Author: admin

Categories
Innovation in Compliance

Innovation in Compliance – Navigating Leadership and Talent Retention with Pat McNeil

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Pat McNeil, founder and principal of Chart House Solutions, to delve into his extensive experience in the Navy and his journey into leadership development and organizational coaching.

Pat discusses his transition from the military to civilian life, the creation of Chart House Solutions, and his role in guiding clients through professional and personal challenges. He introduces the EC3 principle for talent retention—expectations, communication, commitment, and consistency, drawing parallels from his military service to corporate environments. He also highlights the importance of structured training and the concept of ‘falling forward’ in professional development. He discusses the Lego Serious Play method, emphasizing the role of serious play in improving corporate settings and engagement. Pat stresses that coaching at all organizational levels fosters effective leadership and a sustainable company culture.

Key highlights:

  • Pat McNeil’s Professional Background
  • The EC3 Principle for Talent Retention
  • Lego Serious Play Method in Corporate Training
  • Falling Forward: Embracing Failure in Professional Development
  • Training with Purpose: Driving Culture and Engagement
  • The Importance of Coaching in Professional Development

Resources:

Pat McNeil on LinkedIn

Chart House Solutions

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Revolutionizing Compliance with AI-Powered KPIs 

In the modern corporate landscape, traditional key performance indicators (KPIs) are struggling to meet the demands of dynamic compliance environments. These legacy metrics often fail to align operations, prioritize resources, and drive accountability toward strategic objectives. For compliance professionals, these shortcomings are particularly critical: ineffective KPIs can lead to missed risks, inefficient processes, and poor decision-making, ultimately jeopardizing organizational integrity.

In a recent article in the Sloan Management Review, entitled The Future of Strategic Measurement: Enhancing KPIs With AI, authors Michael Schrage, David Kiron, François Candelon, Shervin Khodabandeh, and Michael Chu explored these and other issues, which I have adapted for the compliance professional.  By incorporating artificial intelligence (AI), organizations are reimagining what KPIs can accomplish—not just as performance trackers but as drivers of strategic differentiation and value creation.

The Shortcomings of Legacy KPIs in Compliance

Legacy KPIs often focus narrowly on outputs, such as the number of training sessions conducted or hotline calls logged. While these metrics provide valuable data, they frequently fail to provide solid information in various ways. The first is that legacy KPIs are taken in a vacuum with no appreciation of the interconnected nature of corporate risks. Just as compliance does not (or at least should not) operate in a vacuum, risks in one area often cascade into others, yet traditional KPIs rarely reflect these interdependencies. The retrospective nature of KPIs. Metrics rooted in historical data are inherently backward-looking, limiting their utility for forecasting and proactive risk management.

Finally, corporate silos, which are a perennial challenge in compliance, and static KPIs can reinforce them rather than foster cross-functional collaboration. Legacy KPIs do not promote alignment across disparate corporate functions. These limitations hinder a compliance professional’s ability to effectively anticipate, prevent, and address misconduct.

Enter Smart KPIs: A New Era of Compliance Metrics

AI-powered KPIs offer a smarter, more dynamic approach to performance measurement. These metrics are descriptive, predictive, and prescriptive. Such metrics will allow a corporate compliance function to provide new and different insights, such as some of the following.

  • Analyze past and current compliance performance to identify gaps.
  • Anticipate future risks and compliance trends based on patterns in data.
  • Recommend actions to mitigate risks and optimize outcomes.

For example, AI can transform a traditional metric like the “number of third-party audits conducted” into a prescriptive KPI that evaluates audit results, predicts the highest risk areas, and recommends corrective actions.

Case Study: Wayfair and the Evolution of Lost-Sales KPIs

The article discussed Wayfair’s reengineering of its lost-sales KPI and offers valuable insights for compliance professionals. Initially, the retailer calculated lost sales on an item-by-item basis, but AI analysis revealed that many “lost” sales were category retentions, as customers purchased alternative items. This revelation led Wayfair to redesign its KPI to measure category-based retention. The result? Smarter metrics aligned product placement with operational constraints, improving customer satisfaction and operational efficiency.

This case study provides a clear set of lessons for corporate compliance and the compliance professional. Compliance teams can use AI to rethink KPIs that do not fully capture performance nuances. For instance, instead of merely tracking the number of training completions, a smarter KPI could evaluate behavioral changes post-training or identify employees most at risk of ethical lapses based on historical data. This, in turn, could provide greater insight into training effectiveness and how a compliance professional might think about targeted training.

KPI Governance: A Compliance Imperative 

One of the most critical aspects of AI-enhanced KPIs is governance. Organizations need robust governance mechanisms to ensure KPIs evolve with strategic objectives and maintain their relevance over time. For a compliance professional, this means several different approaches.

  1. Continuous Review of Metrics. Regularly revisiting KPIs to ensure they remain aligned with evolving regulatory landscapes and business priorities.
  2. Meta-KPIs for Quality Assurance. Developing “KPIs for KPIs” to assess their accuracy, relevance, and effectiveness.
  3. Cross-Functional Oversight. Establishing governance structures that bring together compliance, legal, and operational teams to oversee metric design and implementation.

The bottom line is that accountability for KPI performance, both the metrics themselves and the outcomes they drive, must be embedded into the compliance framework.

How AI Enhances Compliance KPIs

AI-enhanced KPIs bring new capabilities to compliance programs in three key manners. First, in risk anticipation. Predictive KPIs can identify emerging compliance risks, such as regulatory changes, third-party risk management, or shifts in employee behavior, enabling proactive mitigation. The second area is holistic insights. By analyzing data across functions, AI can uncover hidden correlations, such as how employee hotline reports, visits to the compliance department website, or even the number of requests to FAQs might signal compliance risks in supply chain operations. Finally is the area of targeted recommendations. Prescriptive KPIs can suggest specific actions, like prioritizing high-risk vendors for audits or tailoring training to address observed knowledge gaps. For example, AI could analyze whistleblower reports alongside financial data to identify patterns indicative of systemic fraud, providing actionable insights for remediation. 

 This more holistic approach also addresses one of the key risk areas around KPIs: stagnate KPIs. The 2008 financial crisis underscores the dangers of relying on outdated KPIs. Banks’ dependence on “value at risk” metrics, which failed to account for the growing influence of subprime mortgages, contributed to catastrophic losses. Compliance professionals must guard against similar pitfalls by regularly challenging assumptions underpinning legacy KPIs. AI can aid in this process by continuously analyzing data to reveal when a metric is no longer fit for purpose.

Steps to Implement Smarter Compliance KPIs

Compliance professionals can take the following steps to transition from legacy to AI-enhanced KPIs.

  1. Audit Existing KPIs. Assess whether current metrics adequately capture compliance risks and align with strategic objectives.
  2. Leverage AI for Data Analysis. Use AI tools to uncover hidden patterns in compliance data, such as correlations between employee turnover and ethics violations.
  3. Collaborate Across Functions. Work with IT, legal, and operations teams to ensure KPI redesigns reflect organizational priorities.
  4. Invest in Training and Culture. Equip compliance teams with the skills to interpret and act on AI-generated insights while fostering a culture of data-driven decision-making.
  5. Monitor and Improve KPIs. Establish processes for ongoing KPI evaluation, ensuring they evolve alongside regulatory and stakeholder input and business changes.

Challenges and Ethical Considerations 

While AI-enhanced KPIs offer immense potential, they also present challenges. These challenges include some of the following. Just as with more generative AI, algorithms can be biased. AI models are only as unbiased as the data on which they are trained. Compliance teams must ensure that their AI systems uphold principles of fairness and equity. Always remember the Human in the Loop to preclude over-reliance on AI. While AI can inform decision-making, it should not replace human judgment. Compliance professionals must strike a balance between algorithmic insights and ethical considerations. Finally, there are data privacy concerns. Collecting and analyzing large datasets for KPI development must comply with data privacy regulations.  

Conclusion: The Future of Compliance Metrics 

The rise of AI-enhanced KPIs marks a paradigm shift in measuring and managing compliance performance. By embracing smarter, more dynamic metrics, compliance professionals can gain deeper insights, anticipate risks, and drive better outcomes.  Much like Wayfair and other forward-thinking organizations, compliance teams must be willing to challenge the status quo, leverage technology, and prioritize continuous improvement. The era of static, backward-looking KPIs is over. In its place is a future where smart KPIs enable compliance functions to not only measure performance but actively enhance it—turning compliance from a cost center into a source of strategic value. The question is not whether your organization should adopt AI-powered KPIs but how soon your compliance program can reap the benefits. The time to act is now.

Categories
Adventures in Compliance

The Case-Book of Sherlock Holmes – Compliance Lessons from The Adventure of the Three Gables

In this new season of Adventures in Compliance, host Tom Fox takes a deep dive into Arthur Conan Doyle’s Sherlock Holmes collection, The Case Book of Sherlock Holmes. It is the final set of twelve Sherlock Holmes short stories, first published in the Strand Magazine between October 1921 and April 1927. In this episode, we consider one of the lesser-known of all the Holmes stories, The Adventure of the Three Gables.

In this episode, we investigate the Sherlock Holmes short story ‘The Three Gables’ to uncover crucial compliance lessons. As part of ‘The Casebook of Sherlock Holmes,’ this episode examines ethical leadership, transparency, third-party risk management, whistleblower protections, reputation management, and root cause analysis through the lens of this lesser-known tale. The story of crime and manipulation serves as a reminder of the importance of integrity and accountability in business ethics. Check out the parallels between Sherlock Holmes’ investigative techniques and modern compliance practices and learn how these timeless lessons can strengthen organizational culture and mitigate risks.

Highlights include:

  • Introduction to The Three Gables
  • Unpacking Compliance Lessons
  • Ethical Leadership and Transparency
  • Third-Party Risk Management
  • Whistleblower Protections and Reputation Management
  • Root Cause Analysis and Final Thoughts

Resources

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Corruption, Crime and Compliance

McKinsey & Company Pays $122 Million to Resolve FCPA Violations in South Africa

What went wrong when McKinsey paid bribes to secure consulting contracts with South Africa’s state-owned enterprises? In this episode, Michael Volkov dives into the December 2024 DOJ settlement with McKinsey & Company, which paid $122 million after being found guilty of paying bribes to officials at Transnet and Eskom to secure valuable consulting contracts. The case involved significant violations of the Foreign Corrupt Practices Act (FCPA) and highlights the risks companies face when failing to implement effective compliance programs.

You’ll hear him discuss:

  • The details of McKinsey’s settlement with the DOJ for $122 million, including the 35% discount and the cooperation credits granted by the government.
  • The role of Vikas Sagar, McKinsey’s former senior partner, and his guilty plea in 2022 for orchestrating bribery payments.
  • How McKinsey Africa used sensitive, non-public information obtained through bribes to secure multi-million dollar contracts with Transnet and Eskom.
  • The ongoing issue of engaging third-party intermediaries and the importance of conducting thorough due diligence before entering into business relationships.
  • The lessons learned from McKinsey’s lack of proper oversight and controls allowed a small group of corrupt executives to facilitate bribery schemes.
  • The broader impact of local content requirements in international business and the associated risks of partnering with unqualified entities with ties to corrupt government officials.

Resources:

Michael Volkov on  LinkedIn |Twitter

The Volkov Law Group

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 6 – M&A Safe Harbor Policy

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

This episode delves into the Department of Justice’s mergers and acquisitions (M&A) Safe Harbor Policy, as Deputy Attorney General Lisa Monaco explained. This policy encourages companies to voluntarily self-disclose criminal conduct discovered during acquisition. If a company promptly discloses such misconduct, cooperates with the ensuing investigation, and engages in appropriate remediation, restitution, and disgorgement, it can receive a presumption of a criminal declination. Key deadlines include disclosing misconduct within six months of the closing date and fully remediating within one year. The DOJ aims to incentivize acquiring companies to perform robust pre- and post-acquisition due diligence and self-disclosure to mitigate risks and de-risk transactions effectively.

Key highlights:

  • New DOJ Mergers and Acquisitions Safe Harbor Policy
  • Key Requirements and Deadlines
  • Historical Context and Clarifications

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
FCPA Compliance Report

FCPA Compliance Report – Episode 740 – Jonathan Wilson on the Current Status of CTA Litigation

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In the first episode of the 2025 FCPA Compliance Report, Tom welcomes back Jonathan Wilson, founder and CEO of the FinCEN Report, to discuss recent legal machinations surrounding the Corporate Transparency Act (CTA). They delve into a December court ruling by the Eastern District of Texas, which issued a universal injunction against the CTA, claiming it oversteps Congress’s authority under the Commerce Clause. The Fifth Circuit stay panel initially stayed this ruling but was later reinstated by the merits panel, leading the government to appeal to the Supreme Court. The episode also covers historical context, potential impacts on businesses, and predictions for future court actions regarding the CTA.

Key highlights:

  • Texas Top Cop Shop Case Overview
  • Court Rulings and Injunctions
  • Supreme Court Involvement
  • Government Response and Filing Process
  • Implications of Administration Change

Resources:

Jonathan Wilson on LinkedIn

FinCEN Report

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Daily Compliance News

Daily Compliance News: January 6, 2025 – The Lady MacBeth in 2025 Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News—all from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • Lady MacBeth lives. (Greek Reporter)
  • Is CFIUS corrupt? (WSJ)
  • Auditing firms call the value of metrics ‘speculative.’ (FT)
  • Treasury department sanctions Beijing-based cybersecurity company. (NYT)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the entire 3-book series, The Compliance Kids, on Amazon.com.

Categories
Blog

The Character Imperative in Leadership: A Lesson for Compliance Professionals

When discussing leadership transitions at troubled organizations, one recurring theme is often overlooked: character’s pivotal role in shaping culture and outcomes. In an MIT Sloan Management Review article entitled “Make Character Count in Hiring and Promoting,” Mary Crossan posited, “Most managers focus on competencies when evaluating candidates—but it’s a character that will transform the DNA of the organization.”

The recent challenges faced by Boeing serve as a cautionary tale for compliance professionals worldwide. Despite their technical prowess and storied history, Boeing’s leadership failures, rooted in compromised decision-making and a lack of character-driven judgment, led to catastrophic consequences for safety, public trust, and, ultimately, their bottom line.

The leadership debate at Boeing has focused narrowly on whether the next CEO should be an engineer or an accountant, emphasizing competencies over character. This approach underscores a persistent failure across industries to recognize that strong character-based judgment is a cornerstone of ethical leadership and compliance success.

This offers a critical lesson for compliance professionals: character matters as much as, if not more than, competence. The organizational culture we build reflects the character of the individuals we hire, promote, and retain. Compliance leaders must champion character as a vital element in talent development and how to embed this principle into their practices.

Competence vs. Character: Understanding the Difference 

Competence concerns what someone can do, their technical skills, knowledge, and experience. It varies by organization, role, and level within the hierarchy. In contrast, the character is about who someone is. It’s universal and intrinsic, shaped over a lifetime, and critical to ethical decision-making.

Research shows that character comprises 11 interconnected dimensions, each manifesting in observable behaviors. These dimensions include courage, humility, temperance, accountability, and judgment. Importantly, character isn’t static; it’s a habit that can be developed and refined over time.

When organizations equate character with a narrow set of qualities, such as drive and accountability, they risk embedding toxicity and poor judgment into their culture. For example, a leader with unrestrained courage may veer into reckless decision-making without the tempering force of humility. Such imbalances ripple through the organization, driving disengagement and turnover among those with stronger, more balanced character.

This interplay between character and culture is a leverage point for compliance professionals. We can foster ethical cultures prioritizing accountability, transparency, and trust by elevating character assessments to the same level as competence evaluations. 

Character Interviews: A Tool for Compliance Leaders

Traditional interviews focus on competencies through structured questions and rubrics. Character interviews, however, require a more nuanced approach. They are conversational and personalized, designed to explore a candidate’s life story and reveal their character dimensions.

Here are key considerations for conducting effective character interviews:

  1. Prepare by Developing Your Own Character. To assess the character of others, interviewers must first reflect on their biases and imbalances. For instance, understanding the dimension of justice requires recognizing how systemic privileges and inequities shape perceptions of fairness.
  2. Engage in Genuine Conversations. A character interview should feel less like a formal assessment and more like exploring the candidate’s experiences, motivations, and values. This approach uncovers the layers of their character organically.
  3. Probing Questions and Observational Insights. Start with broad, open-ended questions and follow the threads of the candidate’s responses. For example, if candidates emphasize their innovative drive, explore how they’ve balanced it with temperance or collaboration.
  4. Cluster Dimensions to Identify Strengths and Weaknesses .Character dimensions are interconnected and should be evaluated holistically. A candidate with strong accountability and courage but weak temperance might struggle to balance ambition with thoughtful decision-making.
  5. Assess the Interviewer’s Character. Character interviews reveal the interviewee’s strengths and weaknesses as well as the interviewer’s. Candidates often assess organizations based on the character of those conducting the interviews.

Character in Promotions and Talent Development

Promotions signal what qualities an organization values most. When those decisions prioritize competence over character, they risk elevating individuals whose imbalances could undermine ethical culture.

One effective approach is integrating character assessments into 360-degree reviews for promotion candidates. For example, an organization identified a highly competent leader whose humility and collaboration needed development. By assigning him to an unfamiliar overseas role, they created an environment where he had to rely on others and build relationships, strengthening his weaker character dimensions.

Compliance professionals can advocate for similar strategies, ensuring that promotions are about past performance and readiness for ethical leadership.

Building Character-Based Cultures in Compliance

Embedding character into hiring and promotion decisions isn’t just about individual roles; it’s about shaping organizational DNA. Here is how compliance teams can lead this transformation:

  1. Educate on the Importance of Character. Host workshops or training sessions on the 11 dimensions of character and their relevance to compliance and ethical decision-making.
  2. Develop Character Assessment Tools. Create structured yet flexible frameworks for evaluating character in interviews, performance reviews, and succession planning.
  3. Provide Feedback for Development. Constructive feedback helps individuals recognize and address character imbalances. Compliance leaders can normalize character development as an ongoing process.
  4. Model Character-Driven Leadership. Compliance teams should exemplify the values they seek in others, demonstrating integrity, transparency, and humility in their interactions and decision-making.

The Compliance Professional’s Role

Character-driven leadership is essential to navigating today’s complex ethical landscape. For compliance professionals, this means advocating for systems that value character alongside competence. It means challenging the status quo in talent management and championing leaders who embody integrity, humility, and balanced judgment.

Boeing’s leadership failures are a stark reminder of what happens when a character is sidelined. By prioritizing character in our organizations, we can mitigate risk and build cultures that inspire trust, accountability, and long-term success.

Your corporate compliance function’s future and your entire organization depend on it.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 5- Enhancing Compliance Through Automation

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In this episode, we explore how automation can revolutionize traditional compliance reporting, which is often manual, time-consuming, and error-prone. By leveraging data-driven solutions, compliance professionals can achieve near real-time reporting, improving decision-making and efficiency across their organizations. Reg Ops (regulatory operations) plays a key role in this transformation by focusing on automating compliance artifact creation and integrating existing security and compliance tools. This helps provide a comprehensive, real-time view of the company’s compliance status. However, organizations must carefully balance the need for real-time reporting with data accuracy, security, and cultural adaptation to realize these benefits. Tune in as we highlight three key takeaways: the critical role of automation in improving compliance effectiveness, the necessity of near real-time reporting, and the importance of balancing data accuracy and security in compliance programs. Join us tomorrow to discuss the impact of privacy regulations on data-driven compliance programs and analytics.

Key Highlights

  • Challenges in Traditional Compliance Reporting
  • Integrating Tools for Real-Time Compliance
  • Balancing Real-Time Reporting with Data Security
Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 4- Building Effective Data Analytics Programs for Compliance

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In today’s business environment, compliance professionals leverage data analytics to adhere to regulatory requirements and ethical standards. This episode focuses on the importance of defining specific risks an organization wants to monitor, capturing relevant data creatively, and utilizing internal expertise to build effective data analytics programs. By starting small and focusing on one risk at a time, compliance officers can demonstrate their dedication to improving compliance despite limited resources. Additionally, a data-driven approach helps shift focus from individual policy violations to identifying systemic issues, enhancing overall organizational compliance. Key takeaways include understanding multiple factors in creating data-driven compliance programs, recognizing the value of shifting focus to systemic issues, and gradually building analytics capabilities.

Key Highlights

  • Defining and Identifying Risks
  • Innovative Data Capture and Internal Collaboration
  • Demonstrating Value to Senior Management

Resources

Listeners to this podcast can receive a 20% discount to The Compliance Handbook, 5th edition by clicking here.