Categories
Daily Compliance News

Daily Compliance News: January 30, 2025, The Malicious Compliance Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News—all from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Did the Chinese steal IP from ChatGPT? (WSJ)
  • Trump Administration complains that agencies are following its mandates. (The Atlantic)
  • Joe Wilson wants more FCPA and FEPA enforcement. (Newsweek)
  • Serbian PM resigns amid corruption probe. (ABC)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out The FCPA Survival Guide on Amazon.com.

Categories
Blog

How Compliance Can Leverage Agentic AI Systems, Part 2

Agentic AI systems, with their unique ability to operate autonomously, present a game-changing opportunity for corporate compliance functions. In a recent article in Bloomberg entitled “Using AI Agents Requires a Balance of Trust, Privacy, Compliance,” Sabastian Niles, President, and Chief Legal Officer of Salesforce, discussed AI agents’ roles. Today, we, therefore, enter the world of agentic AI systems. Understanding this new breed of AI is essential for compliance professionals to harness its power responsibly while safeguarding trust, privacy, and compliance.

Unlike traditional chatbots or large language models that are limited to providing static responses, Agentic AI systems can analyze complex data, adapt to new information, and take actions based on predefined parameters. This capability can revolutionize compliance operations by introducing efficiencies, enhancing decision-making, and improving the organization’s ability to anticipate and respond to risks. However, leveraging these systems effectively requires compliance professionals to approach them thoughtfully and strategically. Over this three-part blog series, I will explore what Agentic AI systems are, how they can be used in compliance, and how to use Agentic AI going forward. In Part 2, we look at how compliance can use Agentic AI systems.

Understanding the Potential of Agentic AI in Compliance

Agentic AI is distinguished by its autonomy. These systems do not simply respond to queries; they execute tasks, provide actionable insights, and adapt to changing circumstances with minimal human intervention. For compliance professionals, this shift represents an opportunity to go beyond even monitoring and detection. Instead, compliance teams can integrate AI agents into their workflows to proactively manage risks, enhance internal processes, and improve the organization’s overall compliance posture. Here are some specific ways agentic AI systems can be applied within the compliance function.

Automating Routine Tasks. Many compliance activities are repetitive and resource-intensive, leading to inefficiencies and bottlenecks. Agentic AI can streamline these processes by handling internal inquiries. AI agents can respond to frequently asked compliance questions from employees, such as clarifications on company policies, reporting obligations, or training requirements. This reduces the workload on compliance officers while ensuring consistent and accurate responses.

Agentic AI can assist in managing external counsel and external consultant relationships. For companies working with multiple external legal advisors, Agentic AI can automate the tracking of legal expenses, performance metrics, and case statuses, providing a centralized view of outside counsel activities. Finally, Agentic AI can be a game-changer in monitoring transactions on a real-time and ongoing basis. Agentic AI systems can autonomously review large volumes of financial transactions to identify red flags, such as unusual payment patterns or potential violations of anti-corruption laws.

  • Enhancing Decision-Making

Compliance often involves making decisions based on a wide array of data, from regulatory updates to internal audit findings. Agentic AI can enhance this process by providing real-time insights. It can analyze data across the organization to identify emerging risks, such as changes in geopolitical conditions or new regulatory developments, and provide recommendations on how to address them.

Agentic AI can also help reduce human error. Agentic AI can help eliminate biases or oversight errors in compliance assessments, ensuring that decisions are more objective and accurate. It can also model the potential impact of regulatory changes or proposed business initiatives, allowing compliance teams to anticipate challenges and provide informed guidance to leadership.

  • Driving Resilience

The regulatory environment is constantly evolving under the second Trump Administration, and organizations must be able to adapt quickly. Agentic AI can help compliance teams stay ahead by monitoring regulatory changes. It can automatically track and analyze updates to laws and regulations worldwide, highlighting changes relevant to the organization and suggesting actions to ensure compliance.

One of the key areas the Department of Justice communicated back in 2020 and brought forward in the 2024 Update to the Evaluation of Corporate Compliance Programs (2024 Update) was the need for risk assessments as your risk changes. Agentic AI moves you to a level beyond this with proactive risk assessments. By analyzing internal and external data, AI systems can identify vulnerabilities and recommend preventive measures, reducing the likelihood of compliance failures. It can also assist in your incident and triage process by investigating the issue, gathering evidence, and suggesting corrective actions, enabling the organization to respond more effectively.

Managing the Risks of Autonomy

While the autonomy of agentic AI systems offers significant benefits, it also introduces new risks that compliance professionals must address. Poor data quality and bias will still generate suboptimal results. Poor-quality or incomplete data can lead to incorrect or biased outputs from AI systems. Compliance teams must ensure that the data used by these systems is accurate, representative, and regularly updated.

The autonomous nature of Agentic AI means that organizations must establish clear guidelines for oversight and accountability. This includes defining when human intervention is required and ensuring that AI decisions align with organizational values and regulatory requirements. Finally, there are the dual areas of transparency and accountability. One of the most critical challenges with agentic AI is understanding how the system arrives at its decisions. Compliance teams must advocate for transparency in AI operations and develop mechanisms to explain decisions to regulators, stakeholders, and employees.

Steps for Compliance Teams to Adopt Agentic AI

To maximize the benefits of agentic AI while minimizing its risks, compliance teams should take the following steps:

  1. Assess Current Processes. Begin by identifying compliance activities that are repetitive, time-consuming, or prone to error. These are often the best candidates for automation through agentic AI.
  2. Pilot AI Applications. Before deploying AI across the entire compliance function, start with pilot projects in specific areas, such as policy monitoring or transaction reviews. Use pilots to test the system’s capabilities, identify potential risks, and gather feedback.
  3. Strengthen Data Governance. Agentic AI relies heavily on data, making strong data governance practices essential. This includes implementing controls to ensure data accuracy, managing access to sensitive information, and maintaining compliance with data privacy regulations.
  4. Develop Ethical Guidelines. Work with cross-functional teams to establish ethical guidelines for AI use. These guidelines should cover issues such as transparency, accountability, and acceptable use and should be reviewed regularly to reflect evolving best practices and regulatory standards.
  5. Provide Training and Support. Compliance teams must be equipped to work effectively with AI systems. Offer training to help team members understand how agentic AI works, how it can be used responsibly, and their role in overseeing its operations.
  6. Establish a Feedback Loop. Implement processes for continuously monitoring AI performance and gathering feedback from users. Use this information to refine the system and address any issues that arise.

Down the Road

Agentic AI systems represent a powerful tool for compliance functions, offering the potential to enhance efficiency, improve decision-making, and build resilience. However, these benefits can only be realized if the technology is implemented responsibly. Compliance professionals must balance leveraging AI’s capabilities and maintaining the trust, privacy, and ethical standards critical to the organization’s success.

By taking a proactive approach to understanding and adopting agentic AI, compliance teams can streamline their own operations and position themselves as strategic partners in driving the organization’s broader innovation and risk management efforts. The question is no longer whether compliance teams should embrace agentic AI but how they can do so responsibly and effectively.

Categories
Compliance Into the Weeds

Compliance into the Weeds: The IG Friday Night Massacre

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Are you looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this Compliance into the Weeds episode, Tom Fox and Matt Kelly explore the Trump Administration’s summary of the Friday night firing of 17 US Inspector Generals.

They explore the background and illegality of these firings, highlighting the critical role Inspector Generals play in the federal government by investigating fraud, mismanagement, and abuse. Furthermore, they discuss the implications for compliance professionals, comparing this situation to what would be deemed unacceptable in corporate settings. The conversation also touches on potential consequences, such as increased False Claims Act lawsuits and the problematic precedent set for the rule of law within federal agencies.

Key highlights:

  • The Friday Night Massacre: What Happened?
  • Role and Importance of Inspectors General
  • Comparisons to Corporate Governance
  • Potential Consequences and Future Outlook

Resources:

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 29 – Enhancing Compliance through Automation

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

Traditional compliance reporting methods, often reliant on manual processes like Excel spreadsheets, are time-consuming and prone to errors. This episode explores how Chief Compliance Officers and compliance professionals can enhance their programs through automation. By adopting data-driven solutions and leveraging regulatory operations (Reg Ops), it’s possible to provide near real-time reporting and improve decision-making efficiency. The focus is on integrating existing security and compliance tools, gathering real-time evidence, automating compliance gap tickets, and generating comprehensive reports for stakeholders. However, challenges like balancing data accuracy and security and the cultural transformation required for adopting these new practices are critical considerations. Embracing data-driven compliance can help organizations modernize and keep pace with the evolving regulatory landscape.

Key highlights:

  • Challenges in Traditional Compliance Reporting
  • The Role of Reg Ops in Compliance
  • Integrating Tools for Real-Time Compliance

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
The Ethics Experts

Episode 193 – Sarah Cole

In this episode of The Ethics Experts, Nick welcomes Sarah Cole.

Sarah Cole is a solicitor and accredited life coach who has worked with CEOs and Executives for nearly 30 years, specializing in ethics and compliance. After a career practicing law in corporate, commercial, banking and finance, and property litigation, she was involved in a life-changing, serious car accident that changed the trajectory of her professional and personal life.

Across her career, she has navigated ethical dilemmas and has ‘walked the talk’; she saw time and time again how tough and lonely it is at the top and founded Cole Forums, a peer support network. She is passionate about the power of trust and authentic connection that peer support groups bring. Her community of CEOs, GC’s, CECOs, and C Suite leaders share experiences and insights, providing safe spaces and intelligent networks to navigate the complexities of leadership and business and supporting leaders with their personal and family lives.

www.coleforums.com
www.integrityfirstcoaching.com

Categories
Great Women in Compliance

Great Women in Compliance – Karolina Aleksandrova on Compliance in Eastern Europe and Ukraine

We know Great Women in Compliance are usually superheroes, but this woman takes it to another level. Karolina Aleksandrova is the founder of ProMoney, a consultancy based in Ukraine. Before delving into her career path and how she is building an E&C community in Eastern Europe, she gives us a peek into her day-to-day life. She talks about the people’s resilience and how they continue to live their day-to-day lives, whether taking children to school, working, or hearing warnings of bombings.

Lisa and Karolina spoke about how she got into compliance and building the Eastern European community with her conferences. She talks about the region’s unique needs and how the Eastern European community has united at the events and in their networks. They also discuss how #GWICs can support the E&C community, especially women, who can support our peers in Eastern Europe.

We are grateful for Karolina’s insights. This was her first podcast, and she did it in English. Just wow!

We hope you are enjoying the Great Women in Compliance podcast. If you do, please provide a rating or review and feedback regarding what you would like us to do next.

Categories
Daily Compliance News

Daily Compliance News: January 29, 2025, The End to Black History Month Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News—all from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • State Department prohibited from celebrating Black History Month. (WSJ)
  • Is DeepSeek real? (FT)
  • DOJ Public Corruption Unit Chief resigns. (Bloomberg)
  • Using AI agents requires trust and compliance. (Bloomberg)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out The FCPA Survival Guide on Amazon.com.

Categories
Blog

What Are Agentic AI Systems, Part 1

We live in an era where artificial intelligence (AI) is no longer just a tool for answering questions or providing recommendations; it has strengthened into a partner capable of acting on our behalf. In a recent article in Bloomberg entitled Using AI Agents Requires a Balance of Trust, Privacy, Compliance, Sabastian Niles, President and Chief Legal Officer of Salesforce, discussed the role of AI agents. Today, we, therefore, enter the world of agentic AI systems. Understanding this new breed of AI is essential for compliance professionals to harness its power responsibly while safeguarding trust, privacy, and compliance. Over this three-part blog series, I will explore what Agentic AI systems are, how they can be used in compliance, and how to use Agentic AI going forward.

Defining Agentic AI Systems

In simple terms, Agentic AI does not simply inform; it acts. For compliance professionals, this opens up many possibilities for automating tasks, improving efficiency, and enhancing decision-making. However, with greater autonomy comes greater responsibility, particularly in ensuring these systems operate ethically and within regulatory boundaries.

Agentic AI systems differ significantly from traditional AI tools like chatbots or standalone large language models. While the latter is primarily reactive, responding to queries or prompts, Agentic AI systems operate with a higher degree of autonomy. These systems can analyze data, adapt to new information, and act within pre-defined parameters without requiring constant human oversight. Some of the key differences include the following.

  1. Autonomy. Unlike traditional AI, which often requires human input to execute tasks, agentic AI can take the initiative within established guidelines.
  2. Adaptability. Agentic AI learns and develops based on new data or changing conditions, making it highly dynamic.
  3. Action-Oriented. These systems can analyze data and decide and execute tasks in real time.

For example, imagine a compliance chatbot that answers employees’ questions about corporate policies. While useful, this chatbot cannot take further steps, such as generating a personalized policy report or flagging potential compliance risks. On the other hand, an Agentic AI system could handle these additional tasks autonomously, freeing compliance teams to focus on more strategic priorities.

Agentic AI in Action for Compliance

What does agentic AI mean for the compliance function? Essentially, it represents an opportunity to reimagine how compliance teams operate, enabling them to do more with less. Here are a few ways agentic AI systems can be used effectively in corporate compliance.

  1. Automating Repetitive Tasks. Compliance professionals often find themselves bogged down by routine, resource-intensive tasks. Agentic AI can take over many of these responsibilities, such as in policy management automation, by reviewing and updating compliance policies based on regulatory changes. You can provide employee support by responding to frequently asked compliance questions and escalating complex issues to the appropriate team members. You can move it outside your organization by continuously assessing third-party risks and analyzing real-time data, such as media reports or transaction histories.
  2. Enhancing Risk Assessment. Agentic AI systems can analyze vast amounts of data quickly and accurately, making them invaluable for identifying and mitigating risks. They can assist in transaction monitoring by detecting anomalies in financial transactions that may show potential fraud or corruption. You can move to more proactive risk screening by monitoring news and regulatory updates to identify emerging risks that could impact the organization. Most excitingly, they can provide predictive analytics. They could allow you to expect compliance challenges based on historical trends and current data.
  3. Supporting Decision-Making. With their ability to analyze complex data and generate actionable insights, agentic AI systems can help compliance teams make better-informed decisions. This can include scenario planning and forecasting by modeling the impact of potential regulatory changes on the organization. As the Department of Justice reminded us in the 2024 Update to the Evaluation of Corporate Compliance Programs (2024 Update), you can move to true data-driven recommendations to provide documented guidance on addressing identified risks or improving compliance processes. Finally, in the never-ending battle for resource allocation, Agentic AI can identify areas where compliance efforts should be prioritized for maximum impact.

The Risks and Responsibilities of Agentic AI

While the benefits of agentic AI are clear, compliance professionals must approach its adoption cautiously. The autonomy of these systems introduces new risks. First and foremost is data integrity and Garbage In, Garbage Out (GIGO), which tells us that AI systems are only as good as the data they process. The system’s outputs could be flawed if the data is incomplete, biased, or outdated. Accountability and transparency are critical, as the question will be asked, “When AI systems make decisions or take actions, who is ultimately responsible?” Compliance teams must establish clear guidelines to ensure accountability and transparency. Finally, there are the ethical concerns involved. The ability of agentic AI to act autonomously raises questions about transparency, fairness, and privacy. These concerns must be addressed through robust governance and ethical guidelines.

Why Compliance Professionals Should Care

Agentic AI systems are not just another tech innovation—they are a significant change that will shape the future of compliance. By understanding these systems, compliance professionals can position themselves as strategic enablers, helping their organizations harness the power of AI responsibly. Compliance teams are uniquely positioned to ensure that AI systems operate transparently and ethically, fostering stakeholder trust.

As AI-specific regulations emerge, compliance professionals will play a critical role in ensuring adherence to new legal standards, as echoed in the 2024 Update.

By integrating agentic AI into their workflows, compliance teams can improve efficiency, reduce costs, and drive profitability in the company. It will certainly demonstrate an increased ROI for compliance.

The Path Forward

The rise of agentic AI systems represents a transformative opportunity for compliance professionals, but only if implemented thoughtfully and responsibly. By embracing this technology, compliance teams can move from being seen as cost centers to becoming innovation partners, driving compliance and business success.

The key is striking the right balance: leveraging the autonomy of agentic AI to achieve efficiencies while maintaining the trust, privacy, and ethical standards foundational to compliance. As compliance professionals, we can lead this transformation, ensuring that agentic AI serves as a tool for good, not a source of risk. The bottom line is that the future of compliance is not simply about saying no to innovation; it is about guiding it responsibly. Let Agentic AI be your ally in this journey.

Join us tomorrow in Part 2, to discuss how to use Agentic AI systems.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 28 – The Importance of Data Governance

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 28, we look into the crucial importance of data governance in compliance and cybersecurity. As data generation increases, businesses must enhance their efforts in managing, organizing, and preserving data to meet regulatory obligations and ensure accuracy, accessibility, and adherence to legal standards. We discuss the growing trend of converging compliance, data governance, and cyber security and the necessity of breaking down organizational silos for effective collaboration. Business and legal teams rely on well-managed data to make informed decisions, analyze trends, and measure key performance indicators.

The episode also covers the challenges in gaining buy-in from the ELT and the vital process of transforming corporate culture to prioritize data governance and cybersecurity. We touch on the complexities of regional data privacy laws inspired by GDPR and emphasize the importance of understanding specific regulations for compliance. With key takeaways, including the significance of data preservation, the intertwined nature of compliance, data governance, and cybersecurity, and the urgency for organizations to prioritize data governance, this episode is packed with essential insights for compliance professionals.

Key highlights:

  • The Role of Data Governance in Compliance and Cybersecurity
  • Data Governance and ESG
  • Understanding Data Privacy Laws

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Hill Country Authors

Hill Country Authors Podcast – Exploring Heritage and Storytelling: Kimberly Garza on The Last Karankawas

Welcome to a new season of the award-winning The Hill Country Authors Podcast, sponsored by Stoney Creek Publishing. In this podcast, Hill Country resident Tom Fox visits with authors who live in and write up the Texas Hill Country.  In this episode, Tom visits Kimberly Garza, a leading author in Texas, to delve into her journey as a writer and educator.

Kimberly shares her experiences growing up in Galveston, her educational background, and her career in writing and teaching creative writing at UT San Antonio. They discuss her debut novel, The Last Karankawas, which explores themes of heritage, identity, and the indigenous history of Texas. Kimberly provides insight into her writing process, how she weaves her cultural background into her work, and the challenges and joys of storytelling.

The conversation also touches on the significance of place in Kimberly’s writing, the evolving history of Galveston, and the complex narratives surrounding Tejano and Latinx identities in Texas. Kimberly emphasizes the importance of persistence and passion in writing, advising aspiring writers on balancing creative pursuits with professional responsibilities. This episode is a must-listen for anyone interested in the intersections of culture, history, and literature.

Key highlights:

  • Early Writing Journey
  • Educational Background and Career Path
  • The Last Karankawas: Inspiration and Themes
  • Latina Perspective and Cultural Identity
  • Galveston’s Rich History
  • Writing Process and Advice for Aspiring Writers

Resources:

The Last Karankawas website

Kimberly Garza at UTSA

The Last Karankawas on Amazon.com

Stoney Creek Publishing

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn