Author: Admin

Categories
Sunday Book Review

Sunday Book Review: February 8, 2026, The Books on Creativity Edition

In the Sunday Book Review, Tom Fox considers books that would interest compliance professionals, business executives, or anyone curious. It could be books about business, compliance, history, leadership, current events, or anything else that might interest Tom. In this episode, we look at⁠ the 5 top books on creativity.

  1. Our Band Could Be Your Life: Scenes from the American Indie Underground 1981-1991 by Michael Azerrad
  2. On Writing: A Memoir of the Craft  by Stephen King
  3. Just Kids by Patti Smith
  4. Cat’s Eye by Margaret Atwood
  5. The Midnight Disease: The Drive to Write, Writer’s Block, and the Creative Brain by Alice Flaherty

Resources:

Five Best: Books on the Creative Spark in the ⁠WSJ

Categories
From the Editor's Desk

From the Editor’s Desk – Aaron Nicodemus on the CW AI Conference Insights: Navigating the Practical Use of AI in Compliance

In this episode of ‘From the Editor’s Desk,’ Tom Fox visits with Aaron Nicodemus to discuss highlights from the recent Compliance Week AI Conference. Key takeaways include the importance of understanding the purpose and practical use of AI tools before implementation, the pressures from C-suite and boards to adopt AI, and the necessity of a human-in-the-loop approach. The conversation also touches on integrating trust and integrity into AI adoption, the evolving role of compliance as a trusted partner in AI initiatives, and the collective willingness to learn and apply AI across compliance operations.

Key highlights:

  • Importance of Understanding AI Implementation
  • Pressure from the Top: Compliance and AI
  • Human Oversight in AI Processes
  • Trust and Integrity in AI
  • Compliance as a Competitive Advantage
  • Real-World Examples: Robinhood and DocuSign
  • The Evolving Role of Compliance in AI
  • Conference Vibes and Final Thoughts

Resources:

Aaron Nicodemus on LinkedIn

Compliance Week

Categories
Daily Compliance News

Daily Compliance News: February 6, 2026, The Chief BS Officer Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Opening arguments in the FirstEnergy corruption trial. (News5Cleveland)
  • Brad Karp, the leader of Paul Weiss, resigns amid revelations from the Epstein files. (WSJ)
  • Corruption is cheaper in the UK than in the US. (TheGuardian)
  • Do you need a Chief BS officer? (FT)
Categories
AI Today in 5

AI Today in 5: February 6, 2026, The Trillion $$ Wipeout Edition

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider five stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

Top AI stories include:

  1. EU AI group establishes task force to foster compliance. (Babl)
  2. AI diligence tool rollout. (InvestmentNews)
  3. AI in healthcare is driving greater accountability. (FastCompany)
  4. The compliance convergence challenge. (SecurityBlvd.)
  5. AI fears wipe out tech stock values. (Bloomberg)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game, is available. You can purchase a copy of the book on Amazon.com.

Categories
Blog

Roman Philosophers and the Foundations of a Modern Compliance Program: Part 5 – Lucretius, Rationality, and Continuous Improvement in Compliance

Welcome to our concluding blog post on notable Roman Philosophers and the philosophical underpinnings of modern corporate compliance programs and compliance professionals, focusing on five philosophers from Rome spanning the end of the Roman Republic to the Roman Empire.

We have considered Cicero and the duty, law, and the moral limits of business; Seneca on power, pressure, and ethical decision-making under stress; Varro on corporate governance; and Marcus Aurelius on ethical leadership and tone at the top. Today, we conclude with Lucretius to explore rationality, fear, and risk perception.

I. Lucretius in Context: Seeing the World Clearly

Titus Lucretius Carus is the outlier in the Roman philosophical tradition, and that is precisely why he matters to compliance professionals. In De Rerum Natura (On the Nature of Things), Lucretius set out to explain the world as it actually is, stripped of superstition, fear, and comforting illusions. He believed that human suffering and bad decision-making were driven less by malice than by misunderstanding.

Lucretius lived in a Roman world gripped by fear of divine punishment, fate, and unseen forces. He argued that when people attribute events to superstition or rumor rather than observation and evidence, they lose the ability to respond rationally. Fear, in his view, was the enemy of clear judgment. Only through disciplined observation and reason could individuals and institutions act wisely.

For modern compliance professionals, Lucretius offers a final and essential lesson. Even the best-designed compliance program, staffed by accountable individuals and supported by ethical leadership, will fail if it cannot see itself clearly. Programs that rely on assumptions, anecdotes, or reputation rather than evidence inevitably drift. Lucretius teaches that rational observation is not merely a scientific virtue. It is an ethical one.

II. The Compliance Problem Lucretius Illuminates: Blind Spots and Compliance Theater

Many compliance programs operate on belief rather than proof. Leaders believe the culture is strong. Boards believe controls are effective. Compliance teams believe training is working. Yet enforcement actions routinely reveal blind spots that persisted for years, unnoticed or unchallenged. This gap between belief and reality is what Lucretius would have called superstition. In compliance, it takes the form of compliance theater: dashboards that look reassuring, certifications that go unquestioned, and metrics that measure activity rather than effectiveness.

The DOJ Evaluation of Corporate Compliance Programs (ECCP) repeatedly asks whether companies test, monitor, and improve their programs. Prosecutors are explicit that assumptions are insufficient. They want evidence that the program detects misconduct, adapts to change, and evolves based on lessons learned. Fear plays a central role here. Organizations fear discovering problems. They fear bad news reaching the board. They fear regulatory scrutiny. Lucretius warned that fear distorts perception. In compliance terms, fear leads to underreporting, superficial audits, and avoidance of uncomfortable data.

A compliance program that cannot tolerate evidence of weakness cannot improve. Lucretius insists that rational systems must prefer truth over comfort.

III. Modern Corporate Application: Lucretius, DOJ Expectations, and Evidence-Based Compliance

Applying Lucretius to modern compliance highlights the central role of monitoring, testing, and continuous improvement.

First, compliance monitoring must focus on effectiveness, not volume. Counting training completions or hotline calls says little about whether the program works. Lucretius would insist on asking harder questions. Are issues detected early? Are repeat risks declining? Are controls changing behavior?

Second, data must be interpreted without fear. DOJ guidance emphasizes learning from misconduct and near misses. Yet many organizations treat incidents as anomalies rather than signals. Lucretius teaches that patterns matter more than isolated events. Compliance teams should analyze trends across regions, functions, and time, even when results are uncomfortable.

Third, programs must adapt to changing risk. Lucretius rejected static explanations of the world. The DOJ similarly asks whether compliance programs evolve as business models, markets, and technologies change. A program designed for yesterday’s risks becomes a liability when conditions shift.

Fourth, monitoring must include culture and behavior, not just transactions. Culture surveys, exit interviews, and speak-up analytics provide insight into employees’ trust in the system. Lucretius would caution against ignoring qualitative data simply because it is harder to measure.

Fifth, continuous improvement must be documented and demonstrable. The DOJ evaluates whether companies close the loop by updating controls, training, and governance in response to findings. Rational compliance requires not only seeing clearly but acting on what is seen.

Finally, compliance leaders must resist narrative-driven assurance. Statements such as “this has never happened before” or “we trust our people” are not evidence. Lucretius reminds us that trust is strengthened, not weakened, by verification.

IV. Key Takeaways for Compliance Professionals

1. Father of CM/CI. Compliance professionals should view Lucretius as the philosophical foundation of monitoring and continuous improvement. Lucretius grounds compliance in disciplined observation rather than comfort or tradition. He reminds compliance professionals that a program cannot improve what it refuses to examine honestly. Monitoring and continuous improvement are not technical exercises but ethical commitments to see the organization as it truly operates.

2. Fact-based. Compliance should privilege evidence over assumption. Assumptions about culture, control effectiveness, or employee behavior create blind spots that persist until a failure forces attention. Lucretius warns that belief without verification is a form of self-deception. An effective compliance program insists on data, testing, and validation rather than reassurance.

3. Measure outcomes, not activity. Compliance should design metrics that measure effectiveness, not activity. Counting trainings delivered or policies acknowledged does not demonstrate that misconduct is being prevented or detected. Lucretius would reject metrics that comfort leadership without revealing reality. Compliance metrics must answer whether controls change behavior and reduce risk, not merely whether processes occurred.

4. Information is data. Compliance should treat incidents and near misses as data, not embarrassment. Organizations often hide or minimize incidents out of fear of reputational harm or internal scrutiny. Lucretius teaches that fear distorts judgment and delays learning. A mature compliance program uses incidents and near misses as signals for improvement rather than reasons for denial.

5. Risks Change. Compliance should evolve as risks, markets, and technologies change. Static compliance programs assume the world remains stable, an assumption Lucretius would view as fundamentally irrational. This is certainly not true in the age of Trump. Business models, geopolitical risks, and technologies shift faster than policy cycles. Continuous adaptation is the only rational response to an environment in constant motion.

6. Embrace Observation. Compliance should embrace rational observation as an ethical obligation. Seeing clearly is not morally neutral; it is a responsibility owed to stakeholders and institutions. Lucretius argued that ignorance sustained by fear causes harm. In compliance, choosing not to look is itself an ethical failure.

7. Evidence-based. Finally, Lucretius teaches that organizations fail not because reality is unknowable, but because they choose not to look. This is the capstone lesson of the compliance lifecycle. Organizations that avoid uncomfortable facts drift into compliance theater and false confidence. Rational, evidence-based compliance treats truth as an asset, even when it reveals weakness.

V. Conclusion: Roman Philosophy and the Compliance Program That Actually Works

Taken together, these five Roman philosophers describe the full lifecycle of a modern compliance program as it exists in the real world, not as it appears in policy manuals. Cicero establishes why compliance must exist at all, grounding the program in duty rather than expediency and reminding organizations that law is only the starting point. Seneca then confronts the reality that ethical commitments are tested under pressure, exposing how fear, ambition, and rationalization undermine even well-designed systems. Epictetus moves the analysis to the individual, insisting that ethical responsibility does not disappear inside hierarchy and that compliance ultimately depends on personal agency. Marcus Aurelius elevates that responsibility to leadership, showing how culture is formed through example and how ethical expectations live or die by the behavior of executives. Finally, Lucretius closes the loop, demanding rational observation, evidence, and continuous improvement so that compliance programs do not drift into assumption, superstition, or complacency.

What makes the Roman philosophers uniquely valuable to compliance professionals is their focus on institutions, power, and human behavior under constraint. The Greeks gave us ethical ideals. The Romans showed us how those ideals survive, or fail, inside complex systems. This mirrors the Department of Justice’s modern approach to compliance, which increasingly evaluates not whether a program exists, but whether it operates, adapts, and functions under real-world conditions.

For the compliance professional, the lesson of this series is both sobering and empowering. No single control, policy, or training module is sufficient. Effective compliance requires ethical foundations, behavioral awareness, individual accountability, principled leadership, and disciplined monitoring working together as an integrated system. Remove any one of these elements, and the program weakens. Align them, and compliance becomes not a defensive function, but a durable governance capability.

In combining these Roman insights with the earlier Greek philosophical foundations, the compliance professional gains more than historical perspective. They gain a framework for building programs that withstand pressure, earn trust, and evolve. In the end, that is the measure of a compliance program that actually works.

Categories
AI Today in 5

AI Today in 5: February 5, 2026, The Google Goes for the Jugular Edition

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider five stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

Top AI stories include:

  1. Google vows to outspend everyone. (BusinessInsider)
  2. AI communications governance criticality. (FinTechGlobal)
  3. Even with the Trump administration’s AI order, companies must remain vigilant. (CXDive)
  4. World’s first viral AI agent has arrived. (WSJ)
  5. China ramps up energy boom to fuel AI. (Bloomberg)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game. You can purchase a copy of the book on Amazon.com

Categories
Daily Compliance News

Daily Compliance News: February 5, 2026, This Job Sucks Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Nike was investigated for discrimination against whites. (NYT)
  • DOJ lawyer tells court the “system sucks” and her “job sucks”. (WSJ)
  • Two Chinese journalists were jailed for investigating corruption. (NYT)
  • Rio Tinto and Glencore merger in danger. (FT)
Categories
Blog

Roman Philosophers and the Foundations of a Modern Compliance Program: Part 4 – Marcus Aurelius and Ethical Leadership

I recently wrote a series on the direct link between ancient Greek Philosophers and modern corporate compliance programs and compliance professionals. It was so much fun and so well-received that I decided to follow up with a similar series on notable Roman Philosophers. This week, we will continue our exploration of the philosophical underpinnings of modern corporate compliance programs and compliance professionals by looking at five philosophers from Rome, both from the BCE and AD eras.

We have considered Cicero and the duties, law, and moral limits of business; Seneca on power, pressure, and ethical decision-making under stress; and Varro on corporate governance. Today, we consider Marcus Aurelius and ethical leadership and tone at the top. Tomorrow, we will conclude with Lucretius to explore rationality, fear, and risk perception. Today, we continue with Marcus Aurelius, Ethical Leadership, and Culture as a Compliance Control

I. Marcus Aurelius in Context: Power with Restraint

Imagine you are the single most powerful person on earth. Are you going to be an unrepentant narcissist in the manner of Donald Trump, who believes he should govern on his own twisted morality based simply on ‘gut instinct’? Or are you going to take a different approach, set out your reasoned approach to governing in a book, and then govern with the moral authority of thousands of years of philosophy?

Marcus Aurelius is often remembered as the philosopher-king, but that description understates the difficulty of his position. He ruled the Roman Empire during a period of war, plague, economic strain, and political instability. Unlike many philosophers, Marcus Aurelius did not write for an audience. His Meditations were private reflections, written to discipline his own thinking while exercising absolute power.

This matters for compliance professionals. Marcus Aurelius did not theorize about ethical leadership from a distance. He lived inside it. He understood that power magnifies temptation, insulates leaders from feedback, and creates opportunities for self-deception. His philosophy is therefore preoccupied with restraint, humility, consistency, and responsibility.

Marcus repeatedly reminded himself that leadership is not a privilege but a burden. Authority did not entitle him to indulgence; it imposed higher expectations. He believed that leaders set moral boundaries through conduct long before they issue instructions. In modern terms, Marcus Aurelius understood that culture flows downward from leadership behavior rather than upward from policy documents.

II. The Compliance Problem Marcus Aurelius Illuminates: Culture Eats Controls

One of the central lessons of modern compliance enforcement is that formal controls cannot compensate for poor culture. Organizations with detailed policies and sophisticated monitoring still fail when leadership behavior signals that results matter more than integrity. The DOJ Evaluation of Corporate Compliance Programs (ECCP) explicitly asks whether senior leaders demonstrate commitment to compliance through actions, not words. Regulators assess whether ethical behavior is encouraged, whether misconduct is addressed consistently, and whether leaders tolerate or reward problematic conduct.

Marcus Aurelius would recognize this dynamic immediately. He believed that people learn how to behave by observing those in power. When leaders act inconsistently with stated values, cynicism follows. When leaders rationalize misconduct, that rationalization spreads. Compliance programs often falter when leadership treats ethics as a communication exercise rather than a lived expectation. Codes of conduct and training sessions cannot overcome the daily signals sent by executive decisions, incentive structures, and responses to failure.

Marcus teaches that culture is not accidental. It is created continuously by leadership choices, especially under pressure.

III. Modern Corporate Application: Marcus Aurelius, DOJ Expectations, and Leadership Accountability

Applying Marcus Aurelius to modern compliance reveals several concrete expectations that closely align with DOJ guidance.

First, leadership behavior must be consistent. Marcus believed hypocrisy was corrosive to authority. The DOJ similarly evaluates whether leaders follow the same rules they impose on others. Exceptions for senior executives undermine program credibility and weaken deterrence.

Second, leadership must respond to misconduct with moral clarity. Marcus wrote that anger and denial cloud judgment. In compliance terms, this means addressing issues promptly, transparently, and proportionately. Delayed or defensive responses signal tolerance, even when discipline eventually occurs.

Third, middle management matters. Marcus understood that culture is transmitted through layers of authority. DOJ guidance emphasizes the role of middle managers as culture carriers. Compliance programs should equip managers with the tools and incentives to reinforce ethical behavior, not merely deliver targets.

Fourth, incentives must reflect values. Marcus warned against leaders who chase reputation or reward at the expense of principle. Modern compliance programs must ensure compensation structures do not reward outcomes achieved through questionable means. The DOJ has repeatedly cited incentive misalignment as a root cause of misconduct.

Finally, leadership must create psychological safety. Marcus believed leaders should listen more than they speak. In compliance terms, this translates into openness to bad news, encouragement of dissent, and protection for those who raise concerns. A culture that punishes truth-telling cannot sustain compliance.

IV. Key Takeaways for Compliance Professionals

1. The Blueprint. Compliance professionals should view Marcus Aurelius and his writings as the blueprint for culture-based compliance. You can draw a direct line from the Meditations to both your compliance program and the leadership skills a CCO needs. Compliance should evaluate leadership behavior as a primary control, not a soft factor. This means not only reviewing employees who are promoted to management, but also a deep dive into their backgrounds. Also, thorough due diligence for any senior management hires from outside your organization.

2. Higher Standards. Compliance should hold senior leaders to higher standards of consistency and accountability.

3. Institutional Justice. Compliance should focus on how leaders respond to misconduct, not just how they prevent it. This is the CCO’s charge, and it must include an institutional fairness component in your compliance program.

  1. Compliance should ensure incentives reinforce ethical behavior at every level. The DOJ has consistently discussed the role of incentives in any compliance program, as far back as the 1st edition of the FCPA Guidance in 2012.
  2. Compliance should treat culture as an operational risk area subject to oversight and testing. Culture should be assessed, monitored, and improved. Simply because it is seen as a ‘soft’ part of an organization does not mean it should be treated differently.

4. Walk the Walk. Finally, Marcus Aurelius reminds us that ethical leadership is not performative. It is visible, daily, and decisive. In organizations, culture follows leadership long before it follows policy.

V. Conclusion

Marcus Aurelius brings the compliance lifecycle to its cultural apex. He shows that leadership behavior is not merely influential but determinative, shaping whether ethical expectations are taken seriously or quietly dismissed. Yet even the strongest ethical culture is not self-sustaining. Leaders are human, memory fades, and good intentions erode without reinforcement. This is where culture must be supported by systems that observe, test, and correct.

Marcus Aurelius teaches us how leaders should behave; Lucretius challenges us to examine how organizations think. If Marcus focuses on moral example, Lucretius turns our attention to rational observation, warning against fear, superstition, and self-deception. The transition from Marcus Aurelius to Lucretius mirrors the shift from cultural leadership to continuous improvement, from ethical intent to empirical verification. In compliance terms, it is the move from assuming the program works to proving that it does, using data, monitoring, and clear-eyed analysis rather than hope or habit.

Join us tomorrow for our concluding article on Lucretius and Rationality in Monitoring and Continuous Improvement. We will consider where culture gives way to systems, data, and the discipline of seeing risk clearly rather than through fear or superstition.

Categories
AI Today in 5

AI Today in 5: February 4, 2026, The SaaSpocalypse Edition

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider five stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

Top AI stories include:

  1. AI is helping in regulatory volatility. (WSJ)
  2. AI is reshaping AML in banking. (FinTechGlobal)
  3. Wall Street is dumping SW stock. (Yahoo!Finance)
  4. What is your enterprise AI strategy? (FinTechGlobal)
  5. AI security reaches a turning point. (FinTechGlobal)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game, is available. You can purchase a copy of the book on Amazon.com.

Categories
Daily Compliance News

Daily Compliance News: February 4, 2026, The Trump Shakesdown Japan Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Inconsistent branding on Guardian Caps. (NYT)
  • X’s offices were raided in Paris. (WSJ)
  • Saudi Arabia makes corruption-related arrests. (TheNational)
  • The Trump shakedown of Japan to the tune of $550bn. (FT)