Categories
Great Women in Compliance

Great Women in Compliance – Hayley Tozeski – From Big Law to Big Compliance

Welcome to the Great Women in Compliance Podcast. Today Hemma visits with Hayley Tozeski on her career in compliance.

Hayley Tozeski is a seasoned professional in strategic compliance and risk management in business conduct, with a rich background in big law and financial crime enforcement. Hayley’s perspective on the subject is that it is vital to prioritize and allocate resources effectively, advising companies on strategic investments of money, time, and resources in managing risks. She believes that a clear strategy is essential for the company and its stakeholders to understand the timeline and pace of development in managing ethics and compliance risks. Additionally, Hayley emphasizes the importance of addressing underlying business processes and building a solid foundation before implementing an ethics and compliance program, viewing strategy as the key to connecting different pieces of the program and ensuring that they are aligned and effective. Join Hemma Lomax and Hayley Tozeski on this episode of Great Women in Compliance to delve deeper into these insights.

Key Highlights:

  • Strategic Resource Allocation in Compliance Management
  • Building Strong Ethics and Compliance Programs
  • Effective Risk Management through Data Analytics
  • Strategic Risk Management for Ethical Business Conduct
  • Driving integrity through values, leaders, and champions
  • Supporting Youth Transitioning from Foster Care
  • Connecting and Learning Through Mentoring

Resources:

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

Compliance Into The Weeds: FTC and Rite-Aid: Compliance Issues with AI Facial Recognition

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt take a deep dive into the recent FTC enforcement action involving Rite-Aid and its inappropriate use of AI-generated facial recognition.

The adoption of AI technologies, as demonstrated by the Rite Aid case, underscores the critical need for robust compliance oversight. This case, involving the use of AI-driven facial recognition technology, resulted in compliance risks and a high rate of false positives, highlighting the potential pitfalls of AI technologies when not properly managed. Tom emphasized the importance of a comprehensive process to assess, manage, and monitor the risks associated with new technologies. He believes that collaboration among different stakeholders is key to understanding and mitigating potential risks. Matt stressed the need for careful consideration of how new technologies will impact business processes and the importance of correct governance from both a technical and human perspective. Join Tom Fox and Matt Kelly in this episode of the Compliance into the Weeds podcast as they delve deeper into the importance of robust governance in adopting AI technologies.

Key Highlights:

  • The Impact of AI Facial Recognition Technology
  • Concerns of AI Facial Recognition and Racial Profiling
  • Issues with AI Facial Recognition Training
  • Collaborative Risk Management for AI Implementation

Resources:

Matt Kelly on LinkedIn

Matt on Radical Compliance

 Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: January 10, 2024 – The Never Again (yet again) Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Don’t say dirty words at work. (WSJ)
  • A former top NRA official pleads out. (NPR)
  • Boeing CEO says ‘this can never happen again’ (yet again). (Reuters)
  • Gold bars are a sign of a statesman—Bob Menendez. (NYT)
Categories
Greetings and Felicitations

Podfest Expo 2024 Speaker Preview Series – Dr. Anne Burnley on Leveraging the Superpowers of Neurodivergent Voices in Podcasting

In this episode of the Podfest Expo 2024 Speaker Preview Podcasts series, I visited with noted podcaster Dr. Anne Burnley to discuss her presentation at PodfestExpo on leveraging the superpowers of neurodivergent voices in podcasting. Some of the issues we tackle in this podcast are:

  • How to use neurodivergent voices in podcasting.
  • Why is Dr. Burnley so excited about the 10th anniversary event?
  • Why you should attend PodfestExpo 2024.

I’m hoping you’ll be able to join me at PodfestExpo 2024, which Podfest Global is hosting. This year’s event will be the 10th anniversary and will be held January 25–28, 2024, at the Wyndham in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through powerful audio and video mediums. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets the PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2024 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter the discount code, Listener.

PodfestExpo 2024 is a production of Podfest Global, which sponsors this podcast series.

Dr. Anne Burnley on LinkedIn

Categories
Blog

Leadership’s Conduct at the Top

The 2022 Monaco Memo emphasized the basic point that the key to every company is culture. The bottom line is that corporate culture matters and corporate culture that fails to hold individuals accountable, or fails to invest in compliance—or worse, that thumbs its nose at compliance—leads to bad results.

From the enforcement perspective, the DOJ will be assessing companies for the ethical cultures. From the compliance perspective, the ethical tone of a company and accountability all starts at the top and, most specifically, senior management. The 2020 FCPA Resource Guide, 2nd edition, stated, “Beyond compliance structures, policies, and procedures, it is important for a company to create and foster a culture of ethics and compliance with the law at all levels of the company. The effectiveness of a compliance program requires a high-level commitment by company leadership to implement a culture of compliance from the middle and the top.” To assist companies in understanding this requirement the 2023 ECCP sets out the following inquiries.

Conduct at the TopHow have senior leaders, through their words and actions, encouraged or discouraged compliance, including the type of misconduct involved in the investigation? What concrete actions have they taken to demonstrate leadership in the company’s compliance and remediation efforts? How have they modelled proper behavior to subordinates? Have managers tolerated greater compliance risks in pursuit of new business or greater revenues? Have managers encouraged employees to act unethically to achieve a business objective, or impeded compliance personnel from effectively implementing their duties?

These requirements are more than simply the ubiquitous “tone-at-the-top,” as they focus on the conduct of senior management. The DOJ wants to see a company’s senior leadership actually doing compliance. The DOJ asks if company leadership has, through their words and concrete actions, brought the right message of doing business ethically and in compliance to the organization. How does senior management model its behavior on a company’s values and finally, how is such conduct monitored in an organization?

This means you must document corporate decisions where a compliance solution was proposed but rejected. In other words, is there a business justification for moving forward with the action. If this action occurs, how was the compliance risk managed going forward? Similarly, compliance techniques used should be documented to demonstrate that your compliance function has met the requirements of the final question.

Senior management must share these same values through operationalizing compliance going forward. Lynn Paine, in her seminal article, Managing for Organizational Integrity, laid out five factors, which can be used as guideposts to not only to set the right tone from senior management on doing business ethically and in compliance, but it can also lay the groundwork for senior management to model appropriate behavior and then have it monitored by the company going forward.

1. The guiding values of a company must make sense and be clearly communicated by senior management in a variety of settings, to the entire company workforce.

2. The company’s leader must be personally committed and willing to act on the values. This means that management must not simply ‘overlook’ the transgressions of top producers.

3. A company’s systems and structures must support its guiding principles and these internal systems and structures cannot be over-ridden by senior management without both justification and Board approval.

4. A company’s values must be integrated into normal channels of management decision-making and reflected in the company’s critical decisions. Sometimes a company must turn down business if there are too many red flags present or by engaging in such behavior the company’s value and ethics will be violated.

5. Managers must be empowered to make ethically sound decisions on a day-to-day basis. This means senior management must fully support and back-up such decisions.

I once had a Chief Executive Officer (CEO), observe the following, “You want me to be the ambassador for compliance.” I immediately said yes, that is exactly what I need you to do. A CEO, as an “Ambassador of Compliance”, can fully model the conduct that senior management engage in going forward. Another area a CEO can forcefully engage an entire company is through a powerful video message about doing business the right way and in compliance. A great example was a CenterPoint Energy video put out in 2015 after the Volkswagen (VW) emissions-testing scandal became public. The video featured Scott Prochazka, former CenterPoint Energy President and CEO. He used the VW scandal to proactively address culture and values at the company and used the entire scenario as an opportunity to promote integrity in the workplace. But more than simply a one-time video, the company followed up with an additional resource, entitled Manager’s Toolkit—What does Integrity mean to you? that managers used to facilitate discussions and ongoing communications with employees around the company’s ethics and compliance programs. Finally, the cost for the video was quite reasonable as it was produced internally.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 9 – Continuous Monitoring and Continuous Improvement

Continuous monitoring and continuous improvement are two of the most important phrases for any compliance program. These twin concepts were further enshrined in the 2023 Update to the Evaluation of Corporate Compliance Programs (2023 ECCP). In 2023, all companies’ risks changed as we moved from Working From Home to Return To Office and, now, a hybrid model. In addition to this straight-forward change in risk due to working locations, new risks in the form of geopolitical, supply chain, and export control, as well as increased risk due to social media, continue to impact compliance programs.  Your compliance program must be ready to respond to whatever those risks might be going forward.

Continuous improvement runs the gamut in a best practices compliance program, from risk assessments to policies and procedures to periodic testing and review.

Three key takeaways:

1. How have your company’s risks changed over the past year, and how will they change in 2024?

2. What is your process for continuous monitoring and improvement?

3. What sources of information do you use that come from outside your organization?

Categories
Daily Compliance News

Daily Compliance News: January 9, 2024 – The National Champion Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Elon Musk says he never failed a drug test.  (WSJ)
  • Boeing is facing more fallout over the 737 MAX.  (WaPo)
  • China ABC campaign to go after ‘ants and flies. (CNN)
  • Singapore completes a corruption probe.  (Bloomberg)
Categories
Innovation in Compliance

Innovation in Compliance – Caroline Shleifer: Revolutionizing Regulatory Intelligence with Technology

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Caroline Shleifer, founder and CEO of RegAsk. Caroline Shleifer is a seasoned professional with a rich background in healthcare, law, and regulatory affairs, boasting a PharmD PhD and a health law degree. Her perspective on “emerging technologies enhancing regulatory intelligence and compliance” is shaped by her extensive experience in the EU, US, and Asia and her role as the founder of RegAsk, a company that leverages technology to address compliance challenges. She believes that technologies such as AI, machine learning, blockchain, and data analytics are revolutionizing regulatory monitoring, enabling faster and more accurate interpretation of regulatory information, and fostering a more proactive approach to compliance. Her goal with RegAsk is to digitize and streamline the regulatory intelligence process, reducing the risk of non-compliance and fostering innovation. Join Tom Fox and Caroline Shleifer as they delve deeper into this topic on this episode of Innovation in Compliance.

Key Highlights:

• Proactive Compliance through Regulatory Intelligence Automation

• Streamlining Regulatory Compliance with AI

• Leveraging Data Analytics for Proactive Compliance

• Revolutionizing Compliance with Emerging Technologies

Resources:

Caroline Shleifer on LinkedIn

RegAsk

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Greetings and Felicitations

Podfest Expo 2024 Speaker Preview Series – Heather Shannon on Podcasting about Taboo Topics

In this episode of the PodfestExpo 2024 Speaker Preview Podcasts series, I visit with Heather Shannon, a certified sex therapist, to discuss her panel presentation at PodfestExpo, podcasting on taboo topics. Some of the issues we tackle in this podcast are:

  • How to podcast on taboo topics.
  • Why is Heather so excited about the 10th anniversary event?
  • Why you should attend PodfestExpo 2024.

I’m hoping you’ll be able to join me at PodfestExpo 2024, which Podfest Global is hosting. This year’s event will be the 10th anniversary and will be held January 25–28, 2024, at the Wyndham in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through powerful audio and video mediums. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets the PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2024 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter the discount code, Listener.

PodfestExpo 2024 is a production of Podfest Global, which sponsors this podcast series.

Ask a Sex Therapist podcast

Heather Shannon LinkedIn

Categories
Blog

Compliance Program Use of Data Analytics

Matt Galvin, Counsel, Compliance & Data Analytics at the DOJ and one of the experts leading the DOJ’s data analytics initiative, highlighted in another talk, the proactive use of data to generate cases related to the FCPA and emphasized that this is just the beginning. The DOJ expects companies to adopt a similar data-driven approach to compliance. In her speech, Argentieri speech where she stated, “just as we are upping our game when it comes to data analytics, we expect companies to do the same.” This expectation extends beyond simply tracking trainings, policies, and investigations. The DOJ’s focus is on monitoring third parties throughout the lifespan of the relationship, not just during the onboarding process.

This means that  while due diligence and background checks are essential, the real risk of fraud occurs during the actual business transactions with third parties. Companies need to go beyond initial checks and continuously monitor high-risk vendors, contract terms, and other relevant data sources. By mapping risks to data sources and implementing effective tests, companies can identify and prioritize risky transactions. The increasing accessibility and cost-effectiveness of data analytics have made it a viable option for companies of all sizes. It can help companies demonstrate effective compliance programs, uncover hidden financial irregularities, and improve overall efficiency. The importance of continuous data analysis in compliance programs was highlighted by the Bank of America CFPB enforcement action.

However, implementing a data-driven compliance program comes with its own set of challenges. There is still confusion among the compliance community regarding what data analytics entails and how it should be applied. Data-analytics should be seen as a process-oriented approach rather than treating it as a one-time project. Data analytics should be integrated into the compliance program as a continuous business process, similar to third-party due diligence.

The Bank of America CFPB enforcement action case serves as a reminder of the importance of the use of data analytics in corporate compliance. Bank of America had the necessary data and tools to build an analytics program, but they failed to effectively utilize it, leading to compliance issues. This case highlights the need for companies to not only have data analytics capabilities but also to ensure they are properly implemented and maintained.

While data analytics can be a powerful tool for corporate compliance, there are challenges associated with its use. Companies must navigate the tradeoffs involved in balancing different factors, such as the level of sophistication required, resource allocation, and the potential risks of self-disclosure. Additionally, companies must consider the potential criticism they may face if they fail to effectively utilize their analytics tools in the event of a major compliance violation.

The Argentieri speech highlighted the DOJ’s (and SEC’s) increasing focus on data analytics for corporate compliance highlights the importance of this tool in identifying and addressing corporate misconduct. Companies, especially larger ones, are expected to enhance their data analytics capabilities and may face increased pressure for voluntary self-disclosure. However, companies must also navigate the challenges and tradeoffs associated with data analytics to ensure effective compliance and mitigate risks.

The DOJ’s increasing use of data analytics for proactive enforcement has far-reaching implications. Companies must recognize the importance of adopting a data-driven approach to compliance and invest in the necessary resources and technology. By doing so, they can not only meet the DOJ’s expectations but also improve the effectiveness of their compliance programs and mitigate the risk of fraud.

The DOJ’s increasing use of data analytics for proactive enforcement signifies a significant shift in their approach to combating white-collar crime. Companies must embrace this data-driven approach to compliance, continuously monitor high-risk transactions, and invest in the necessary resources and technology. By doing so, they can demonstrate effective compliance programs, uncover hidden financial irregularities, and improve overall efficiency.