Author: Admin

Categories
Blog

Compliance in a Time Warp: Compliance Lessons from Star Trek’s Tomorrow Is Yesterday

Show Summary

In the ever-expanding universe of Star Trek: The Original Series, the episode “Tomorrow Is Yesterday” offers an unexpected bounty of insights into compliance. On its surface, the story is a classic time-travel romp: the USS Enterprise is accidentally flung back to 1960s Earth, intercepted by a U.S. Air Force jet, and must find a way to return to the 23rd century without altering the course of history. But below the sci-fi action lies a deeper commentary on responsibility, decision-making, and the unforeseen consequences of even well-intentioned actions, making it a surprising compliance masterclass in disguise.

As compliance professionals, we often deal with risks not just of what is known but of what could happen: the unknown impact of an overlooked third-party relationship, a lack of controls in an emerging market, or a cultural blind spot that results in reputational fallout. In “Tomorrow Is Yesterday,” the crew must tread carefully to avoid disrupting the timeline, and in doing so, they offer lessons on ethics, documentation, information handling, and more. Let’s break it down: each lesson begins with a scene from the episode, followed by a compliance insight that today’s professionals can apply.

Lesson 1: Every Action Has Ripple Effects

Illustrated By: When the Enterprise accidentally ends up in the Earth’s atmosphere in the 1960s, it is detected by U.S. military radar. An Air Force pilot, Captain Christopher, is scrambled to intercept. The crew beams him aboard to save his life when his aircraft is destroyed—but now, they’ve interfered with the timeline.

Compliance Lesson:

This scene serves as a powerful reminder that even minor actions can have significant consequences when not carefully considered. In compliance, well-meaning decisions made under pressure, such as rushing a vendor through onboarding or bypassing standard procedures to hit a deadline, can trigger cascading problems. A missing due diligence step today might become tomorrow’s enforcement action.

The key takeaway is that compliance must always be mindful of unintended consequences. Strong controls and decision-making frameworks help teams slow down just enough to assess risks before acting. Preventing compliance failures often comes down to building in that pause, the moment of reflection before action.

Lesson 2: Do not Underestimate the Importance of Containment

Illustrated by Captain Christopher, who now knows too much. He’s seen a starship, spoken with its crew, and witnessed 23rd-century technology. Spock warns that releasing him could change the course of Earth’s future. The crew must now decide whether to detain him, erase his memory, or seek an alternative solution.

Compliance Lesson:

When sensitive information is accidentally exposed, whether it is confidential business data, personal employee details, or insider information, containment becomes the first and most crucial response step. Like the Enterprise crew managing the fallout of their accidental encounter, compliance professionals must act quickly and decisively to limit exposure.

This lesson is especially critical in the era of data privacy regulations such as the GDPR and the CCPA. Companies must have protocols in place to isolate breaches, report them within the required timeframes, and prevent further spread. Your compliance team should conduct tabletop exercises that simulate this kind of scenario, in which exposure has already occurred, and the focus is on mitigating the damage.

Lesson 3: Documentation and Traceability Are Critical

Illustrated by: As the crew works to reverse their time jump, they must carefully reconstruct a plan to erase all evidence of their presence in the past. They go so far as to recover physical recordings and tamper with computer logs to restore the timeline to its original state.

Compliance Lesson:

This scene underscores the importance of meticulous recordkeeping. While the Enterprise crew is in a rare situation of removing data for the good of the universe, in the corporate world, proper documentation is essential to ensure traceability, accountability, and auditability. Without documentation, there is no proof of process, no evidence of decisions, and no way to defend against accusations or demonstrate compliance.

Whether you are conducting due diligence, implementing a policy, or investigating a report, thorough documentation serves as the foundation of defensible compliance. Ensure that every step is captured, from the decision to engage a third party to the delivery and recording of employee training.

Lesson 4: Ethics Must Guide Decision-Making Under Uncertainty

Illustrated By: Faced with conflicting outcomes, if they return Captain Christopher to Earth, he may reveal classified knowledge; if they don’t, they alter his family line. Kirk and Spock must weigh ethical considerations against practical risks. Ultimately, they learn that Christopher’s unborn son will become pivotal to Earth’s future space exploration, so they must return him.

Compliance Lesson:

When policies do not offer a clear answer, ethical judgment must guide your decision-making. In many situations, especially those involving gray areas or new technologies, compliance teams are left to interpret principles rather than rules. That’s where a well-structured code of ethics becomes essential.

Training should teach employees not only what the law says but also how to apply ethical reasoning when no single option is perfect. Ethical leadership, modeled by those at the top, also reinforces that it’s not just about staying within bounds but rather about doing the right thing even when the stakes are high.

Lesson 5: Cross-Functional Collaboration Enhances Compliance Outcomes

Illustrated By: To return to their time and restore the timeline, the crew must coordinate multiple systems across engineering, science, navigation, and command. Mr. Scott recalibrates the engines, Spock calculates gravitational trajectories, and Sulu pilots the ship at precisely the right moment.

Compliance Lesson:

Compliance cannot operate in a silo. Like the crew of the Enterprise, compliance teams must work across various departments—such as legal, IT, HR, operations, and more—to execute effective risk mitigation. Whether you’re launching a third-party review process, addressing a whistleblower complaint, or updating privacy policies, your success depends on collaboration.

This involves building trust, facilitating effective communication, and aligning incentives across various functions. Consider forming cross-functional compliance working groups to stay informed about emerging risks and ensure shared ownership of compliance outcomes.

Lesson 6: Time Is of the Essence

Illustrated By: As the Earth’s gravitational pull begins to reassert itself, the Enterprise must execute its time-warp escape with split-second precision. A single delay could strand them in the 20th century or, worse, destroy the ship.

Compliance Lesson:

Timing can be the difference between a manageable issue and a full-blown crisis. Regulatory deadlines, investigation windows, and breach notification requirements all operate on strict timelines. Compliance professionals must be equipped to respond swiftly and decisively, particularly in crises.

Establishing a rapid-response protocol with clearly defined roles and pre-approved escalation paths is critical. Regularly review these protocols through simulated drills and update them based on lessons learned from real-world experiences. Like the crew navigating their return through time, your team must be prepared to act quickly when risk strikes.

Conclusion: Compliance for the Future—Rooted in Responsibility

“Tomorrow Is Yesterday” reminds us that ethical conduct isn’t just about navigating today’s rules but also about understanding the impact of our actions on tomorrow. For the crew of the Enterprise, that meant carefully extracting themselves from history without doing damage. For compliance professionals, it means building systems and cultures that consider not only legal obligations but also ethical consequences, unintended impacts, and the interconnectedness of our global environment.

In an era of accelerating technology, geopolitical shifts, and complex regulatory changes, these lessons are more relevant than ever. Whether it’s responding to a data breach, managing an FCPA risk, or updating your training protocols, ask yourself, “What ripple effects could this create? Are we prepared? Are we acting with integrity? ”

To boldly go where no compliance program has gone before, we must learn from the past, act responsibly in the present, and remain ever-mindful of the future. So, let’s not just manage compliance—let’s lead it ethically, collaboratively, and with a focus on the future.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Daily Compliance News

Daily Compliance News: June 18, 2026, For Whom Tolls the Bell Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Ex-Nigerian oil minister acquitted of corruption. (Reuters)
  • Prediction markets to take company bets. (NYT)
  • A picture of cigars. Does the penalty fit the crime? (WSJ)
  • Who will toll the Straits of Hormuz? (Reuters)

To learn about the intersection of Sherlock Holmes and the modern compliance professional, check out Tom’s latest book, The Game is Afoot-What Sherlock Holmes Teaches About Risk, Ethics and Investigations on Amazon.com.

Categories
It's art

It’s Art, Let’s Talk About It: Darrell Beauchamp on Cliff Cavin Landscapes, Emerging Artists, and Upcoming Exhibits

The Museum of Western Art is dedicated to excellence in the collection, preservation, and promotion of Western Heritage and the education and cultural enrichment of our diverse audiences. The Museum serves as a bridge between the past and the present, ensuring that the legacy of the American West will be preserved for the future. Western Art is as engaging and important as ever. In this award-winning podcast series, Museum Executive Director Darrell Beauchamp is interviewed by Tom Fox to discuss the Museum’s current exhibit featuring well-known landscape artist Cliff Caven.

Beauchamp discusses the Museum’s current exhibit, “Cliff Cavin: Journeys of a Lifetime,” featuring 54 new landscape paintings by Seguin-based artist Cliff Cavin, displayed across two galleries, and launched with a reception attended by nearly 100 people. Beecham also reflects on the Museum’s April Roundup, highlighting 19-year-old award winners Eliza Hoffman (Patron’s Choice) and Nathaniel Garza (Director’s Choice), including Garza’s donated painting “The Witness,” inspired by the July 4 flooding, now in the permanent collection. They discuss how digital platforms expand market access for younger artists, why sales announcements are emotional for artists, and Kevin MacPherson’s influence as a teacher. Beauchamp previews upcoming exhibits by Adrienne Stein, Bill Kalwick, and Eric Slocombe, and notes the community impact of the museum’s remembrance garden. Visitor details and website are provided.

Resources

Museum of Western Art

Darrell Beauchamp on LinkedIn

Categories
Kerr250 Podcast

The Kerr250 Podcast: The MOWA Kerr 250 Flag Display: Sponsorship, Operations, and Community Engagement

Kerr250 is a community-focused podcast dedicated to celebrating America’s 250th birthday through the people, businesses, traditions, and events of Kerr County. As our nation marks this historic anniversary on July 4, 2026, Kerr250 will highlight the local celebrations and community efforts that bring this milestone to life. Each episode will feature conversations with local leaders, business owners, organizers, volunteers, and proud citizens who are helping make Kerr County a vibrant part of this national moment. The podcast will explore how history, patriotism, service, and community pride come together in one county that believes America’s strength has always come from its people. Kerr250 is where Kerr County honors the past, celebrates the present, and helps inspire the future.

In this episode, Tom Fox visits with the Museum of Western Art Executive Director, Darrell Beauchamp, on the Museum’s trip to America’s birthday with its flag display.

Beauchamp describes a flag display launched in late April and scheduled to run through September 13 as a contribution to the Kerr 250/America 250 effort led locally by Nancy Foster. The installation includes all 50 state flags plus an additional Minnesota flag to accommodate differing preferences; 27 historical versions of the U.S. flag through the 50th; several Texas flags; two 50-star flags flown over the state and U.S. capitols; and Kerr 250 flags, creating a patriotic driveway experience. Community members sponsor flags for personal reasons such as honoring family, home states, where they met a spouse, or past duty stations; most state flags and about 20 U.S. history flags have been sponsored. The project involves material and installation costs, uses solar lighting for nighttime illumination, requires periodic maintenance after high winds, and has experienced no theft or damage.

Highlights include:

  • Why There Are 51 State Flags
  • Historic US Flags Lineup
  • Personal Flag Sponsorships
  • Solar Lighting At Night

Resources:

Kerr250 website

MOWA

Categories
AI Today in 5

AI Today in 5: June 18, 2026, The Top 100 Edition

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider five stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

Top AI stories include:

  1. Top 100 firms in AI and fintech. (FinTechGlobal)
  2. Bernie wants to give the public ownership of AI. (AP News)
  3. Compliance lessons for AI and debt collection. (ACA International)
  4. On the need for civil rights audit rights in federal AI programs. (PA Times)
  5. State Farm bets on AI. (PYMNTS)

For more information on the use of AI in compliance programs, Tom Fox’s new book, Upping Your Game, is available. You can purchase a copy of the book on ⁠Amazon.com⁠.

To learn about the intersection of Sherlock Holmes and the modern compliance professional, check out Tom’s latest book, The Game is Afoot-What Sherlock Holmes Teaches About Risk, Ethics and Investigations on ⁠Amazon.com⁠.

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 18 – Arena and Lessons in Cross-Cultural Compliance

Show Summary

One of the most potent aspects of compliance leadership is its profound connection with broader lessons drawn from seemingly unrelated sources. Few are as richly instructive as the original Star Trek series. Today, let’s boldly explore an insightful compliance case study from the iconic episode “Arena.” This episode illustrates the immense value of cross-cultural understanding and effective intercultural compliance strategies. Here are the cross-cultural compliance lessons that corporate compliance professionals can derive from this gripping tale.

Key highlights:

1. Avoiding Misinterpretation through Cultural Empathy Scene from “Arena”

Illustrated by Captain Kirk, consumed by the destruction of the Federation outpost at Cestus III, immediately assumes malevolent intent.

Compliance professionals must recognize their inherent biases and strive for deeper cultural understanding, particularly when operating internationally. Rather than jumping to conclusions, compliance leaders should rigorously question their assumptions, investigate thoroughly, and engage in respectful dialogues with international counterparts.

2. Communication and Mutual Understanding

Illustrated By: Initially driven by anger and mistrust, Kirk ultimately realizes—through observing and assessing the Gorn’s motivations and behavior—that the Gorn believed they were acting in legitimate self-defense, perceiving the Federation outpost as a threat.

This realization highlights the vital importance of clear and transparent communication in fostering mutual understanding. Compliance officers navigating multinational operations must ensure effective communication channels and clear articulation of company values, expectations, and regulatory requirements across cultural divides.

3. Respectful Negotiation as a Foundation for Resolution

Illustrated By: In the episode’s finale, rather than taking advantage of a vulnerable and incapacitated Gorn captain, Kirk refuses to deliver a lethal blow.

Compliance leaders should employ collaborative negotiation techniques, prioritize understanding diverse perspectives, and demonstrate respect for local customs and regulatory norms. Such respectful negotiation not only resolves immediate issues but also establishes lasting trust and collaborative relationships that strengthen global compliance initiatives.

4. Continuous Learning and Adaptability in Cultural Contexts

Illustrated By: Throughout the battle, Kirk learns from his environment, adapting his strategies to the unique circumstances imposed by the Metrons’ forced confrontation. His ability to adapt and learn continuously becomes his greatest asset.

Compliance professionals must also embrace continuous learning and adaptability, particularly in diverse cultural contexts. Successful compliance officers cultivate adaptability by actively engaging with local teams to gain nuanced insights.

5. Leveraging Cultural Differences as Opportunities

Illustrated by the fact that, although initially viewed as monstrous and hostile, the Gorn prove to be strategic, thoughtful, and capable.

Compliance officers who leverage cultural differences constructively build stronger, more resilient, and truly global compliance frameworks.

6. Cross-Cultural Leadership Drives Ethical Behavior

Illustrated by Kirk’s ultimate refusal to kill the defenseless Gorn, ethical leadership inspires respect even among the observing Metrons.

Visible ethical leadership encourages teams worldwide to consistently adopt and maintain compliance and moral behavior.

Final ComplianceLog Reflections

The cross-cultural lessons from Star Trek’s “Arena” vividly illustrate essential compliance principles for the contemporary global organization. Compliance leaders must cultivate cultural empathy, maintain clear communication, negotiate respectfully, demonstrate adaptability, positively capitalize on cultural diversity, and exemplify ethical cross-cultural leadership. Just as Captain Kirk learned to move beyond initial assumptions toward a more profound understanding, compliance professionals can significantly enhance their effectiveness by applying these timeless lessons.

By adopting these culturally intelligent compliance practices, organizations not only ensure regulatory adherence but also significantly enrich their internal culture and ethical stature. Let us commit to boldly going forward, embracing cross-cultural intelligence and empathy as the cornerstones of effective global compliance strategies.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Timothy and Fiona are AI-generated voices.

Categories
Blog

Beyond the Arena: Compliance Hotlines, Speak-Up Culture, and Lessons from Star Trek’s “The Gamesters of Triskelion”

For compliance professionals, building a culture in which employees feel empowered to speak up, whether as victims or bystanders, is both an ethical imperative and a business necessity. Yet, fostering this environment goes far beyond simply installing a hotline or posting policies on the intranet. It requires trust, accessibility, and leadership that encourages all voices, especially those witnessing misconduct, not just those experiencing it firsthand.

No episode of Star Trek: The Original Series illustrates the importance of courage, communication, and the role of bystanders quite like “The Gamesters of Triskelion.” In this memorable installment, Captain Kirk, Lieutenant Uhura, and Chekov are kidnapped and forced to fight as gladiators for the amusement of alien “Providers.” While the spectacle is one of brute force, the true victory comes not from physical strength but from challenging the system, refusing to remain silent, and advocating for oneself and others.

Today, we beam down and explore the key compliance lessons, literally scene by scene, from this classic episode and see how it can help us reimagine our approach to hotlines, internal reporting, and speak-up culture in today’s organizations.

The Gamesters of Triskelion” places our heroes in an alien arena, stripped of their autonomy and pitted against each other. Their every move is watched, wagered upon, and manipulated by unseen masters. It’s an allegory that resonates in the modern workplace, where power imbalances, fear, and bystander inaction can allow harassment and misconduct to flourish in the shadows.

But just as Kirk and his crew refuse to be mere pawns, so too must organizations encourage employees to break free from silence, whether as victims or witnesses, to foster a truly ethical and accountable culture.

Lesson 1: Accessibility and Trust—The Foundation of Any Hotline Program

Illustrated by: Kirk’s first attempts to communicate with the Providers, demanding answers and voicing his protest against the system. When Captain Kirk is abducted, his first instinct is to seek information, challenge authority, and demand a platform for his concerns. But the providers initially deny him any means to voice his objections. Reflecting a system where grievances are suppressed, and channels for reporting are inaccessible.

Compliance Lesson: A hotline or internal reporting system is only as effective as its accessibility and the trust employees have in it. Too often, organizations install a hotline as a check-the-box exercise, but if employees don’t trust the process or fear retaliation, it becomes as useless as shouting into the void. Build trust by ensuring anonymity, robust anti-retaliation protections, and transparent follow-up processes. Empower all employees, not just those harmed directly but also those who witness wrongdoing, to report concerns with confidence.

Lesson 2: Bystander Empowerment—Everyone Has a Role in Speaking Up

Illustrated By: Uhura witnesses Chekov being attacked by another thrall and later supports Shahna when she faces abuse from the Providers. Uhura’s actions exemplify the power of the bystander. Though she is a victim of abduction, she does not remain passive when she witnesses Chekov in danger or Shahna being mistreated. She steps forward, speaks up, and supports those around her, even putting herself at risk.

Compliance Lesson: An authentic speak-up culture extends beyond encouraging direct victims to report. It actively enlists bystanders, colleagues, supervisors, and contractors who observe misconduct or questionable behavior. Compliance professionals should provide training on bystander intervention, communicate that speaking up is a shared responsibility, and recognize those who do. This not only prevents harm but also signals to all employees that silence is not neutrality; it is complicity.

Lesson 3: Remove Barriers to Reporting—Simplify and Normalize the Process

Illustrated By: Kirk negotiates with the providers, insisting on open communication, transparency, and fair treatment for himself and the others. Throughout the episode, Kirk persistently challenges the opaque rules of the Triskelion arena. He demands not just a voice, but a fair and understandable process—something the providers grudgingly grant after repeated confrontation.

Compliance Lesson: Internal reporting mechanisms should be straightforward and widely communicated. Complicated processes or unclear outcomes deter people from coming forward. Normalize reporting by making it a routine, non-threatening part of workplace culture, much like regular safety drills or team meetings. Remind employees frequently, in plain language, of how and why to report concerns, and ensure that doing so is free from bureaucratic or emotional hurdles.

Lesson 4: Leadership Sets the Tone—Champion Speak-Up Behavior at the Top

Illustrated By: Kirk rallies Uhura, Chekov, and Shahna, modeling courage and vocal opposition even under surveillance. Kirk’s leadership in the arena is marked by his refusal to comply quietly with unjust commands. He models courage and vocal opposition, inspiring those around him, especially Shahna, a bystander-turned-ally, to question the status quo and ultimately join his cause.

Compliance Lesson: Tone at the top matters. Leaders who demonstrate, support, and reward speaking up create an environment where others feel safe to do the same. Encourage managers and executives to share stories of when they reported concerns or acted as ethical bystanders. Celebrate transparency and moral courage, not just technical compliance. When leaders set the example, the entire organization takes notice.

Lesson 5: Close the Loop—Respond, Resolve, and Communicate Outcomes

Illustrated By: After Kirk’s defiance and challenge, the Providers agree to his terms, ultimately restoring freedom and dignity to the captives. The climax of the episode comes when the Providers, confronted with Kirk’s unwavering demands and the support of his crew, capitulate. They not only allow complaints to be aired, but they also listen, act, and restore justice.

Compliance Lesson: Effective reporting systems require not only intake but also meaningful response. Employees must see that their concerns are taken seriously and addressed appropriately. This includes timely investigation, resolution, and, where possible, communication back to the reporter (even if only in general terms). When employees see real action and outcomes, trust grows, and participation in the system increases. Closing the loop is essential to sustaining a robust speak-up culture.

Final ComplianceLog Reflections

The Gamesters of Triskelion” demonstrates that courage, solidarity, and a voice can challenge even the most entrenched power structures. For compliance professionals, the episode serves as a poignant reminder that hotlines and policies are only the starting point. The real work is building an environment where every employee, victim, or bystander knows they have the right, the tools, and the support to speak up and that their concerns will be heard and acted upon.

As you assess your organization’s internal reporting and speak-up culture, ask yourself:

  • Are your hotlines and reporting channels truly accessible and trusted?
  • Have you equipped and empowered bystanders, not just victims, to act?
  • Are you constantly removing barriers to speaking up and normalizing the process?
  • Does your leadership model champion the values you expect from everyone?
  • Do you always close the loop by providing feedback and taking visible action?

True compliance is not measured by silence but by the willingness of all to speak, intervene, and challenge injustice. Like Kirk and his crew, our mission is not just to survive the arena but to change it for the better.

Live long, prosper, and always encourage your crew to speak up.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Blog

When Employees Are Drowning in Compliance Change

Compliance professionals know the drill. A new policy is issued. A new training module goes live. A new third-party platform is rolled out. A new AI use standard is announced. A new M&A integration plan hits the field. A new sanctions update requires immediate attention. Each initiative may be defensible on its own. Taken together, they can overwhelm the very employees the compliance program depends upon.

That is the central compliance lesson from David Grossman’s MIT Sloan Management Review article, “When Employees Are Drowning in Change.” Grossman argues that effective leaders do not simply manage change; they manage how people experience change. His article identifies three disciplines that matter: make dialogue nonnegotiable, align leaders around a shared change narrative, and sequence change with employee capacity in mind. For compliance professionals, this is not merely a communications issue. It is a program effectiveness issue.

The DOJ’s Evaluation of Corporate Compliance Programs (ECCP) asks three core questions: Is the program well designed? Is it adequately resourced and empowered? Does it work in practice? The DOJ also makes clear that prosecutors look at whether compliance policies, training, reporting lines, incentives, discipline, and controls are integrated into the company’s operations and workforce. That means a compliance change that employees cannot absorb is not fully implemented. It may exist in a slide deck, an LMS platform, a policy portal, or a board report. But if it does not change behavior, it is not yet operating as a control.

Compliance Fatigue Is a Real Risk

Compliance professionals often think about risk in categories: anti-corruption, sanctions, fraud, conflicts, privacy, cybersecurity, antitrust, money laundering, books and records, and now AI governance. Employees do not experience risk in neat categories. They experience messages, requirements, approvals, certifications, controls, deadlines, and consequences.

That distinction matters. A sales manager may receive anti-bribery training, a gifts-and-hospitality update, a new distributor due diligence process, a revised approval matrix, an AI acceptable use notice, and a speak-up campaign in the same quarter. Compliance may see six separate risk-based initiatives. The employee sees a wall of instructions.

When that happens, the program creates noise. Employees may technically complete training but not internalize it. They may certify to policies but not understand how to apply them. They may attend a town hall but not know what has changed in their daily work. Worse, they may stop asking questions because the system feels too heavy to navigate. That is where Grossman’s change management lessons become directly relevant to the Chief Compliance Officer and the compliance team.

Make Dialogue a Compliance Control

The first discipline is dialogue. In compliance, dialogue should not be treated as a courtesy or a soft engagement tool. It is a control input.

The ECCP asks whether training and communications are tailored to the audience’s size, sophistication, subject matter expertise, needs, interests, and values. It also asks whether employees can ask questions arising out of training and whether the company measures training effectiveness, engagement, learning, and behavioral impact. This is a direct invitation for compliance teams to move beyond “push” communications. A one-way compliance rollout looks like this: publish the policy, assign the training, send three reminder emails, track completion, and report 98% completion to leadership.

A better model looks like this: identify the affected employee groups, ask where the new requirement will create friction, test the message with managers, build scenarios from real operational issues, provide a practical decision tool, hold short Q&A sessions, track questions and exceptions, and adjust the rollout based on what employees tell you.

Dialogue also requires closing the loop. When employees raise concerns about a new control, compliance does not have to accept every suggestion. But it should explain what it heard, what it changed, and what it could not change. Silence breeds skepticism. In compliance, skepticism becomes a workaround.

Build One Compliance Change Narrative

Grossman’s second discipline is alignment around a shared change narrative. This may be the most underused tool in the compliance function. Compliance teams frequently communicate in fragments. Legal explains the law. Compliance explains the policy. Internal audit explains control gaps. HR explains discipline. IT explains system access. Procurement explains third-party onboarding. Finance explains approval requirements. Each message may be accurate. Together, they may feel disconnected.

A compliance change narrative answers four practical questions:

  • Where have we been?
  • Where are we today?
  • Where are we going?
  • What must employees do differently?

For example, an AI governance rollout should not begin with a policy citation. It should begin with the business reality: employees are already using AI tools; the company wants innovation; customer and confidential information must be protected; decisions must remain accountable; and the company needs a consistent control framework. Then the compliance team can explain the required behavior: approved tools, prohibited uses, human review, data restrictions, escalation points, and monitoring.

This is also where middle management becomes essential. The DOJ expects senior leaders to communicate ethical standards clearly and demonstrate adherence by example. It also asks how middle management reinforces those standards and encourages employees to abide by them. In practice, employees often take their cues not from the CCO but from their direct supervisor. If the supervisor treats a new compliance requirement as administrative noise, the employee will do the same. Before any significant program change, compliance should align leaders on the story. Not a script. A shared narrative. What risk are we addressing? Why now? What will be easier? What will be harder? What support will employees receive? What does good look like?

Sequence Change With Capacity in Mind

The third discipline is sequencing. This is where compliance teams can create immediate business value. Grossman’s article notes that organizations often fail not because they are doing too much, but because they are doing too much at the same time without discipline. Compliance is vulnerable to this problem because every risk owner believes their initiative is urgent. The answer is not to do less compliance. The answer is to sequence compliance change with the same rigor applied to capital projects, technology rollouts, or major business transformations.

A mature compliance function should maintain a compliance change calendar. It should show what is hitting which employee population, when, and why. It should identify collision points. It should distinguish regulatory deadlines from preferred deadlines. It should flag high-risk groups that are already carrying heavy control burdens, such as sales, procurement, finance, logistics, government affairs, and third-party management teams.

The ECCP supports this risk-based discipline. Prosecutors ask whether the company deploys compliance resources in a risk-based manner, whether risk assessments are current, and whether updates to policies, procedures, and controls reflect lessons learned and evolving risks. Sequencing is part of that risk-based resource allocation. It is how compliance protects both the business and the control environment.

This is especially important in M&A integration. After closing, compliance must integrate codes, policies, hotline access, third-party controls, financial controls, training, investigation protocols, and audit plans. The DOJ specifically asks about the post-transaction compliance program, compliance oversight of the new business, incorporation into risk assessments, and post-acquisition audits. If compliance imposes all requirements on the acquired business at once, it may create both formal coverage and practical confusion. A sequenced plan gives employees a path from old expectations to new standards.

Measure Whether the Change Landed

Completion rates are not enough. Certifications are not enough. Attendance is not enough. The ECCP asks whether the program works in practice, whether it evolves, whether the company uses data to assess the program’s effectiveness, and whether it measures culture and seeks input from all levels of the organization. That means compliance change management must be measurable.

For training and communication, useful measures include questions asked, policy search data, guidance requests, hotline and speak-up trends, control exceptions, approval delays, audit findings, investigation themes, manager feedback, and pulse survey results. The issue is not simply whether employees received the message. The issue is whether they understood it, trusted it, and used it.

This is the practical bridge between Grossman’s article and the ECCP. Change management is not separate from the effectiveness of the compliance program. It is how effectiveness is achieved.

Practical Takeaways

  1. Create a compliance change inventory. List every major policy, training, system, control, campaign, certification, and reporting change scheduled for the next two quarters.
  2. Map the impact by employee group. Identify who is being asked to absorb the most change and whether those employees sit in high-risk roles.
  3. Require a change narrative for every significant rollout. The narrative should explain the risk, the business rationale, the required behavior, and the available support.
  4. Build dialogue into the process. Use listening sessions, manager huddles, Q&A channels, post-training feedback, and office hours. Then close the loop.
  5. Sequence based on risk and capacity. Not every compliance initiative can be first. Prioritize what is legally required, what addresses the highest risk, and what enables other controls to work.
  6. Measure behavior, not just delivery. Report to leadership on whether the change landed in the business, not merely whether the email was sent or the training was completed.

The compliance lesson is clear. Employees do not fail to follow compliance programs only because they lack information. Sometimes they fail because the organization has given them too much change, too little context, and no practical path to execution. A better compliance program does not simply say more. It listens better, aligns better, sequences better, and measures whether the business can actually do what compliance has asked.

Categories
Compliance Into the Weeds

Compliance into the Weeds: OFAC’s Warning Shot: FTI Consulting Fined for Indirect Dealings with Sanctioned Bank

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore it in greater depth. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode of Compliance into the Weeds, Tom Fox and Matt Kelly discuss a recent OFAC enforcement action fining FTI Consulting $1.05 million for a sanctions violation involving indirect dealings with Russia’s state-owned VTB Bank.

FTI provided economic analysis for VTB in litigation, but, knowing VTB was sanctioned, used a law firm as an intermediary to invoice and receive payment, which OFAC said does not avoid liability because prohibitions apply to indirect transactions as well as direct ones. OFAC doubled the base penalty of $525,000 explicitly to promote future compliance by similarly situated companies, signaling strong disapproval of “middleman” structures. The case also involved unpaid invoices that became an impermissible extension of credit to a sanctioned entity, highlighting the need for rigorous contract and payment-term review beyond basic sanctions screening and for dedicated sanctions expertise.

Key highlights:

  • Introducing the OFAC Case
  • Middleman Billing Scheme
  • Why Screening Misses Indirect Risk
  • Did Compliance Approve It?
  • OFAC Expectations and Capability
  • Penalty Doubled Warning Shot
  • Unpaid Invoices as Credit Extension

Resources:

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

A multi-award-winning podcast, Compliance into the Weeds was most recently honored as one of the Top 25 Regulatory Compliance Podcasts, a Top 10 Business Law Podcast, and a Top 12 Risk Management Podcast. Compliance into the Weeds has been conferred the Davey, Communicator, and W3 Awards, all for podcast excellence.

Categories
Daily Compliance News

Daily Compliance News: June 17, 2026, The Book-Cation Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • AI compliance failures. (TechRepublic)
  • Sounds like heaven. (NYT)
  • Brendan Sorsby is now the NFL’s problem. (WSJ)
  • Did JLR hide fire risks in its cars? (FT)

To learn about the intersection of Sherlock Holmes and the modern compliance professional, check out Tom’s latest book, The Game is Afoot-What Sherlock Holmes Teaches About Risk, Ethics and Investigations on Amazon.com.