their innovative GRC solutions. In Episode 1, Joe Schorr on the hub and spoke approach. In Episode 2, Andrew Robinson on AI and ML in GRC. In Episode 3, Stephen Walter on building a content library. In Episode 4, Heather Buker on producing audit ready reports. In Episode 5, Ant Stevens on what’s next for 6clicks.
15. Next week, I am running a 5-part series on Understanding Lyme Disease. The episodes will post daily at 10AM. You can check out all episodes on the Greetings and Felicitations podcast. Episode 1: Origins and Evolution; Episode 2: The Diagnosis Dilemma; Episode 3: Treatment and Innovation; Episode 4: Protection and Immunity; Episode 5: Looking Ahead
16. How does a Compliance Bible become a best-seller? Check out Tom’s appearance on the C-Suite Network’s Best Seller TV to find out. Purchase The Compliance Handbook, 2nd edition here.
Tom Fox is the Voice of Compliance and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
Categories
What’s Next For 6clicks?
I recently had the chance to visit with 6clicks co-founder Ant Stevens, as we look down the road for what will be next for 6clicks, for a sponsored podcast series. You can check out the podcast here. Stevens said that 6clicks was founded some two and half years ago to bring an affordable, accessible and easy to use, GRC capability to lots of businesses around the world. The second related mission “was to ensure that the platform was effective in driving productivity gains for both businesses and advisors and by advisors such as lawyers, accountants, general business management consultants and business advisors. These goals were achieved through a platform built from the ground up. We thought about GRC, we identified some things that were necessary for us to have in place to compete effectively in the market.”
There are other areas which Stevens believes are necessary to support the next generation of GRC products. 6clicks broke down the foundational building blocks into effectively four areas. The first was a functionality that supports the processes related to GRC. The second was content; “audit and assessment templates, risk libraries, policies, and controls sets, standards, rules, and regulations, basically all of the text or the reference points that companies need in order to make that functionality work.”
Next Stevens said, “we saw the future and we certainly see the future as having artificial intelligence baked into lots of areas of the products and the reason for that.” This last component allows a compliance or GRC professional “to take complex activities or time-consuming activities and make them a lot easier.” All of this is built around 6clicks platform, or “what we call a hub and spoke type approach which I know you discussed in Part 1 with Joe Schorr.” This makes the tool quite “useful for multinationals, with lots of divisions, useful for private equity companies, useful for holding companies. These are the four building blocks that 6clicks focuses on and we keep making those things better. That is what creates a foundation for us in terms of innovation.”
We turned specifically to AI. Here Stevens sees the application of AI into two buckets. The first is to help businesses automate or streamline what otherwise would be a complex and time-consuming activity. The second is to identify things in data that even a professional would struggle to do effectively, without the use of some sort of technology. That is what I have called ‘finding patterns in raked leaves.’
Here Stevens turned to Haley, the 6clicks AI intelligence engine. Now “Haley helps companies with two major challenges. One is to identify similarity across standards, laws, or regulations that they need to comply with. Most are still doing this using manually spreadsheets, multiple tabs and feed lookups. There is overlap across multiple jurisdictions around the world which are generally seeking to do similar things. Businesses need to think about that in a unified way. Haley’s first application is identifying similarity across standards, laws or regulations. The second challenge is to take an existing control framework within a company and quickly identify where the gaps are relative to a standard law regulation.”
These functions are what compliance and GRC professionals do all the time. While they can do this manually with “Haley you can do that in seconds. I think the opportunity in the GRC space is to continue to apply artificial intelligence and those sorts of ways. But also to start to think about how we can use artificial intelligence to identify trends in data or insights into data that otherwise would be difficult to identify.” Stevens provided the example of taking incidents and looking for those that might be demonstrating a broader trend or an issue within an organization. Alternatively, trying to understand overlap between different risks so we can develop treatment plans and remediation activities can be more effectively targeted.
I asked Stevens if he could look down the road a bit and perhaps give us a teaser about what 6clicks might be developing. He said, “it is around our mission focusing on making GRC affordable and accessible for businesses. In the long-term, I think there is much to further automate processes for advisors, and we’re going to focus on that. To me that represents huge opportunity for innovation. We are going to look at tools, techniques to enable GRC professionals make all of this more of a reality.” Another initiative is what Stevens termed “a marketplace” which can be “be tailored by advisors for their clients. What we want to do is take this concept to the next level and allow individuals to seamlessly share, as part of their community, in a crowdsource context, both content and best practices that they have identified within the 6clicks platform and make that available to all the 6clicks users around the world.” Most excitingly for me Stevens added, “we want to bring that same sort of capability into the world of risk and compliance.”
I concluded by asking Stevens about his innovation philosophy ensuring you hit the mark, in innovation recognizing there are multiple players just in the innovation process in the GRC and wider risk and compliance space. He said, “for us at 6clicks, we have a three horizon model in the way that we think about innovation. The first is to focus obviously on the very immediate needs that customers have things that might not be working the way they expect, to things that could be improved very obviously based on feedback. The second is things in the near term, which is a combination of things that people have told us that they need and things they have expressed some sort of interesting having.” The third and final horizon is a combination of the 6clicks “view of where the opportunity lies in terms of improvement. We strike a balance in being sufficiently bold about the future that we see, but at the same time grounded in it and getting feedback from customers. In this third horizon we think about innovation manner, as in the way that we think the world should work, which requires a lot of creativity.”
Stevens ended by relating “we try and get the balance right there. It’s not easy. It’s very tough. But that is the way we think about our engineering philosophy and innovation philosophy. It influences the type of people that we attract or that are keen to work with us. We share that focus of short, medium, long-term thinking.”
For more information on 6clicks, check out their website here.
Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I visit with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we will break down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports, and look at what’s next for 6clicks down the road. In Part 4, I am joined by 6clicks Chief Technology Officer, Dr. Heather Buker and we take up producing an audit-ready report with 6clicks Pixel Perfect™.
Buker is the transitional resource who takes the engineering and tech part of the 6clicks solution and puts it into a workable solution for customers. She says of herself, “you can see me, affectionately, as a translator if you will of the product and functionality and how that translates to business use cases, value propositions and things that clients really care about.” She went on to note, “functionality is only as good as the value proposition that it serves. I am here to make sure that those two things meet. I’m kind of the bridge.”
It used to be that the byword for data and data processing was GIGO (garbage in, garbage out). However, now it has evolved to “data is only as good as what you can get out of it. So, it’s not enough to just collect the data and give organizations a sort of single source of truth for their GRC programs anymore. Right? That’s what every SAS solution in the GRC space is really striving for. But, furthermore, users want easy, efficient ways to get that data out of the tool. So, it’s always a bit of an uphill battle when it comes to reporting, you know, there’s a constant flow of new requirements. Every organization has a different use case that needs supporting et cetera, and users have to be able to get their GRC data out of the tool and make it digestible for a wide variety of audiences. And that’s really the key right there. The wide variety of audiences we’re trying to satisfy with reporting needs, what good is it to track their risk and compliance data? If they can’t show/prove to an auditor or their Board members on their current risk posture at the monthly meeting, simply put it isn’t. So, assets reporting is, and frankly always will be, a critical piece of the GRC SAS solution puzzle”.
The problem that the 6clicks Pixel Perfect™ helps solve is repeatability. As Buker explained, “The more we can make GRC processes repeatable, even when it comes to reporting, the easier our platform will be to use and the more widely adopted we can become. To solve for this in the reporting world, we decided to automate report generation.” I asked her for an example, and she said, “6clicks Pixel Perfect™ can take a completed PCI DSS assessment and return Section Six of the report on compliance, filled out an audit ready.” This means a template mandated by the Security Standards Council to drive this functionality and ensure the report is ready to be submitted and properly formatted when generated. All an organization has to do is complete their PCI assessment and the platform will perform our “6clicks magic on the other side and deliver the PCI form from those assessment results minus all of the hassle. We are talking hours upon hours of time savings for QSAs merchants and others on their engagements.”
We concluded with some of Buker’s thoughts on how multiple stakeholders can use the information that 6clicks Pixel Perfect™ solution creates, up and down the chain in an organization, literally from the technical folks on the front lines up to the Board of Directors. She emphasized “what this functionality has to be, has to be up and down, high level, low level, right to Board members who have their monthly meeting or senior management that maybe, managing multiple projects across various lines of business. They don’t always know what they’re looking at when they look at some of these low-level risk, detailed reports or even data in general. We must make it digestible for them. We have to make it meaningful for them. We have to be able to produce reports and analytics at a really high level.”
Buker had a great phrase, that it all has to be in an “accordion range. That is, from highest level to lowest level and then back. And that’s really like the secret sauce of reporting and analytics in the GRC space. Being able to take it full circle from driving change to implementing change and all of the various levels in any organization.”
Join us tomorrow where we conclude our series by visiting with company co-founder Ant Stevens as we explore what’s next for 6clicks.
For more information on 6clicks, check out their website here.