Tag: CCO

Categories
Blog

From Sanctions to AI Disruption: How Compliance Officers Can Navigate the Rapid Pace of Change

The pace of change in today’s global business environment is breathtaking. Events that unfold over a weekend can have massive implications for corporate compliance professionals by Monday morning. When there is a business change, risks constantly change. Over the past week, this was demonstrated with two seemingly unrelated but equally impactful developments:

  • The U.S. is imposing sanctions on Colombia because of its alleged failure to take back migrants, including a 25% tariff on goods imported from the country.
  • The emergence of DeepSeek, a Chinese AI company that has developed a large language model rivaling OpenAI’s ChatGPT—at a fraction of the cost.

For the compliance professional, what do these risks mean for your organization? What do you think about a framework for assessing and managing these risks as they raise critical compliance concerns spanning sanctions enforcement, export controls, supply chain transparency, and regulatory readiness? In the most recent episode of the FCPA Compliance Report, I explored these issues with Jag Lamba, CEO at Certa.ai. We focused on the Department of Justice (DOJ) framework in its 2024 Update to the Evaluation of Corporate Compliance Programs (2024 Update) to make sense of and respond to these rapid developments.

The DOJ’s framework in the 2024 Update is broken down into three key components:

  1. Is the compliance program well-designed?
  2. Is the compliance program adequately resourced and empowered to function effectively?
  3. Does the compliance program work in practice?

We applied these elements to the recent developments and explored how compliance professionals can prepare for similar shocks in the future.

  • Is Your Compliance Program Well-Designed to Handle Rapidly Emerging Risks?

The first test of a compliance program is whether it is designed to assess, identify, and mitigate risks promptly. The DOJ has emphasized real-time risk assessment—a shift from static, once-a-year reviews to continuous monitoring.

Take the U.S. sanctions against Colombia. This was not a predictable, drawn-out regulatory action. It happened over a weekend, and by Monday, businesses importing Colombian goods faced a 25% tariff with little time to prepare. Compliance officers had to:

  1. Quickly identify how much of their supply chain relied on Colombian imports.
  2. Determine if alternatives existed to mitigate the cost impact.
  3. Communicate rapidly with leadership to ensure the company could pivot operations where needed.

A traditional, slow-moving risk assessment process would have left companies flat-footed. Instead, an agile risk management system, leveraging real-time data analytics and automated monitoring, can help companies proactively spot emerging risks before they become crises.

The same logic applies to export controls in the tech sector, especially in light of the DeepSeek development. Compliance officers at major AI and semiconductor companies must now be asking:

  1. Who are our customers in Singapore and neighboring markets?
  2. Are our chips being resold or rerouted to sanctioned entities in China?
  3. Do we have automated tools to track and verify shipments to ensure compliance with U.S. export control laws?

It may be too late to prevent regulatory scrutiny if a company relies on manual risk assessments and outdated compliance processes.

  • Is Your Compliance Program Adequately Resourced and Empowered?

The DOJ has clarified that a compliance program is only as good as the resources allocated to it. Ten years ago, the conversation centered around whether compliance officers had direct access to the board. The conversation then shifted to the quality of your Chief Compliance Officer (CCO) and compliance personnel. Today, the discussion is shifting to whether compliance has the technology, data, and personnel necessary to operate effectively.

Consider the situation with NVIDIA and its skyrocketing sales in Singapore—a market that, while business-friendly, is geographically close to countries facing strict U.S. export controls. Regulators are undoubtedly scrutinizing this data. The question for NVIDIA’s compliance team is:

  1. Do they have the visibility to track where these chips are ending up?
  2. Are they able to monitor sales intermediaries in real time?
  3. Can they preemptively flag anomalies—such as a single country purchasing a huge volume of restricted technology?

Without AI-driven compliance monitoring and data analytics, even the best compliance teams risk being overwhelmed by the sheer volume of transactions and regulatory changes.

Similarly, companies impacted by the Colombian tariffs must ensure their compliance programs have the right supply chain monitoring tools to:

  1. Identify impacted suppliers instantly.
  2. Assess alternative sourcing options without regulatory hurdles.
  3. Develop contingency plans to mitigate financial and operational risks.

This compliance function cannot be effectively run using spreadsheets and email chains. Companies must invest in data automation, AI-driven analytics, and cross-functional collaboration tools to avoid such fast-moving regulatory changes.

  • Does Your Compliance Program Work in Practice?

Finally, compliance programs must not exist solely on paper but must demonstrate real-world effectiveness. The DOJ’s 2024 Update mandates data-driven evidence to assess whether a compliance program is functional and effective.

This means compliance teams must be able to show:

  1. How many third-party vendors and intermediaries have been vetted and monitored?
  2. How export controls are enforced in practice—not just documented in policy.
  3. How quickly can the company respond to a sudden regulatory change, such as the Colombian sanctions?

One of the best ways to demonstrate effectiveness is through compliance storytelling. A compliance officer should be able to present:

  • This is a clear narrative backed by data showing how the company detected and addressed a regulatory risk before it became a crisis.
  • These are case studies of how compliance actions have improved business outcomes—for example, reducing onboarding time for sales intermediaries without compromising compliance integrity.
  • Tangible evidence includes video training logs, compliance dashboards, and documented decision-making trails.

A powerful example comes from a Fortune 100 company that secured five years of compliance funding in one go rather than having to renegotiate budgets annually. How? By presenting compliance in business terms:

  • Demonstrating how compliance efficiencies improved sales and reduced onboarding delays.
  • Showing the financial impact of proactive risk management.
  • Using data-driven evidence to justify long-term compliance investments.

This is the future of compliance: a function that prevents regulatory risk and actively contributes to business strategy and growth.

The CCO as a Strategic Risk Navigator

The recent developments with Colombian sanctions and DeepSeek’s AI breakthrough highlight how fast compliance risks can evolve. Sanctions, export controls, and regulatory enforcement actions are no longer slow-moving threats—they can materialize overnight.

The DOJ’s 2024 Update provides a clear roadmap for compliance professionals to navigate these challenges:

  1. Risk assessment must be dynamic and continuous. Compliance programs must be designed to identify risks in real-time, not just during annual reviews.
  2. Compliance must be adequately resourced. Companies must invest in technology, data analytics, and automation to meet regulatory changes.
  3. Compliance must demonstrate real-world effectiveness. Data-driven evidence, compelling narratives, and tangible business impact must back compliance programs.

Compliance professionals who embrace data-driven decision-making, automation, and proactive risk management will not only survive but thrive in this era of regulatory volatility. The question is: Is your compliance program ready for the next unexpected headline?

Categories
Blog

What Are Agentic AI Systems, Part 1

We live in an era where artificial intelligence (AI) is no longer just a tool for answering questions or providing recommendations; it has strengthened into a partner capable of acting on our behalf. In a recent article in Bloomberg entitled Using AI Agents Requires a Balance of Trust, Privacy, Compliance, Sabastian Niles, President and Chief Legal Officer of Salesforce, discussed the role of AI agents. Today, we, therefore, enter the world of agentic AI systems. Understanding this new breed of AI is essential for compliance professionals to harness its power responsibly while safeguarding trust, privacy, and compliance. Over this three-part blog series, I will explore what Agentic AI systems are, how they can be used in compliance, and how to use Agentic AI going forward.

Defining Agentic AI Systems

In simple terms, Agentic AI does not simply inform; it acts. For compliance professionals, this opens up many possibilities for automating tasks, improving efficiency, and enhancing decision-making. However, with greater autonomy comes greater responsibility, particularly in ensuring these systems operate ethically and within regulatory boundaries.

Agentic AI systems differ significantly from traditional AI tools like chatbots or standalone large language models. While the latter is primarily reactive, responding to queries or prompts, Agentic AI systems operate with a higher degree of autonomy. These systems can analyze data, adapt to new information, and act within pre-defined parameters without requiring constant human oversight. Some of the key differences include the following.

  1. Autonomy. Unlike traditional AI, which often requires human input to execute tasks, agentic AI can take the initiative within established guidelines.
  2. Adaptability. Agentic AI learns and develops based on new data or changing conditions, making it highly dynamic.
  3. Action-Oriented. These systems can analyze data and decide and execute tasks in real time.

For example, imagine a compliance chatbot that answers employees’ questions about corporate policies. While useful, this chatbot cannot take further steps, such as generating a personalized policy report or flagging potential compliance risks. On the other hand, an Agentic AI system could handle these additional tasks autonomously, freeing compliance teams to focus on more strategic priorities.

Agentic AI in Action for Compliance

What does agentic AI mean for the compliance function? Essentially, it represents an opportunity to reimagine how compliance teams operate, enabling them to do more with less. Here are a few ways agentic AI systems can be used effectively in corporate compliance.

  1. Automating Repetitive Tasks. Compliance professionals often find themselves bogged down by routine, resource-intensive tasks. Agentic AI can take over many of these responsibilities, such as in policy management automation, by reviewing and updating compliance policies based on regulatory changes. You can provide employee support by responding to frequently asked compliance questions and escalating complex issues to the appropriate team members. You can move it outside your organization by continuously assessing third-party risks and analyzing real-time data, such as media reports or transaction histories.
  2. Enhancing Risk Assessment. Agentic AI systems can analyze vast amounts of data quickly and accurately, making them invaluable for identifying and mitigating risks. They can assist in transaction monitoring by detecting anomalies in financial transactions that may show potential fraud or corruption. You can move to more proactive risk screening by monitoring news and regulatory updates to identify emerging risks that could impact the organization. Most excitingly, they can provide predictive analytics. They could allow you to expect compliance challenges based on historical trends and current data.
  3. Supporting Decision-Making. With their ability to analyze complex data and generate actionable insights, agentic AI systems can help compliance teams make better-informed decisions. This can include scenario planning and forecasting by modeling the impact of potential regulatory changes on the organization. As the Department of Justice reminded us in the 2024 Update to the Evaluation of Corporate Compliance Programs (2024 Update), you can move to true data-driven recommendations to provide documented guidance on addressing identified risks or improving compliance processes. Finally, in the never-ending battle for resource allocation, Agentic AI can identify areas where compliance efforts should be prioritized for maximum impact.

The Risks and Responsibilities of Agentic AI

While the benefits of agentic AI are clear, compliance professionals must approach its adoption cautiously. The autonomy of these systems introduces new risks. First and foremost is data integrity and Garbage In, Garbage Out (GIGO), which tells us that AI systems are only as good as the data they process. The system’s outputs could be flawed if the data is incomplete, biased, or outdated. Accountability and transparency are critical, as the question will be asked, “When AI systems make decisions or take actions, who is ultimately responsible?” Compliance teams must establish clear guidelines to ensure accountability and transparency. Finally, there are the ethical concerns involved. The ability of agentic AI to act autonomously raises questions about transparency, fairness, and privacy. These concerns must be addressed through robust governance and ethical guidelines.

Why Compliance Professionals Should Care

Agentic AI systems are not just another tech innovation—they are a significant change that will shape the future of compliance. By understanding these systems, compliance professionals can position themselves as strategic enablers, helping their organizations harness the power of AI responsibly. Compliance teams are uniquely positioned to ensure that AI systems operate transparently and ethically, fostering stakeholder trust.

As AI-specific regulations emerge, compliance professionals will play a critical role in ensuring adherence to new legal standards, as echoed in the 2024 Update.

By integrating agentic AI into their workflows, compliance teams can improve efficiency, reduce costs, and drive profitability in the company. It will certainly demonstrate an increased ROI for compliance.

The Path Forward

The rise of agentic AI systems represents a transformative opportunity for compliance professionals, but only if implemented thoughtfully and responsibly. By embracing this technology, compliance teams can move from being seen as cost centers to becoming innovation partners, driving compliance and business success.

The key is striking the right balance: leveraging the autonomy of agentic AI to achieve efficiencies while maintaining the trust, privacy, and ethical standards foundational to compliance. As compliance professionals, we can lead this transformation, ensuring that agentic AI serves as a tool for good, not a source of risk. The bottom line is that the future of compliance is not simply about saying no to innovation; it is about guiding it responsibly. Let Agentic AI be your ally in this journey.

Join us tomorrow in Part 2, to discuss how to use Agentic AI systems.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 27 – The Compliance Function in an Organization

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 27, we explore the growing importance and responsibilities of the compliance function within corporations, emphasizing the need for adequate staffing, resources, and independence. The 2020 FCPA Resource Guide outlines key factors that the DOJ considers indicative of an effective compliance program, including the quality of personnel, authority, compensation, and reporting structure. We delve into the necessity of properly funding compliance initiatives and ensuring the organization empowers and sufficiently supports compliance professionals. The updated Corporate Enforcement Policy emphasizes the prevention of retaliation against compliance investigators and the need for a robust structure supporting the compliance program. We conclude with three key takeaways for enhancing compliance functions: evaluating their treatment in the budget process, ensuring management respects compliance decisions, and considering the implications of outsourced compliance services.

Key highlights:

  • DOJ’s Expectations for Compliance Programs
  • Funding and Resources for Compliance
  • Compliance Program Structure and Authority

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Adventures in Compliance

Adventures in Compliance – Compliance Lessons from ‘The Adventure of the Lion’s Mane’

In this new season of Adventures in Compliance, host Tom Fox takes a deep dive into Arthur Conan Doyle’s Sherlock Holmes collection, The Case-Book of Sherlock Holmes. It is the final set of twelve Sherlock Holmes short stories, first published in the Strand Magazine between October 1921 and April 1927. In this episode, we consider a story more from the Natural World, The Adventure of the Lion’s Mane.

In this episode, Tom dives into ‘The Adventure of the Lion’s Mane,’ a lesser-known Holmes tale set in Holmes’ retirement on Sussex Beach. The story includes a mysterious and agonizing death of a science master, initially suspected to be a murder but revealed to be caused by a lion’s mane jellyfish. This episode draws crucial compliance lessons from the narrative, such as the importance of root cause analysis, adaptability in new roles, vigilance on external risks, methodical investigations, and effective communication.

We show how Sherlockian deduction parallels the skills needed for compliance professionals to address unseen threats, adapt to dynamic environments, and ensure meticulous documentation. Tom encourages compliance officers to emulate Holmes’ analytical rigor to build robust programs tackling unexpected challenges.

Highlights include:

  • Unraveling the Mystery
  • Compliance Lessons from The Adventure of the Lion’s Mane
  • Holmes’ Investigative Techniques
  • Understanding External Risks
  • Effective Investigation Strategies
  • The Importance of Communication

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 26 – CCO Authority and Independence

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 26, we ponder the evolving stature and authority of the CCO within organizations, as highlighted by recent guidelines and regulations. The 2020 FCPA Resource Guide emphasizes the importance of the CCO’s direct reporting line to the board and senior management status. The DOJ’s updated Corporate Enforcement Policy has further enhanced the prestige and role of the CCO, introducing key factors like the quality, experience, authority, independence, compensation, and reporting structure of the CCO. The episode also touches on the significance of the Delaware Court of Chancery’s decision in the McDonald’s case, which formalized the oversight duties of corporate officers, positioning the CCO as the second-most important role in an organization. Key takeaways include demonstrating real authority for the CCO, evaluating their professional qualifications, and assessing their actual status within your company.

Key highlights:

  • Key Inquiries Around the CCO and Compliance Function
  • Importance of CCO Certification and Court Decisions
  • Critical Takeaways for Compliance Professionals

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 24 – Internal Reporting and Triage

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 24, we look into the critical internal reporting process and triaging of FCPA claims. As the CCO, you will oversee the initial steps when suspicious activities are reported. Jonathan Marks’ five-step process on early assessment of incoming information is explored, providing a structured approach for evaluating the severity of allegations from low-threat level to crisis management mode. Moreover, this episode emphasizes the necessity of effective hotlines, trained managers, and a culture of listening to employees to foster a safe reporting environment. Key takeaways include the DOJ and SEC’s emphasis on internal reporting lines, regularly testing hotlines, and the triage of claims to ensure appropriate investigation levels.

Key highlights:

  • Guidelines for Effective Compliance Programs
  • Jonathan Marks’ Five-Step Process for Early Assessment
  • Key Takeaways

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Creativity and Compliance

Creativity and Compliance – Creative Approaches to Corporate Compliance with Tyson Avery

Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the award-winning Compliance Podcast Network.

Ronnie’s company, Learnings, and Entertainment, utilizes the entertainment devices people use to consume information in their everyday, non-work lives and apply it to important topics around compliance and ethics. It is not only about being funny. It is about changing the tone of your compliance communications and messaging to make your compliance program, policies, and resources more accessible. In this episode of Creativity and Compliance, host Tom Fox and Ronnie Feldman are joined by Tyson Avery, the former Chief Ethics Compliance Officer at Starbucks and current Deputy General Counsel and Compliance Officer for Lucid Motors.

They discuss innovative strategies to make ethics and compliance engaging within organizations. Tyson shares insights into how he has leveraged creative methods to make serious compliance topics more relatable and accessible, emphasizing the importance of aligning corporate values with effective compliance programs.

One of the standout moments in the episode is Tyson’s recounting of the ‘Wally Awards,’ a unique initiative aimed at normalizing misconduct reporting and fostering a culture of transparency and trust. Through creative anonymization and employee engagement, the Wally Awards highlighted significant misconduct cases without compromising confidentiality, thereby encouraging ethical behavior across the company. The episode underscores the need for continuous, relatable, and engaging communications to embed compliance into the organizational culture.

Key highlights:

  • The Importance of Creativity in Compliance
  • Making Ethics Relatable
  • The Wally Awards: A Creative Compliance Initiative
  • Building Engagement and Trust
  • Advice for Implementing Creative Compliance

Resources:

Ronnie

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

Top Compliance Leadership Skills for the Wild Wild West that is Coming – Part 3, Humor

This week, the world changed when Donald Trump was inaugurated as the 47th President of the US. Indeed, the only thing I can guarantee with complete certainty is change. I was therefore intrigued by Melissa Swift’s recent MIT Sloan Business Review article, “Three Nonnegotiable Leadership Skills for 2025.” In this week of change, I cannot think of a more prescient article for the compliance professional.

I adapted Swift’s three critical leadership skills for the compliance professional: fairness, curiosity, and a sense of humor. In this concluding blog post of this three-part series, I will explore how compliance leaders can develop and leverage these skills to strengthen their programs and inspire their teams throughout the tumultuous next four years using humor.

Your Saving Grace: Sense of Humor

As Ronnie Feldman continually reminds us, do not be “Debbie Downer,” or as I would say, do not be Dr. No from the Land of No. In some ways, Ronnie focuses on attitude, while I tend to focus a bit more on the message. However, you might look at it. Between audits, policy rollouts, regulatory updates, and managing the risk employees inevitably want to take, a sense of humor is a powerful tool for staying grounded and maintaining perspective.

It is important to note that you need the right kind of humor for compliance leadership. This does not mean you should become the office comedian. Instead, humor in compliance leadership is about finding light in challenging situations and encouraging your team to do the same. For example, after navigating a tough audit and telling your team, “Well, we survived—and I didn’t even need to bribe anyone with donuts this time!” That simple quip can diffuse tension and signal that it’s okay to exhale.

The humor in your attitude and what you can bring to your customer base. Humor can reduce stress. Compliance work often operates under tight deadlines, high stakes, and relentless scrutiny. This pressure can weigh heavily on teams, leading to burnout and diminishing productivity. A leader who uses humor to lighten the mood helps to ease stress, making the workplace feel less like a pressure cooker and more like a place of collaboration and problem-solving.

Humor can help to build relationships, as compliance leaders often face the challenge of appearing approachable while maintaining authority. Humor humanizes leaders, making them more relatable and easier to connect with. When you can laugh at yourself or acknowledge the absurdities of compliance work with a smile, your team feels more comfortable sharing ideas, asking questions, and raising concerns.

Humor can make you a better compliance officer. When people are less stressed, their creativity and problem-solving abilities improve. Humor reduces the brain’s fight-or-flight response, allowing for more thoughtful and innovative approaches to challenges. A leader who fosters an environment where it’s okay to laugh at setbacks or unexpected hurdles creates a culture where solutions flow more freely. For example, if a compliance initiative hits a snag, a leader who can frame it with humor, “Okay, so maybe this isn’t Plan A…or Plan B…but I have high hopes for Plan C!” encourages the team to stay flexible and keep brainstorming.

The Right Kind of Humor for Compliance Leadership 

Humor in compliance leadership is not about cracking jokes or becoming the office comedian. Instead, it is about using levity strategically to foster positivity and resilience. Some key principles are as follows:

  1. Diffuse Tension, Don’t Deflect Responsibility. A well-timed, self-deprecating comment can make you more relatable, but humor should never be used to deflect accountability. For example, if a compliance policy rollout faces delays, saying, “Looks like my time management skills could use some compliance training of their own!” shows humility without shirking responsibility.
  2. Celebrate Compliance Wins Playfully. Recognizing team achievements doesn’t have to be dry or overly formal. Use humor to make celebrations memorable. Consider giving out light-hearted awards like “Most Persistent Policy Enforcer” or decorating the office with “Mission Accomplished” banners after a successful audit. These small gestures show appreciation while keeping the mood light.
  3. Maintain Perspective. Compliance is serious work, but that does not mean you must take every situation or yourself too seriously. Laughing at the absurdities of navigating complex regulations or managing a mountain of policies reminds your team that, while the work is important, it’s okay to have a sense of humor about the challenges.

Applying Humor to Compliance Challenges in 2025

Humor is not simply a feel-good tool. It can be strategically applied to some of the most pressing challenges compliance professionals face in 2025.

  • Building Ethical Cultures Amid Workforce Discontent

With employee engagement at a low and workplace polarization on the rise, leaders must model fairness and transparency to rebuild trust. Humor can complement these efforts by making leaders more relatable and approachable. For example, during a town hall on compliance updates, opening with a light joke about the complexity of the latest regulations, “I think the word paid the lawyers who wrote this!” can put employees at ease and make the session more engaging.

  • Navigating Emerging Risks

As AI, ESG, and privacy dominate the compliance agenda, staying ahead of these risks requires proactive engagement and innovation. Humor can make daunting challenges feel more manageable. For example, when introducing training on AI ethics, a leader might quip, “Don’t worry, our goal is to make sure the robots are working for us, not the other way around!” This approach encourages curiosity and open-mindedness.

  • Managing Regulatory Fatigue

As regulations grow more complex, compliance fatigue becomes a real risk for teams. Or, as the Trump Administration whipsaws the business communities with new mandates morning, noon, and night, business and compliance leaders who inject humor into routine tasks, like creating a fun, interactive quiz for compliance training or adding light-hearted captions to a policy presentation, can make the work feel less monotonous. A leader who acknowledges the challenges with humor, such as “Regulatory updates: the gift that keeps on giving!” helps your compliance team feel seen and supported, even as they tackle challenging workloads.

How to Integrate Humor Into Your Leadership Style

If you’re ready to harness the power of humor in your compliance leadership, here are some practical tips:

  1. Know Your Audience. Tailor your humor to your team’s preferences and sensitivities. Avoid sarcasm or jokes that could be misinterpreted.
  2. Start Small. During meetings, test the waters with light-hearted comments or anecdotes. Observe how your team responds and adjust accordingly.
  3. Encourage Teamwide Levity. Create a culture where humor is welcomed. For example, designate a “fun committee” to plan occasional light-hearted activities, like a compliance trivia game or themed office decorations.
  4. Keep It Contextual. Use humor to enhance, not detract from, the seriousness of compliance work. Acknowledge the gravity of issues like regulatory violations while using humor to build resilience.

The Bottom Line: Humor as a Leadership Strength

In 2025, compliance leaders will face mounting challenges, from increasing regulatory complexity to employee disengagement to a more focused enforcement presence in some verticals. A sense of humor can be your secret weapon for gracefully and effectively navigating these difficulties.

By reducing stress, building connections, and fostering creative problem-solving, humor enhances your leadership and the overall resilience of your compliance team. Remember, humor doesn’t diminish the importance of your work; it underscores your ability to lead with empathy, perspective, and authenticity.

In the high-stakes world of compliance, laughter truly is a saving grace. So, the next time you find yourself knee-deep in regulatory updates or preparing for a strict audit, don’t forget to take a moment to smile, laugh, and remind your team that even in the most serious work, a little levity goes a long way.

Categories
Blog

Top Compliance Leadership Skills for the Wild Wild West that is Coming – Part 2, Curiosity

This week, Donald Trump was inaugurated as the 47th President of the United States. I can only say with complete certainty that the world of compliance will never be the same. Trump not only promises tariffs and sanctions against America’s enemies and competitors but also promises them against America’s friends. His views on the Foreign Corrupt Practices Act (FCPA) are well known (‘a horrible law’), and so are his views on bribery.

He may well be the first President to employ the FCPA as a tactical weapon against companies from countries that are not only the US’s enemies and competitors but also our allies. This is nothing to say about how he will direct the Department of Justice to use the Foreign Extortion Prevention Act (FEPA) against our enemies, competitors, and allies. So prepare for the Wild West of corporate compliance for the next four years.

As compliance professionals face this miasma in 2025, compliance leadership skills will be more critical than ever. With these new, renewed, and mounting regulatory pressures, declining employee engagement, and intensifying demand for ethical corporate governance, the role of compliance leaders has never been more pivotal or challenging.

This week, I am looking at three leadership skills for the Chief Compliance Officer (CCO), compliance professional, or compliance practitioner to focus on for this sea change in compliance. One faces outward, one faces inward, and the third relates to your attitude. They are (1) fairness, (2) curiosity, and (3) a sense of humor. These three skills will enhance your team’s effectiveness and strengthen your organization’s overall compliance posture. Yesterday, we considered fairness. Today, we look at the curiosity of the compliance professional.

Curiosity: Your Secret Weapon for Compliance Growth 

From my experience, curiosity is a game-changer in compliance. Indeed, in the initial Radical Compliance podcast, Matt Kelly interviewed Hui Chen about the original (2017) Evaluation of Corporate Compliance Programs; she said it was designed to get compliance professionals and CCOs to ask questions about their compliance programs.

Besides the Trump Administration, in 2025, compliance programs will face emerging challenges such as AI ethics, ESG requirements, and new data privacy laws. Curiosity enables compliance leaders to stay ahead of these trends, fostering innovation and adaptability in their programs. Curious leaders break free from silos, seek new knowledge, and inspire their teams to think creatively. This mindset is critical for identifying risks and opportunities in an unpredictable regulatory environment.

Curiosity drives innovation, sharpens problem-solving skills, and helps compliance officers identify risks and opportunities others may overlook. But how can compliance professionals actively cultivate curiosity in themselves and their teams? Here’s a roadmap to help you stay informed, ask better questions, and fill critical knowledge gaps.

Stay Informed on Industry Trends 

Regulatory landscapes are shifting faster than ever, with new challenges arising in artificial intelligence (AI), environmental, social, and governance (ESG) standards, and data privacy. Compliance professionals must proactively stay informed about these trends to keep their programs agile and relevant. Indeed, every Deferred Prosecution (DPA) includes language mandating awareness of other businesses in their industry and any compliance developments.

What are some of the action steps a compliance professional or CCO can take? If you are reading this blog post, it is an excellent first step. You can listen to one or more of the 50 podcasts on the Compliance Podcast Network. Both steps will put you on the cutting edge of the nuts and bolts of compliance. For topical compliance news and analysis, you can read well-known commentators such as Matt Kelly on Radical Compliance. You can read industry publications like Compliance Week or law firm or consulting firm newsletters on topical compliance issues. Focus on emerging areas like AI ethics, ESG enforcement actions, and updates to GDPR or other privacy frameworks.

Attending webinars and conferences are excellent opportunities to hear from industry leaders, regulators, and peers. These conferences include Ethisphere and Compliance Week in the spring and SCCE and ACI in the fall. These events provide real-time insights and practical strategies for addressing emerging risks. When you attend such events, you can often garner as much information by networking with your peers. You can also join professional organizations, such as SEEC, ACFE, ECI, and others, which often have online forums to exchange knowledge and share best practices with other compliance professionals.

By staying informed, you can anticipate changes before they disrupt your organization and position yourself as a forward-thinking compliance leader.

Ask Better Questions 

Compliance professionals are often tasked with identifying risks and making decisions under uncertainty. The quality of the questions you ask determines the depth of your understanding and the effectiveness of your solutions. Traditional compliance questions like “What’s the risk here?” are essential but can be limiting. To foster curiosity, you need to dig deeper and challenge assumptions.

What are some examples of better questions you can ask? Start with such basics as “What assumptions are we making, and how can we test them?” This question helps uncover blind spots in risk assessments or compliance strategies. Follow up with questions like “How does this risk evolve?” Understanding the lifecycle of a risk can help you develop proactive mitigation strategies. Always add this query to your repertoire: “What can we learn from other industries?” Exploring how different sectors handle similar challenges can inspire innovative solutions in your company.

You should work to apply all of this in your everyday compliance work. Start by encouraging your team to approach problems from multiple angles. Take your risk assessment, where you can consider not just the likelihood and impact of a risk but also the assumptions underlying those ratings. This mindset shift leads to more robust and effective compliance strategies.

 Fill Knowledge Gaps 

In the compliance field, the more you know, the more you realize how much you still need to learn. Recognizing and addressing knowledge gaps is a critical skill for any compliance professional. Think about compliance issues in some of the following ways: Reflect on your recent projects or decisions. Consider if there were times when you felt unsure or relied heavily on external experts. Keep track of emerging topics where you only have surface-level knowledge, such as ESG reporting requirements or AI regulations. Finally, do not be afraid to ask your team for feedback. They may identify areas where additional expertise could strengthen the program.

Encourage Curiosity in Your Team

Curiosity is not simply a personal trait but a cultural value that compliance leaders can cultivate within their teams. A curious team is more likely to challenge assumptions, identify risks early, and propose creative solutions. You do not have to send your team to conferences to foster curiosity. You can do that yourself by creating opportunities for cross-functional in-house learning. Invite experts from other departments, such as cybersecurity, ESG, or finance, to share insights during compliance meetings. This not only broadens your team’s knowledge but also strengthens cross-departmental collaboration.

Encourage “What If” scenarios by asking your team to imagine hypothetical scenarios and explore how they would address them. Such as, “What if we faced a cyber breach tomorrow?” or “What if a supplier violated ESG standards?” It can be a perfect starting point for you and your entire team. Finally, celebrate curiosity by recognizing and rewarding team members who ask insightful questions, propose innovative ideas, or learn about emerging risks. By embedding curiosity into your team’s culture, you empower them to think critically and proactively, enhancing the overall effectiveness of your compliance program.

Curiosity is a powerful tool that enhances professional growth and strengthens compliance programs’ resilience and adaptability. In 2025 and beyond, compliance leaders who embrace curiosity will be best positioned to navigate uncertainty, address emerging risks, and lead their organizations confidently.

Join us tomorrow as we explain why having a sense of humor may be the most important skill for surviving the new administration’s inevitable chaos.

Categories
Blog

Top Compliance Leadership Skills for the Wild Wild West that is Coming – Part 1, Fairness

Today, Donald Trump will be inaugurated as the 47th President of the United States. I can only say with complete certainty that the world of compliance will never be the same after today. Trump promises tariffs and sanctions against America’s enemies, competitors, and friends. His views on the Foreign Corrupt Practices Act (FCPA) are well known (‘a horrible law’), and so are his views on bribery.

He may well be the first President to employ the FCPA as a weapon against companies from countries that are not only the US’s enemies and competitors but also our allies. This is nothing to say about how he will direct the Department of Justice to use the Foreign Extortion Prevention Act (FEPA) against our enemies, competitors, and allies. So get ready for the Wild West of corporate compliance for the next four years.

As compliance professionals face this miasma in 2025, compliance leadership skills will be more critical than ever. With these new, renewed, and mounting regulatory pressures, declining employee engagement, and intensifying demand for ethical corporate governance, the role of compliance leaders has never been more pivotal or challenging.

To navigate the first part of this Wild West, I propose three leadership skills for the Chief Compliance Officer (CCO), compliance professional, or compliance practitioner to focus on. One faces outward, one faces inward, and the third relates to your attitude. They are (1) fairness, (2) curiosity, and (3) a sense of humor. These three skills will enhance your team’s effectiveness and strengthen your organization’s overall compliance posture.

Fairness: The Cornerstone of Compliance Leadership

Fairness is the bedrock of a strong compliance culture. Employees who perceive their leaders as fair are likelier to adhere to policies, report concerns, and contribute to an ethical workplace. With 70% of workers dissatisfied with their pay and disengagement on the rise, fairness is no longer optional; it is essential. You only need to conference the entire controversy around Return to the Office (RTO) at JP Morgan when, as the Wall Street Journal reported, the company disabled its internal chat function because of the plethora of negative comments on the full implementation of RTO. Talk about not wanting to hear what is on your employees’ collective minds.

Fairness extends beyond legal compliance into the realm of interpersonal relationships. For compliance leaders, this means:

1. Relationship Justice-Treating employees with professionalism, dignity, and respect

Relationship justice is the foundation of trust in any organization and a critical component of compliance leadership. It involves treating employees as valued contributors, respecting them, and maintaining professionalism. Leaders who model relationship justice foster an environment where employees feel psychologically safe to raise concerns, share ideas, and report potential misconduct. For compliance professionals, this means actively listening to employee feedback, addressing grievances promptly, and avoiding behaviors that could be perceived as favoritism or bias. Consistently demonstrating respect and dignity reinforces ethical culture and strengthens employee morale and engagement, making them more likely to align with compliance initiatives.

2. Task Justice- Ensuring decisions are transparent and consistent.

Task justice focuses on the “how” of leadership—how decisions are made, communicated, and executed. Transparency is key to task justice; employees should understand the rationale behind decisions, especially when they affect their roles, responsibilities, or compensation. Consistency is equally important, as arbitrary or unpredictable decision-making undermines trust and can lead to perceptions of unfairness. Compliance leaders can implement task justice by using structured frameworks for decision-making, such as compliance risk matrices, and by documenting the process for policy updates or disciplinary actions. Clear communication of decisions and opportunities for employees to ask questions or provide feedback ensures that everyone feels included and informed, reducing resentment and fostering collaboration.

3. Distributive Justice – Aligning rewards with individual contributions

Distributive justice ensures that rewards, recognition, and outcomes are proportionate to the effort and contributions of individual employees. This dimension of fairness requires leaders to assess performance objectively and ensure that rewards—whether promotions, bonuses, or simple recognition—are distributed equitably. For compliance professionals, distributive justice can manifest in recognizing team members’ contributions to audits, investigations, or training programs. Leaders should avoid blanket recognition that overlooks individual effort and tailor rewards to highlight specific accomplishments. Employees who feel their contributions are valued and acknowledged are more likely to remain engaged, motivated, and committed to compliance goals. Ultimately, distributive justice reinforces the message that ethical behavior and hard work are consistently rewarded.

The CCO is pivotal in embedding fairness within the compliance program and the broader corporate culture. The DOJ refers to this as Institutional Justice and Fairness in the 2024 Evaluation of Corporate Compliance Programs. Whatever you (or the DOJ) might call this, the CCO must prioritize transparency, consistency, and respect across all compliance and cultural touchpoints to achieve this.

First, fairness starts with transparent processes in the compliance program. The CCO should establish clear protocols for investigations, audits, and disciplinary actions, ensuring employees understand the steps and criteria used in decision-making. The CCO can reduce bias and promote consistency by leveraging tools such as decision matrices or documented frameworks. Regular communication about compliance updates, policy changes, and enforcement actions reinforces transparency and builds trust.

Second, fairness in corporate culture is achieved through relationship-building and recognition. The CCO should foster open dialogue by creating channels for employees to voice concerns without fear of retaliation. Training programs emphasizing fairness—such as workshops on unconscious bias or ethical leadership—can cultivate a more respectful workplace. The CCO must ensure that ethical behavior and contributions to compliance efforts are consistently acknowledged and rewarded.

Ultimately, by modeling fairness in leadership and weaving it into compliance processes and cultural practices, the CCO sets the standard for ethical behavior, fostering employee trust and long-term organizational integrity.

Join us tomorrow to explore curiosity and the CCO/compliance professional.