Categories
Daily Compliance News

Daily Compliance News: August 14, 2024 – The CCO Salary Survey Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • A new CCO salary survey is out. (WSJ)
  • Will the UK finally try and clean up BVI? (Politico)
  • Bank of America tells junior bankers to ‘follow the rules’. (WSJ)
  • Texas sues GM over stealing drivers’ personal data from its cars. (Reuters)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Securing Compliance: How CCO’s Can Combat Internal Sabotage

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into some of the nettlesome internal challenges faced by many Chief Compliance Officers (CCOs) in today’s corporate environment.

On Compliance into the Weeds, Tom and Matt discuss the various challenges that CCOs face within organizations. They delve into stories of how senior management, particularly General Counsels (GCs) and Chief Financial Officers (CFOs), can sometimes undermine compliance efforts. The conversation explores issues such as budget cuts, restrictive vendor usage, structural impediments, passive-aggressive behaviors, and direct interference in investigations. They also consider potential solutions and strategies for CCOs to better navigate these struggles and ensure the effectiveness of compliance programs.

Key Highlights:

  • Budgetary Constraints and Sabotage
  • Interference in Investigations
  • Structural Impediments to Compliance
  • Undermining by Engagement and Assignment
  • Advice Going Forward

Resources:

Matt in Radical Compliance

 Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

CCO Resources, Authority and Expertise Lessons from Star Trek: The Galileo Seven

Last month, I wrote a blog post on the tone at the top, exemplified in Star Trek’s Original Series episode, Devil in the Dark. Based on the response, some passionate Star Trek fans are out there. I decided to write a series of blog posts exploring Star Trek: The Original Series episodes as guides to the Hallmarks of an Effective Compliance program set out in the FCPA Resources Guide, 2nd edition. The Department of Justice (DOJ) and Securities and Exchange Commission (SEC) outlined 10 characteristics of an effective compliance program in the FCPA Resources Guide, 2nd edition. Today, I’ll continue my two-week series by examining them.

Today, I am looking at the episode The Galileo Seven, which offers valuable lessons for Chief Compliance Officers (CCOs) regarding resources, authority, and expertise. Here’s why this episode stands out and the lessons it provides: In The Galileo Seven, Spock, McCoy, Scott, and four other crew members are on a shuttlecraft mission to study a quasar-like phenomenon when they crash-land on a hostile planet. As they struggle to repair Galileo and survive the planet’s dangers, Spock, as the highest-ranking officer, must lead the group despite internal conflict and limited resources. Meanwhile, Captain Kirk faces pressure to abandon the search for the crew to deliver vital medical supplies on time.

Lesson 1 – Resource Allocation

The crashed crew has limited resources, such as a dwindling fuel supply and basic equipment, to repair the shuttle and defend against hostile creatures. Spock’s logical approach emphasizes the importance of maximizing the use of available resources to ensure survival. The lesson for a CCO is that efficient resource allocation is crucial in compliance. CCOs must prioritize and allocate resources wisely to ensure compliance programs are effective, especially when operating under budget constraints. This involves assessing the most critical areas that require attention and allocating resources to mitigate the highest risks.

Many Star Trek aficionados have long believed the Galileo Seven’s mission was doomed from the start due to insufficient resources. The crew needed to be equipped for the harsh environment, needing proper survival gear and communication systems.   Prioritize resource allocation for critical functions.  The CCO must ensure compliance resources are directed towards high-risk areas and essential functions. This includes adequate staffing, training, and technology.  Finally, you must develop contingency plans for resource shortages. The crew lacked a backup plan when their primary systems failed. CCOs should anticipate potential resource constraints and develop contingency plans to mitigate risks.

Lesson 2 – Authority

As the ranking officer, Spock must assert his authority and lead the crew despite skepticism and resistance from others. His team’s emotional and survival-driven needs put his leadership style, based on logic and reason, to the test. The lesson for a CCO is that authority and leadership are vital for implementing and enforcing compliance policies effectively. CCOs must assert their authority to influence and guide the organization toward ethical practices. Balancing logical decision-making with emotional intelligence can help gain buy-in from employees and management.

Regarding authority, this episode highlights the need for clearly defined roles and responsibilities and a transparent chain of command. The crew’s lack of clear leadership contributed to their downfall. Your CCO should be able to make independent decisions and take necessary actions to ensure compliance. Finally, there must be accountability, as the crew’s failure to hold each other accountable for their actions led to a cascade of errors. CCOs should cultivate a culture where everyone understands their responsibilities and the consequences of non-compliance.

Lesson 3 – Expertise

The crew relies on Spock’s science and engineering expertise to solve technical problems, such as repairing the shuttle and navigating off the planet. Spock’s analytical approach enables them to overcome obstacles, even as unexpected challenges arise. The lesson for a CCO is that expertise in compliance with regulations and industry standards is essential. A strong foundation in compliance knowledge enables CCOs to identify risks, develop effective policies, and respond to challenges efficiently. Continuous learning and staying updated on regulatory changes enhance a CCO’s ability to solve complex compliance issues.

This episode emphasized the value of diverse expertise. The crew needed to gain the necessary knowledge in survival, navigation, and alien biology. CCOs should assemble a team with diverse expertise to address various compliance challenges. There must be an investment in ongoing training and development. The crew’s lack of training in survival techniques proved fatal. CCOs should prioritize continuing training and development so that their team stays current with evolving regulations and best practices. There are times when a CCO must go outside and seek external expertise. The crew could have benefited from consulting with experts in alien environments.  CCOs should not hesitate to seek external expertise when facing complex compliance issues.

This episode emphasized the value of diverse expertise. The crew needed to gain the necessary knowledge in survival, navigation, and alien biology. CCOs should assemble a team with diverse expertise to address various compliance challenges. There must be an investment in ongoing training and development. The crew’s lack of training in survival techniques proved fatal. CCOs should prioritize continuing training and development so that their team stays current with evolving regulations and best practices. There are times when a CCO must go outside and seek external expertise. The crew could have benefited from consulting with experts in alien environments.  CCOs should not hesitate to seek external expertise when facing complex compliance issues.

The Galileo Seven reminds CCOs that insufficient resources, unclear authority, and inadequate expertise can lead to disastrous consequences. By learning from the crew’s mistakes, CCOs can build robust compliance programs that mitigate risks and ensure long-term success. It also highlights key aspects of resource management, authority, expertise, decision-making, and communication that directly apply to the Chief Compliance Officer role. By drawing lessons from Spock’s leadership under challenging circumstances, CCOs can better navigate their complex responsibilities, ensuring their organizations uphold the highest standards of compliance and integrity.

Join us tomorrow as we consider the lessons on risk assessments from the Star Trek episode Balance of Terror.

Categories
FCPA Compliance Report

FCPA Compliance Report: Exploring DOJ’s New Whistleblower Incentive Program with Mary Inman

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, Tom Fox welcomes back Mary Inman, Partner at Whistleblower Partners LLC, to discuss the new DOJ Whistleblower Incentive Program.

Tom and Mary discuss the DOJ’s New Whistleblower Incentive Program’s aim to fill gaps in existing reward programs and its focus areas, including financial institution violations, foreign and domestic corruption, and healthcare offenses. Mary highlights some criticisms of the program, such as lack of a reward floor and the cap on rewards, and the potential challenges and impacts on corporate compliance. They also talk about the interplay between whistleblowers, DOJ, and corporate investigations, and the potential for adaptation of the program based on stakeholder feedback.

Highlights in this Episode:

  • DOJ Whistleblower Incentive Program Overview
  • Four Focus Areas of the New Program
  • Challenges and Criticisms of the Program
  • Concerns About Reward Mechanisms
  • Race to DOJ: Whistleblowers vs. Corporations
  • Implications for Corporate Compliance

Resources:

Mary Inman on LinkedIn

Whistleblower Partners

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Great Women in Compliance

Great Women in Compliance: GWIC Roundtable on Putting AI to Use in Compliance

🎙 📣 🎙 It’s #GWIC Roundtable Wednesday, and Lisa Fine & Ellen Hunt are talking with two experts, Diana Kelley and Gwen Hassan, about putting AI to Use for Ethics & Compliance Teams.

Tune in to learn about:

  • How Ethics & Compliance Teams streamline their workload and amplify their impact with AI solutions
  • What frameworks and safeguards should you utilize to protect against hallucinations and unintended consequences?
  • What disclosures or opt-out features should you consider to alert users that the interactions are AI-based?
  • The state of current and future AI regulation

Listen now at Corporate Compliance Insights at https://lnkd.in/d9VGcfw or wherever you hear podcasts.

If you are using AI in your Ethics & Compliance function in a way we didn’t mention, please tell us in the comments.

#GWIC is proud to announce that it has been nominated for the #WomenInPodcastAwards. This is a people’s choice award, and whether you vote for #GWIC or other nominees, we ask that you send the elevator back down by voting. Voting opens August 1, 2024, and details can be found on the #GWIC LinkedIn page at http://www.linkedin.com/groups/12156164

#EthicalLeadership #AI #Ethics #Compliance #WomenLeaders #WomenPodcasts

Categories
Compliance Tip of the Day

Compliance Tip of the Day: The Exit Interview

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today we consider how a compliance professional can use the exit interview to improve overall corporate culture.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

To check out The Compliance Handbook, 5th edition, click here.

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 42 – Ethical Lessons from Obsession

In this episode of Trekking Through Compliance, we consider the episode Obsession, which aired on December 15, 1967, with a Star Date of 3619.2.

Kirk notices a sweet, honey-like odor on a planet that he recognizes. He orders the security guards to scan for choronium and fire at any gaseous cloud. Before they can do so, 2 are killed and one seriously injured. Kirk becomes obsessed with the destruction of the creature, which killed half the crew of the U.S.S. Farragut, which was  Kirk’s first deep-space assignment.

Scanners report that the creature is in a border state between matter and energy. The creature slows and heads for the Enterprise, entering the ship through the number 2 impulse vent, which Scott had inadvertently left open after performing maintenance. The creature then leaves the ship and heads away at warp speed, but Kirk has a hunch about where the creature is headed; it’s a home planet, where it is destroyed.

Commentary

In this episode,  Captain Kirk has become fixated on a gaseous creature that killed half his crew 11 years prior. Fox also discusses the updated visual effects in the remastered version and shares personal anecdotes. Furthermore, he extracts five key ethical lessons from the episode: promoting healthy coping mechanisms, establishing clear privacy policies, encouraging ethical reasoning, demonstrating accountability, and integrating ethics into strategic planning. These insights help organizations build trust, enhance reputation, and achieve sustainable growth.

Key Highlights

  • Kirk’s Personal Struggle and Pursuit
  • The Creature’s Attack on the Enterprise
  • The Final Confrontation on Tycho 4
  • Fun Fact: Favorite Star Trek Line
  • Remastered Star Trek: The Original Series
  • Ethical Lessons from Obsession

Resources

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 41 – Leadership Lessons from The Deadly Years

In this episode of Trekking Through Compliance, we consider the episode The Deadly Years, which aired on December 8, 1967, with a Star Date of 3478.2.

When Chekov, Spock, Lt. Gallway, McCoy, Kirk, and Scotty beam down to resupply the experimental colony on Gamma Hydra 4, they initially find no one home. They see the leader, Robert Johnson, and his wife, Elaine. Both appear to be extremely old. Kirk beams the landing party up together with those of the colonists who are still alive. Aboard the Enterprise, the colonists die of old age.

Kirk then begins to lose his memory and displays advanced arthritis. Commodore Stocker becomes increasingly concerned about Kirk’s condition and forces Spock to hold a competency hearing. Kirk is found incompetent, and Commodore Stocker takes over. An injection containing adrenaline, used on Kirk and the shot, is compelling. Kirk assumes back control of the Enterprise, which is now under attack by the Romulans thanks to Stocker’s incompetence in violating the Neutral Zone.

Using an old subterfuge, Kirk transmits a message that he will destroy the Enterprise using a corbomite device. The Romulans give a little ground lest they be destroyed in the upcoming explosion, and Kirk immediately races out of the Neutral Zone and into Federation space at Warp 8.

Commentary

The episode features the Enterprise crew grappling with a rapidly aging affliction after an encounter on Gamma Hydra 4. Fox uses the plot as a springboard to discuss crucial compliance and leadership lessons, emphasizing the importance of tone at the top, robust internal controls, empowering whistleblowers, and maintaining transparency and accountability. He argues that these principles are essential for creating a resilient, ethical organization.

Key Highlights

  • The Aging Mystery Unfolds
  • Kirk’s Clever Strategy
  • Reflections on Illness and Aging
  • Leadership Lessons for Compliance Professionals

Resources

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Blog

Elevating Your Risk Assessment Game with AI and Machine Learning, Part II

We conclude this two-part blog post on using Artificial Intelligence (I) and Machine Learning (ML) in risk assessments. By embracing AI and machine learning, compliance professionals can elevate their risk assessment capabilities, drive more informed decision-making, and position their organizations for long-term success in an increasingly complex and volatile business landscape. Today, we conclude with how to use these tools and some use cases.

When adopting AI-powered risk assessment solutions, compliance functions will face several key challenges, which can be addressed through a well-planned and strategic approach. Key challenges include implementing a robust data governance framework to ensure data quality, integration, and accessibility across the organization. Invest in data cleansing, normalization, and enrichment processes to prepare the data for AI models. You must be able to demonstrate how you got to certain decisions. To do so, you can use tools such as decision trees or logistic regression to explain their decision-making process better.

Your risk management model should ensure the accuracy, reliability, and fairness of the AI-powered risk assessment. To do so, you can establish a comprehensive model validation and governance framework, which includes regular performance monitoring, stress testing, and bias testing. The model validation process involves cross-functional teams, including risk experts, data scientists, and compliance professionals.

Multiple compliance areas lend themselves to use cases for AI and machine learning in risk assessment.

  1. Fraud Detection and Prevention. Machine learning algorithms can analyze transaction data, user behavior patterns, and other relevant information to identify suspicious activities and detect potential fraud in real-time. AI-powered anomaly detection can flag unusual transactions or account activities that deviate from the norm, allowing organizations to investigate fraud risks quickly and mitigate them.
  2. Vendor and Third-Party Risk Management. AI can rapidly assess the risk profiles of vendors, suppliers, and other third parties by aggregating and analyzing structured and unstructured data from various sources, including news reports, social media, and regulatory filings. Machine learning models can continuously monitor third-party relationships, detect changes in risk factors, and provide dynamic risk scoring to support vendor due diligence and ongoing risk mitigation.
  3. Compliance and Regulatory Risk. AI-driven natural language processing can help organizations stay on top of evolving regulatory requirements by automatically scanning and interpreting new laws, regulations, and industry guidelines. Machine learning can assist in identifying potential compliance gaps, policy violations, and other regulatory risks by analyzing internal data, such as employee activities, communications, and transactions.
  4. Operational Risk Assessment. AI and machine learning can model and simulate complex business processes, identify potential points of failure, and predict the likelihood and impact of operational disruptions. These technologies can also be leveraged to monitor and analyze real-time data from IoT devices, sensors, and other operational systems to detect anomalies and emerging risks.
  5. Enterprise Risk Management. AI-powered risk aggregation and correlation analysis can help organizations gain a more holistic, enterprise-wide view of their risk landscape, identifying interdependencies and potential risk concentrations. Machine learning algorithms can assist in prioritizing risks based on factors such as likelihood, impact, and velocity, enabling more informed decision-making and resource allocation.
  6. Emerging Risk Identification. AI and machine learning can scour vast amounts of external data, including news, social media, and industry reports, to identify emerging risks and trends that may not be apparent through traditional risk assessment methods. These technologies can also simulate future scenarios and stress test the organization’s resilience against potential black swan events or disruptive changes in the business environment.

By focusing on these traditional corporate risks, compliance professionals can enhance their risk assessment capabilities, improve decision-making, and better position themselves to navigate the increasingly complex and dynamic risk landscape. Integrating AI and machine learning into risk assessment requires a strategic, well-planned approach, commitment to continuous improvement, and a culture of innovation.

As you embark on this transformative journey, remember that integrating AI and ML is not a one-time event but a continuous refinement, learning, and adaptation process. Stay agile, keep an open mind, and be prepared to navigate the evolving compliance and risk management landscape.

The future of risk assessment is here, and it is powered by the extraordinary potential of artificial intelligence and machine learning for compliance professionals. Embrace this opportunity to unlock new levels of insight, efficiency, and proactivity – and lead your organization towards a more resilient and compliant future.

Categories
Blog

Elevating Your Risk Assessment Game with AI and Machine Learning, Part I

I am on a mission to explore how AI and machine learning (ML) can impact the compliance profession, the compliance profession, and the corporate compliance function. Today, I want to explore using AI and ML in risk assessment. I believe that they both have the potential to transform the way we approach risk identification, analysis, and mitigation. By harnessing the capabilities of AI and ML, compliance teams can elevate their risk assessment game and position their organizations for long-term success. Today, in Part I, we consider why you should utilize AI and ML in your risk assessment process and the first steps to take.

For years, organizations have relied on manual, human-driven risk assessment approaches. This often involves painstaking data gathering, expert interviews, document reviews, and applying risk frameworks and methodologies. While these time-tested methods have their merits, they are inherently limited in several ways:

  • Subjectivity and Bias: Human risk assessors bring their own experiences, perspectives, and biases to the table, which can lead to inconsistent or skewed risk evaluations.
  • Scalability Challenges: As businesses grow in size and complexity, manually assessing every risk factor becomes overwhelming and resource-intensive.
  • Reactivity vs. Proactivity: Traditional risk assessment tends to be retrospective, focusing on known or historical risks. Anticipating emerging threats requires a more forward-looking, proactive approach.
  • Lack of Real-Time Responsiveness: The pace of change in today’s business environment means that risk profiles can shift rapidly. Manual processes may need help to keep up with these dynamic conditions.

AI and ML offer promising solutions to overcome the limitations of manual risk assessment. By leveraging these technologies, compliance teams can identify a more significant overall set of risks. AI-powered systems can scour vast internal and external datasets to uncover potential risk factors that human analysts may have overlooked. Machine learning algorithms can identify patterns, anomalies, and correlations, providing a more comprehensive, data-driven view of the risk landscape.

However, it is not simply the ability to uncover more risks through greater data sets but also the ability to use AI and ML tools. Compliance professionals can quantify and model risk variables with greater precision, considering a broader range of factors and their interdependencies. This allows for more accurate risk scoring, prioritization, and scenario planning. This leads directly to anticipating emerging threats and vulnerabilities, empowering organizations to take proactive measures.

Consistency and objectivity are critical for any risk assessment. In this area, AI and ML-based systems can apply consistent, standardized risk assessment methodologies, reducing the impact of individual biases and subjectivity. Automated risk assessment powered by AI and ML can also process large volumes of data and handle complex risk evaluation tasks, freeing compliance professionals to focus on strategic decision-making. The goal is to move towards a more continual monitoring system, and here,  AI-driven risk assessment can be integrated into real-time monitoring and alert systems, allowing organizations to quickly identify and respond to changes in their risk profiles.

How does a compliance function implement all of this AI and ML? There are several steps you should consider.

  • Assess Your Data Readiness: Effective AI and ML-powered risk assessment relies on high-quality, structured data availability. The DOJ mandates that you have access to your company’s data, including identifying any gaps or limitations and developing a plan to enhance data governance and management.
  • Identify Use Cases and Prioritize: Conduct a thorough analysis of your risk assessment needs and pain points. In other words, what are your high-risk areas? Determine which specific areas – such as fraud detection, vendor risk management, or third parties – could benefit the most from AI and ML-driven solutions.
  • Evaluate and Select the Right Tools: Research and evaluate a range of AI and ML-powered risk assessment platforms and solutions. Consider factors like integration capabilities, user-friendliness (it’s all about the UX), scalability, and the provider’s track record in compliance and risk management.
  • Pilot and Iterate: Start with a targeted pilot project to test the viability and effectiveness of your chosen AI and ML-based risk assessment approach. (Hint: Start small with a low-risk target.) Closely monitor the results, gather feedback, and continuously refine the solution to optimize its performance.
  • Train Your Team: Ensure compliance and risk management professionals have the necessary skills and knowledge to effectively leverage AI and ML technologies. Invest in training, workshops, and collaboration with data science and technology experts.
  • Establish Governance and Oversight: Develop robust governance frameworks to ensure the responsible and ethical use of AI and ML in risk assessment. This includes addressing algorithm bias, data privacy, and human oversight.
  • Foster a Culture of Innovation: Encourage a mindset of continuous improvement and experimentation within your compliance function. Empower team members to explore new ways of leveraging emerging technologies to enhance risk assessment and drive organizational resilience.

Join us tomorrow to consider implementation and some compliance use cases.