Categories
AI Today in 5

AI Today in 5: September 9, 2025, The Investor Frenzy Continues Episode

Welcome to AI Today in 5, the newest edition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI, so start your day, sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5, all from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest related to AI.

Top AI stories:

For more information on the use of AI in Compliance programs, my new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
Innovation in Compliance

Innovation in Compliance: Navigating Cybersecurity Compliance: From Physical Audits to AI Frameworks with Lori Crooks

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode,  host Tom Fox visits with Lori Crooks, a seasoned professional in the field of cybersecurity and audit assessments, to discuss the evolution of auditing practices from physical infrastructure to cloud and AI.

Lori shares insights from her extensive career, highlighting key federal compliance frameworks like NIST 800-53, FedRAMP, and NIST 800-171. Lori stresses the importance of proactive compliance strategies and scalable GRC programs. As AI integration accelerates, she also addresses the challenges of adapting compliance frameworks to keep pace with technological advancements and the need to foster collaboration within organizations to effectively meet regulatory requirements.

Key highlights:

  • Federal Auditing Frameworks
  • Proactive Compliance Strategies
  • Scalable GRC Programs
  • AI and Compliance Landscape
  • Future of Auditing in the Age of AI

Resources:

Lori Crooks on LinkedIn

Cadra

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Check out my latest book, Upping Your Game-How Compliance and Risk Management Move to 2023 and Beyond, available from Amazon.com.

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Categories
Blog

Culture, Costs, and Compliance: Tackling Corporate Waste with Data-Driven Solutions

When compliance professionals hear the phrase “fraud, waste, and abuse,” their attention almost always gravitates toward the concept of fraud. Fraud makes headlines, triggers DOJ enforcement actions, and carries obvious reputational risk. But waste, the second component in that trio, costs corporations millions of dollars annually and often goes unnoticed. Waste is not always the result of intentional misconduct. Instead, it is the unnecessary, careless, or inefficient use of resources.

Left unchecked, waste can sap profits, drain morale, and erode organizational culture. Worse, it creates vulnerabilities that open the door to fraud and abuse. As compliance officers, we have a role to play in combating waste, not just as a financial drain, but also as a risk factor that undermines long-term business sustainability.

We continue our review of the role of compliance in combating fraud, waste, and abuse. Today, we consider the role of compliance in the fight against waste. One of the most promising tools in this fight is predictive analytics. We review how Shell used predictive analytics to transform its maintenance programs and discuss how compliance officers can harness these same principles to anticipate, identify, and prevent waste before it spirals into a major liability.

What Is Waste?

Waste is the misuse of corporate resources without necessarily crossing the line into fraud. It may include:

  1. Excessive travel or entertainment expenses.
  2. Over-maintenance of equipment that does not need servicing.
  3. Duplication of tasks due to poor communication.
  4. Paying for unused licenses, subscriptions, or services.
  5. Poorly designed processes that consume time and labor unnecessarily.

Unlike fraud, waste is not always intentional. An employee may not realize that expensing unnecessary upgrades or double-booking a supplier constitutes waste. Yet the cumulative impact is enormous. According to industry surveys, corporate waste can cost companies millions annually, and much of it is preventable through better monitoring and smarter resource allocation.

The Cost of Waste

Waste rarely grabs headlines, but its financial impact is staggering. Consider how often corporations schedule routine maintenance on equipment, even when it is not actually needed. The expense of replacing parts “on schedule” rather than based on actual performance data runs into the billions across industries. Similarly, compliance functions themselves can generate waste by deploying broad, unfocused training or redundant audits instead of targeting resources where they matter most.

Waste also undermines culture. Employees who see inefficiencies tolerated may conclude that the company does not take stewardship seriously. This normalization can spread: if no one cares about wasted money, why should they care about ethical gray zones? In this way, waste weakens the very cultural foundation compliance programs are designed to strengthen.

Lessons from Shell: Predictive Analytics and Maintenance

Shell provides a vivid example of how predictive analytics can transform waste into efficiency. Historically, Shell relied on calendar-based maintenance schedules, servicing equipment at predetermined intervals regardless of actual wear and tear. While effective in preventing breakdowns, this method was wasteful, resulting in unnecessary part replacements, downtime, and inefficient resource allocation.

By adopting predictive analytics, Shell embedded sensors across its global assets, collecting real-time data on vibration, temperature, and pressure. Machine learning models analyzed this data to detect anomalies, allowing Shell to service equipment only when necessary—the result: reduced downtime, lower costs, and improved reliability.

The compliance parallel is clear. Just as Shell transitioned from reactive repairs to predictive maintenance, compliance must also shift from reactive investigations to proactive monitoring. Waste in compliance, whether in resources, training, or oversight, can be dramatically reduced when programs are data-driven and predictive rather than static and calendar-based.

The Compliance Angle: Why Waste Matters

Waste is not just an operational issue. It is a compliance issue for three reasons:

  1. Regulatory scrutiny: Regulators are increasingly expecting companies to utilize data-driven tools to ensure efficiency and accountability. Wasteful practices, particularly in government contracting, can lead to legal exposure.
  2. Fraud adjacency: Waste creates gray areas that fraudsters exploit. If duplicate payments or unused services go unnoticed, bad actors can hide fraudulent charges within the noise.
  3. Cultural risk: Tolerating waste sends a signal to employees that accountability is negotiable. This undermines compliance culture and makes it harder to enforce policies consistently.

How Compliance Can Fight Waste

1. Leveraging Predictive Analytics

Compliance officers can use predictive analytics to spot wasteful spending patterns, such as duplicate vendor payments, recurring unused subscriptions, or expense anomalies. By analyzing large datasets in real-time, predictive analytics reveals inefficiencies that traditional audits often miss.

2. Targeting Resources

Much like Shell’s predictive maintenance conserved resources, compliance can use analytics to deploy training, audits, and investigations where they are most needed. This prevents the waste of blanket initiatives that consume time and budget without addressing real risk.

3. Building Proactivity into Culture

Predictive analytics fosters a culture of proactivity rather than reactivity. Employees learn to anticipate risks and inefficiencies before they escalate, creating a compliance culture that values stewardship of resources alongside ethical conduct.

4. Enhancing Decision-Making

Predictive models provide compliance leaders with actionable insights that sharpen their decision-making. Instead of guessing where to allocate limited resources, compliance officers can point to data-driven evidence, increasing credibility with leadership.

5. Continuous Improvement

Just as Shell recalibrates its predictive models with real-world data, compliance must treat waste reduction as a continuous improvement process. Predictive models should evolve in tandem with business practices, regulatory shifts, and emerging risks.

Five Key Takeaways for the Compliance Professional

1. Waste Is More Than Inefficiency

Waste is the misuse of resources, whether intentional or not, and it costs corporations millions annually. Beyond financial impact, tolerating waste erodes culture and creates openings for fraud.

2. Predictive Analytics Reduces Waste

Just as Shell cut costs and improved reliability through predictive maintenance, compliance programs can use predictive analytics to identify inefficiencies, anticipate risks, and allocate resources effectively.

3. Compliance Has a Role in Fighting Waste

Waste may appear to be an operational issue, but it is also a compliance issue. Regulators expect efficient use of resources, and unchecked waste can conceal fraud or abuse.

4. Proactivity Strengthens Culture

Predictive analytics fosters a proactive compliance culture that anticipates risks and addresses them before they escalate, reinforcing accountability and resource stewardship.

5. Continuous Improvement Is Key

Predictive analytics and waste reduction are not one-off projects. Compliance must continuously reassess data, refine models, and adapt to evolving risks to remain effective and credible.

Conclusion

Waste may not carry the same drama as fraud or abuse, but it represents a critical vulnerability for corporations. The financial cost is real, the cultural cost is corrosive, and the compliance implications are significant.

By taking a page from Shell’s predictive analytics playbook, compliance officers can transform their programs from passive monitors to proactive risk managers. Predictive analytics enables compliance to identify inefficiencies before they escalate, conserve resources, and enhance credibility with leadership. Most importantly, it positions compliance as a strategic partner in building a culture of accountability and efficiency.

In today’s environment, where regulators demand real-time monitoring and organizations face constant pressure to do more with less, fighting waste is not optional. It should be a compliance imperative.

Categories
The Ethics Experts Uncategorized

Episode 229 – James Downing

In this episode of The Ethics Experts, Nick welcomes James Downing.

James “Jim” Downing is a seasoned compliance professional with over 25 years of experience in the broker-dealer and investment advisory industry. Currently serving as the Chief Compliance Officer of JLL Securities, Jim has held similar roles at esteemed organizations such as Morningstar, Aon, BMO, and JP Morgan. Prior to his corporate positions, Jim worked as a FINRA examiner at the Chicago District Office for 5 years, gaining valuable insights into regulatory compliance. Jim has his Juris Doctorate with honors from Taft Law School and a Masters of Accounting with honors from Roosevelt University.

Connect with James on LinkedIn

Categories
Corruption, Crime and Compliance

[Replay] Five Strategies to Mitigate a New Risk Environment

What do you do when the headlines shift faster than your risk matrix can keep up? In this episode, Michael Volkov dives into the challenge of adapting compliance programs in the face of volatile and fast-changing global risks—from tariffs and trade controls to supply chain disruptions and third-party exposures. While the pressure to react is constant, the real key is staying anchored in your company’s values while making smart, timely adjustments.

Legal and compliance officers are used to adjustments and continuous improvement of their compliance programs. Building and maintaining an effective ethics and compliance program never ends — it is a continuous process. In a climate of rapid change, the strategies may feel familiar, but the risks themselves are taking new shape. To that end, Michael outlines five specific strategies for evolving your compliance program without losing your footing.

You’ll hear him discuss:

  • Why culture isn’t just a buzzword—it’s the first and most critical line of defense in volatile times
  • How to run a quick-turn, focused risk assessment to identify new hotspots like sanctions, tariffs, and supply chain gaps
  • The rising danger of indirect exposure to foreign terrorist organizations and cartels through third parties
  • What companies need to know about tariff classification, scope, and enforcement to avoid legal and economic penalties
  • Why sanctions and export controls enforcement is heating up—and what that means for your global operations
  • How to recalibrate third-party risk management to account for trade-based threats and hidden ownership structures

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Daily Compliance News

Daily Compliance News: September 8, 2025, The Using AI to Detect AI Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest that are relevant to the compliance professional.

Top stories include:

  • Clawing back illegal tariffs. (WSJ)
  • Using AI to detect AI-generated fake receipts. (NYT)
  • China launches corruption probe into top securities regulator. (FT)
  • Corrupt country leader, the US welcomes you. (PBS)
Categories
FCPA Compliance Report

FCPA Compliance Report – Exploring Compliance, in the US and Nigeria with Adeyinka Adejugbe

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, join Tom as he interviews Adeyinka Adejugbe, a seasoned business lawyer and compliance expert, to discuss his professional journey and insights into compliance frameworks across various industries and countries.

Adeyinka is a business lawyer, HR specialist, and certified chief compliance officer with an MBA. He has extensive experience across various industries and is passionate about creating systems of fairness and accountability. Adeyinka shares his experiences and the importance of tailoring compliance strategies to specific sectors, as well as the role of leadership in fostering a culture of ethical conduct and psychological safety.

Key takeaways highlights:

– 🌍 The importance of aligning compliance strategies with industry-specific needs.

– 📚 Insights into the differences and similarities between Nigerian and US compliance frameworks.

– 🚀 The role of AI and technology in the future of compliance.

– 🛡️ The significance of whistleblower protection in fostering a safe work environment.

– 🤝 How US and Nigerian compliance programs can learn from each other.

Resources:

Adeyinka Adejugbe on LinkedIn

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the use of AI in Compliance programs, my new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
AI Today in 5

AI Today in 5: September 8, 2025, The Firewalls Can’t Protect Episode

Welcome to AI Today in 5, the newest edition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI, so start your day, sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5, all from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest related to AI.

Top AI stories include:

  • Using AI to detect AI-generated fake receipts. (NYT)
  • Firewalls cannot protect any longer. (TheHackerNews)
  • AI is a game-changer in tax automation. (AIInvest)
  • AI helps rental car drivers fight back. (FoxNews)
  • Anthropic is clamping down on doing business with Chinese companies. (Bloomberg)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – What is Fraud, Waste and Abuse

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we will look at a ubiquitous term that everyone has heard but not many know what it means: fraud, waste, and abuse. Today, we define the term and explain what it matters to a compliance professional.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing your Compliance Program, 6th edition, which was recently released by LexisNexis. It is available here.

Categories
Blog

Untangling Fraud, Waste, and Abuse: A Primer for the Compliance Professional

In the world of compliance, few phrases are tossed around with as much frequency and often as little precision as “fraud, waste, and abuse.” In the government sector, this triad is well-defined. Federal and state agencies spend billions each year tracking, auditing, and enforcing rules to combat it. But in the private sector, the phrase is no less relevant. Whether you are managing a global compliance program, overseeing internal controls, or leading an ethics initiative, fraud, Waste, and abuse can quietly erode corporate value, undermine trust, and invite unwanted scrutiny from regulators, auditors, and stakeholders.

Yet too many compliance professionals lump these terms together, failing to appreciate the important differences between them. Fraud, Waste, and abuse may sometimes overlap in practice, but they require distinct prevention strategies, tailored controls, and cultural messaging. Today, we begin a multipart blog post series to unpack what each of these terms means for the private sector and explore how your organization can fight against their scourge.

Fraud: The Deliberate Deception

Fraud is the most familiar of the three. It is intentional deception or misrepresentation made with the knowledge that it will result in an unauthorized benefit. In the corporate world, fraud is not limited to elaborate Ponzi schemes or headline-grabbing accounting scandals; it often hides in plain sight.

Examples from the private sector include:

  • Financial statement fraud. Inflating revenue or concealing liabilities to present a healthier picture of the business. Enron, WorldCom, and Wirecard are stark reminders.
  • Procurement fraud. Kickbacks from suppliers, false invoices, or bid-rigging. A procurement officer who colludes with a vendor to inflate prices is not just wasting company money; they are stealing it.
  • Expense reimbursement fraud. Employees are submitting falsified receipts or double-billing travel expenses. What starts as “a little padding” quickly snowballs into a systemic problem.

Fraud is deliberate, targeted, and harmful by design. It requires intent to deceive. For this reason, fraud often falls under the purview of regulators and prosecutors, resulting in criminal charges, civil penalties, and severe reputational damage.

Waste: The Silent Erosion of Value

Waste, by contrast, is rarely intentional. It refers to the careless or unnecessary use of resources, leading to inefficiency and loss of value. Waste does not always involve dishonesty; usually, it is more often a byproduct of poor management, weak oversight, or cultural indifference.

Examples from the private sector include:

  • Operational inefficiencies. A manufacturing line that continues to use outdated machinery, consuming more energy than modern alternatives. However, it can also encompass basic corporate functions, such as failing to timely service vehicles and other large pieces of equipment until they break down.
  • Bloated corporate travel. Business units booked last-minute flights in premium class when lower-cost options were available with better planning.
  • Technology sprawl. Companies are paying for redundant software licenses because IT and business units fail to coordinate their procurement.

Waste drains profitability. Unlike fraud, it may not land your employees in court, but over time, it corrodes competitiveness, frustrates shareholders, and damages morale. For the compliance professional, Waste is tricky. Because it often lacks intent, it falls into a gray zone between compliance, internal audit, and operations. But leaving Waste unchecked is an abdication of governance responsibility. And of course, it can be very costly.

Abuse: The Exploitation of Loopholes

Abuse sits somewhere between fraud and Waste. It involves the improper or excessive use of resources or authority, but without a clear intent to defraud. Abuse may not violate the letter of company policy, but it often violates its spirit.

Examples from the private sector include:

  • Excessive executive perks. A senior leader insists on flying private, despite company policy allowing business class.
  • Overtime gaming. Employees schedule themselves in ways that maximize overtime pay, even when workloads do not justify it.
  • Supplier favoritism. A manager repeatedly awards contracts to a personal acquaintance without competitive bidding, even if the price is technically “market.”

Abuse thrives in cultures of entitlement and weak oversight. It often signals to employees that procurement rules are flexible or merely suggestions, undermining trust in leadership. Regulators may not always prosecute abuse, but investors, boards, and employees will notice.

Five Key Takeaways for the Compliance Professional

1. Know the Difference

Fraud, Waste, and abuse are often lumped together, but they are distinct risks with different causes and remedies. Fraud is intentional deception designed to enrich the perpetrator at the company’s expense. Waste is careless or inefficient use of resources, often unintentional but just as costly. Abuse sits in the middle ground, exploiting loopholes, gray areas, or authority for personal gain. If you treat these three risks as interchangeable, your controls will be blunt instruments. The savvy compliance professional tailors training, monitoring, and cultural messaging to each risk, ensuring prevention efforts are both precise and effective.

2. Fraud Is Not the Only Threat

Compliance programs often emphasize fraud because it creates legal exposure, attracts regulatory scrutiny, and can lead to criminal liability. Yet fraud is not the only drain on corporate value. Waste can hollow out profitability year after year through inefficiency and mismanagement. Abuse corrodes employee trust, culture, and morale, even when it does not cross a legal line. Boards and shareholders increasingly look beyond compliance “check the box” fraud controls. They demand stewardship, efficiency, and accountability across the enterprise. Expanding your program’s scope to tackle Waste and abuse demonstrates leadership, adds measurable business value, and positions compliance as a strategic partner.

3. Culture Is the Battleground for Abuse

You can design airtight policies and sophisticated controls to prevent fraud or reduce Waste, but abuse is more insidious. It thrives in cultures of entitlement, favoritism, and “wink-and-nod” exceptions to the rules. Abuse may not always break laws or policies, but it violates fairness and damages trust. That is why culture is the key battleground. Compliance leaders must set clear expectations, train managers to model ethical behavior, and empower employees to speak up when necessary. When entitlement and corner-cutting are tolerated, abuse spreads. When accountability, transparency, and stewardship are celebrated, abuse withers. Culture, not checklists, is the ultimate safeguard.

4. Data Is Your Ally

The complexity of modern business means fraud, Waste, and abuse can hide in plain sight. Data analytics provides compliance professionals with the tools to detect risks early. Anomalies in travel expenses may uncover not only fraudulent reimbursement but also systemic Waste in last-minute bookings or abusive upgrades. Procurement analytics can expose inflated invoices, duplicate payments, or favoritism in the vendor selection process. The key is not just gathering data but integrating it across compliance, audit, and finance systems. With proper dashboards and regular reviews, data becomes a proactive ally, identifying red flags before they metastasize into scandals that damage reputation and value.

5. Build Cross-Functional Coalitions

Fraud, Waste, and abuse do not respect organizational silos. They intersect with compliance, audit, HR, procurement, finance, and operations. If each function fights its own battles in isolation, risks will inevitably slip through the cracks. The compliance professional is uniquely positioned to serve as the connector, building coalitions that share data, align incentives, and coordinate responses. For example, a fraud indicator spotted by finance may also highlight Waste tracked by operations. HR may uncover abusive practices that compliance can remediate with policy changes. When functions collaborate, blind spots shrink, accountability rises, and the entire organization becomes more resilient.

Stewardship as Compliance

Fraud, Waste, and abuse may manifest differently, but together they represent a continuum of risks that can erode profitability, corrode culture, and undermine trust in leadership. For the compliance professional, the way forward lies in anchoring your program on five core pillars.

First, you need to understand the difference. Fraud, Waste, and abuse require distinct approaches, and treating them as interchangeable dulls your controls. Second, remember that fraud is not the only threat. Waste and abuse, while less visible, can be just as damaging to shareholders and boards who care about stewardship as much as compliance. Third, recognize that culture is the battleground for abuse. Without accountability and transparency embedded in daily operations, policies and controls are powerless against entitlement and favoritism. Fourth, leverage the fact that data is your ally. Analytics reveal patterns across all three categories, allowing you to act before small issues metastasize. Finally, build cross-functional coalitions. Fraud, Waste, and abuse cut across silos, and only through collaboration can you close the gaps.

Taken together, these five strategies form more than a compliance toolkit; they create a holistic framework for corporate stewardship. By clearly distinguishing risks, broadening your scope, reinforcing your culture, embracing data, and building coalitions, you elevate compliance from a defensive shield to a proactive value driver.

The organizations that thrive in today’s demanding environment will be those that go beyond chasing fraud and instead build resilient, data-driven, and culture-anchored programs to fight fraud, Waste, and abuse in all their forms. That is the mandate for the modern compliance professional.

Join us tomorrow as we explore how your anti-corruption compliance program can help your company combat fraud, Waste, and abuse.