Tag: compliance

Categories
AI Today in 5

AI Today in 5: December 15, 2025, The Good, Bad & Ugly Edition

Welcome to AI Today in 5, the newest edition of the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

Top AI stories include:

  1. Data Sovereignty and AI compliance. (DataCentre)
  2. Trump’s EO cuts down on AI compliance. (Bitget)
  3. The Good, Bad & Ugly of AI. (WSJ)
  4. AI leaders eye breakthroughs. (Bloomberg)
  5. Swiss Re signs MoU to develop AI capabilities. (FinTechGlobal)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game, is available. You can purchase a copy of the book on Amazon.com.

Categories
FCPA Compliance Report

FCPA Compliance Report – Kristy Grant-Hart on the Evolution of Compliance in 2026: Navigating New Risks and Regulations

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom welcomes Kristy Grant-Hart, Head of Advisory Services at Diligent’s Spark Compliance Group, to discuss where compliance has been in 2025 and where it is going into 2026.

Tom Fox and Kristy Grant-Hart explore the future of corporate compliance in 2026 and beyond. Key discussion areas include the Trump administration’s changing focus on the Foreign Corrupt Practices Act (FCPA), the designation of cartels as foreign terrorist organizations, and the implications for third-party due diligence. They also delve into modern slavery laws, the impacts of AI on compliance, and the necessity of a unified approach to compliance strategy.

Additionally, Kristy introduces the Compliance and Ethics Innovation Collective, a new program from Spark and Diligent that integrates services and software to deliver a more robust compliance solution. The session concludes with strategic advice for compliance officers on staying ahead of dynamic regulatory changes and maintaining effective risk management.

 

Resources:

Kristy Grant-Hart on LinkedIn

Diligent Website

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The Michigan Man, Part 1 – From Winning Program to Institutional Crisis

There are moments when an organization confronts a crisis so severe that it overwhelms every narrative it once controlled. The University of Michigan now finds itself in precisely that moment. What began as a continuation of compliance issues stemming from the sign-stealing scandal has rapidly escalated into something far more serious, far more painful, and far more destabilizing. This is no longer a story about NCAA rules or institutional embarrassment. It is a story about human failure, organizational breakdown, and the real-world consequences of ignoring warning signs.

As compliance professionals, our instinct is to move quickly to frameworks, root causes, and lessons learned. That work will come later in this series. But first, it is essential to set out the facts as they are currently known and to acknowledge the human cost embedded in every paragraph of this story. This story is far beyond compliance and ethics, but it is a true human tragedy. But it will also show how such a human tragedy could have been prevented if the basic tenets of organizational compliance and ethics had been followed.

All resources cited in this four-part series are listed at the end of this blog post. Finally, this writing is personal, as I am a UM graduate.

The Rise of Sherrone Moore

Sherrone Moore’s ascent within the University of Michigan football program appeared, at least on the surface, to be a model of internal succession. Moore joined Jim Harbaugh’s staff in 2018 and rose steadily through the ranks, ultimately serving as offensive coordinator during Michigan’s 2023 national championship season. When Harbaugh departed for the NFL, Moore was promoted to head coach, a decision widely praised as ensuring continuity and stability.

Moore was not simply a coach. He was a symbol. His emotional post-game interview after a victory over Penn State, while Harbaugh was suspended, became an iconic moment for Michigan fans. He embodied loyalty, perseverance, and what many referred to as the “Michigan Man” ethos. ESPN

Yet even at the time of his promotion, Moore’s record was not unblemished. He had already been implicated in the Connor Stalions sign-stealing investigation and had received NCAA suspensions for deleting text messages during that inquiry. Those issues were treated by the university and much of the fan base as technical compliance matters rather than as indicators of deeper governance or integrity risks. Slate

That framing now appears deeply flawed.

The Inappropriate Relationship Investigation

According to reporting by The AthleticESPNSlate, and The Wall Street Journal, the University of Michigan received an anonymous tip earlier in 2025 alleging an inappropriate relationship between Moore and a female football staffer. The university retained Jenner & Block, an outside counsel, to conduct an investigation. Initially, both Moore and the staffer denied any relationship, and investigators reported that insufficient evidence existed to substantiate the claim.

That changed dramatically in December 2025. Prosecutors allege that the staffer disclosed corroborating evidence confirming a multi-year intimate relationship after she ended it earlier that week. At that point, the university determined that Moore had violated institutional policy and terminated him for cause, avoiding a reported $14 million buyout. The Athletic

This was not merely an employment decision. It was the spark that ignited a cascading crisis.

The Criminal Charges

Within hours of his dismissal, Moore’s personal situation escalated into a criminal matter. Prosecutors allege that Moore went to the staffer’s residence without permission, entered through an unlocked door, and engaged in a confrontation during which he picked up scissors and butter knives and threatened to harm himself. According to court statements, Moore allegedly made repeated statements such as “I am going to kill myself” and “My blood is on your hands. The Athletic

Moore was subsequently charged with felony third-degree home invasion and misdemeanor charges of stalking and breaking. He was taken into custody, evaluated at a hospital, and later released on bond with GPS monitoring and a requirement that he continue mental health treatment. A probable cause hearing is scheduled for January 2026.

At this point, it bears stating plainly: these are allegations, and Moore has pleaded not guilty. The legal process will determine criminal responsibility. However, from an organizational perspective, the damage has already been done.

The Expanding Institutional Investigation

What began as an inquiry into Moore’s conduct has now broadened into a comprehensive review of the University of Michigan athletic department. University leadership has confirmed that Jenner & Block’s mandate has expanded to examine how the athletic department handled the Moore matter and other recent scandals, including the sign-stealing investigation and prior misconduct by football staffers. ESPN

Interim President Domenico Grasso has publicly called for anyone with relevant information to come forward, emphasizing that “all of the facts here must be known.” Athletic Director Warde Manuel remains in his position for now, but multiple reports note that his leadership and oversight are under intense scrutiny.

This expansion matters. It signals that the university itself recognizes that Moore’s actions cannot be isolated from the environment in which they occurred.

Beyond Compliance: The Human Tragedy

It would be a profound mistake to reduce this story to a checklist of policy violations.

At the center of this crisis are people whose lives have been irreversibly altered. Moore is a married father of three whose career has collapsed in public view. His family faces humiliation, uncertainty, and emotional trauma that will not disappear with headlines. Prosecutors describe the staffer at the center of the allegations as someone who felt terrorized and unsafe, a position no employee should ever occupy. University of Michigan players have lost their head coach midseason, forcing them to process personal loyalty, public scandal, and institutional chaos simultaneously. There is also the culture of an entire university athletic department, which not only allowed such behavior but also tolerated and even celebrated it by promoting Moore to Head Coach.

The broader Michigan community, alumni, students, and fans are also stakeholders in this tragedy. For an institution that has long traded on its image of integrity and moral leadership, the reputational damage cuts deeply. Being a ‘Michigan Man’ was meant to stand for something—something positive, that you did things in the right way, and you personally held yourself to a higher standard. As The Wall Street Journal observed, this is no longer a college football story. It is “agony in Ann Arbor. I certainly echo that feeling personally.

A Pattern, Not an Anomaly

The most troubling aspect of the facts as currently known is how familiar they feel. The Moore scandal follows a series of incidents involving Michigan athletics over recent years, including the Stalions’ sign-stealing operation, multiple staff arrests, internal HR complaints, and even a federal indictment of a former assistant coach for accessing student-athletes’ private data. WSJ

The issue may not be any single actor but rather an entrenched culture that has historically insulated powerful figures from accountability. Slate: When organizations repeatedly frame misconduct as isolated events, they fail to confront systemic risk.

Why This Matters for Compliance Professionals

For compliance professionals, this case is already instructive even before we reach lessons learned. It demonstrates how compliance failures often emerge not as sudden collapses but as accumulations of ignored signals. It shows how reputational capital built over decades can evaporate in a matter of days. Most importantly, it reminds us that behind every policy failure are human beings who bear the consequences.

While there will be others who say ‘I told you so’ or want to bring the vaunted Michigan Man down a peg or two, the lessons from this scandal and human tragedy are no less important for your team, your school, and your university.

In the next installment of this series, I will turn directly to Sherrone Moore’s individual compliance and ethics violations, including his conduct during the sign-stealing investigation and his alleged misrepresentations to investigators. That analysis is necessary. But it should never obscure the reality that this story is about far more than rules. Compliance exists to protect people, institutions, and trust. When it fails, the cost is measured not only in fines or sanctions but also in lives disrupted and communities shaken.

Resources:

The Terrible Mess at Michigan Football, by Jason Gay, writing in the Wall Street Journal.

Ex-Michigan coach Sherrone Moore charged with home invasion, stalking, breaking—Austin Meek and Sam Jane writing in The Athletic.

Fire Everybody—Alex Kirshner, writing in Slate.

Source: Michigan begins a review of the athletic department, by Dan Wetzel and Pete Thamel, writing for ESPN.

Categories
Blog

Netflix Acquisition of Warner Brothers: Part 5 – Post-Merger Integration – Where Compliance Either Succeeds or Fails

When Netflix announced its acquisition of Warner Bros., attention quickly turned to strategic synergies, content pipelines, and market influence. These are important, but they are not where the transaction’s success or failure will ultimately be determined. Deals succeed or fail in post-merger integration. For compliance professionals, this is the crucible. It is the period where two companies attempt to unify processes, cultures, systems, and risk management frameworks while moving at operational speed. When integration falters, compliance failures follow. When integration excels, compliance becomes a stabilizing force that supports the organization during a period of high-velocity change.

Compliance sits at the center of integration because compliance touches everything: governance, culture, systems, third-party relationships, data, reporting lines, training, investigations, and internal controls. It is one of the few functions that spans the entire enterprise. That makes compliance uniquely positioned to guide integration successfully. It also makes compliance uniquely exposed when integration fails.

Today, in our concluding Part 5, we explore why integration is the moment where compliance either rises or falters and what compliance leaders must do to ensure that the post-merger period strengthens rather than destabilizes the combined enterprise.

Day One Through Day Three Hundred: The Critical Window

The first year after closing defines the trajectory of a merger. This window is where employees decide whether leadership is credible, processes are coherent, and the combined organization knows where it is going. It is also the period when the greatest number of decisions must be made quickly and often without perfect information. That is where risk seeps into the cracks.

Compliance must treat integration as an enterprise-wide transformation project. That means establishing a structured roadmap for the first 30, 60, 180, and 300 days. Without this structure, integration becomes reactive rather than strategic. Reactive integration is where compliance failures escalate.

In this period, compliance must monitor employee sentiment, decision-making patterns, escalation pathways, and early deviation from established controls. Whether an organization grows stronger or weaker during integration depends on how quickly compliance identifies deviations and reinforces accountability.

Building a Unified Compliance Architecture

One of the first imperatives of integration is building a unified compliance architecture. Netflix and Warner Bros. bring different compliance footprints. Netflix has a culture that emphasizes transparency, individual accountability, and rapid feedback cycles. Warner Bros. brings decades of risk controls shaped by studio operations, talent relationships, union agreements, and global production infrastructure.

A unified architecture requires more than merging documents or standardizing policies. It requires understanding where each legacy system is strong, where it is vulnerable, and where alignment creates new risk.

Compliance leaders must establish:

  • A consolidated Code of Conduct.
  • A harmonized policy library.
  • Unified reporting channels.
  • Shared investigative procedures.
  • Enterprise-wide risk assessment methodologies.
  • Coherent training programs.

These components cannot be written. They must be communicated, taught, operationalized, and reinforced. Employees must understand not only what the policies say but also why they matter in the new organization.

Rationalizing Reporting Lines and Escalation Pathways

Mergers create confusion. Employees do not always know whom to contact, how to escalate concerns, or whether the people they previously relied on still have authority. That ambiguity is an enormous compliance risk.

Compliance leaders must create clarity early:

  • Who receives concerns?
  • How are investigations assigned?
  • What are the escalation criteria?
  • What timelines apply to decision-making?
  • How will employees receive feedback on issues they raise?

This clarity is not a luxury. It is a control. Without defined reporting pathways, concerns go unreported or unresolved. Both outcomes expose the business to avoidable harm.

Technology Integration: Where Risk Hides in Plain Sight

Technology integration is one of the most underestimated compliance risks. During a merger, companies aim to integrate systems spanning HR and payroll, content management, production workflows, distribution platforms, data governance, and internal controls.

Compliance must ensure that:

  • Data mapping is accurate.
  • Privacy rules are harmonized.
  • Access rights reflect new reporting structures.
  • Legacy systems are retired responsibly.
  • Audit trails are preserved, and
  • System changes do not inadvertently lower control effectiveness

Technology teams often focus on functionality and speed. Compliance must focus on integrity and accountability. Without disciplined oversight, integrations can create gaps or duplications that allow misconduct, data loss, or process failures to occur undetected.

Third-Party Integration: The Often Forgotten Battlefield

Netflix and Warner Bros. maintain extensive third-party ecosystems: production companies, talent agencies, global distributors, technology vendors, marketing partners, and international subsidiaries. Each third-party relationship carries risk. During a merger, that risk is magnified because:

  • Contract ownership may be ambiguous.
  • Oversight structures may change.
  • Legacy due diligence may be incomplete.
  • Vendor performance may deteriorate, and
  • New conflicts of interest may emerge.

Compliance must therefore implement a unified third-party risk management framework that includes:

  • Centralized onboarding and risk ranking;
  • Revised due diligence standards.
  • Contract alignment with the new Code of Conduct;
  • Clear monitoring obligations; and
  • Documented remediation protocols

An ungoverned third-party ecosystem is one of the most common sources of post-merger compliance failures.

The Cultural Dimension: The Invisible Integrator or Divider

Culture is the single greatest determinant of whether integration strengthens or weakens the enterprise. Netflix’s culture of candor and Warner Bros’ culture of tradition do not naturally conflict, but they do require careful alignment. Compliance must monitor cultural friction closely:

  • Decreased willingness to speak up
  • Divergent interpretations of policies
  • Informal workarounds
  • Turnover spikes in key departments
  • Erosion of decision transparency

Culture determines whether employees trust the compliance function, adhere to policies, and promptly escalate concerns. If cultural alignment is not prioritized, controls weaken regardless of the sophistication of the compliance architecture.

Documentation: The Foundation of Regulatory Credibility

Regulators expect visibility during integration. They expect companies to demonstrate that decisions were documented, risks were assessed, concerns were escalated, and oversight was effective.

Compliance must preserve:

  • Integration plans
  • Meeting notes
  • Risk assessments
  • Policy revisions
  • Training materials
  • Incident logs
  • Decision memos

Documentation is not bureaucratic. It is evidence. It demonstrates that the company fulfilled its obligations and that compliance was central to the integration process.

The Compliance Lesson

Integration is not an administrative exercise. It is a risk multiplier. It is also the moment when compliance can demonstrate its value most clearly. The Netflix acquisition of Warner Bros. offers an unmistakable reminder: strategic ambition means nothing if integration is weak. Compliance must lead with clarity, discipline, and foresight.

Where integration is intentional, guided, and well governed, compliance becomes a competitive asset. It stabilizes the organization, protects employees, and supports leadership during a period of profound change. Where integration is fragmented, rushed, or ignored, compliance fails. It fails not because of a lack of knowledge but because of a lack of structure.

For compliance professionals, this final lesson is the most important: the acquisition may create opportunity, but integration determines destiny.

Categories
Blog

Netflix Acquisition of Warner Brothers: Part 4 – Antitrust, Competition, and the New Regulatory Perimeter

The announcement that Netflix will acquire Warner Bros has ignited debate across the entertainment, technology, and regulatory communities. Some see a natural evolution of the media landscape. Others see a consolidation that will reshape creative, economic, and competitive dynamics for years to come. Regardless of the viewpoint, one truth stands out for compliance professionals: this transaction sits squarely within the new regulatory perimeter. Antitrust and competition authorities worldwide are sharpening their focus on digital ecosystems, algorithmic influence, data concentration, and content distribution power. The Netflix–Warner Brothers combination touches each of these vectors.

Gone are the days when antitrust analysis centered solely on price impacts and market share. Today’s regulators look at ecosystems, not industries. They assess information asymmetries, data leverage, vertical integration, control of distribution channels, and the ability to shape consumer behavior through algorithms. The Netflix acquisition of Warner Bros. will therefore invite scrutiny not only from United States authorities but also from European, Latin American, and Asia-Pacific regulators. For compliance professionals, the real work begins long before the first regulator issues a request for information.

Today, in Part 4, we explore how compliance must support the enterprise in anticipating these questions, preparing robust documentation, and maintaining clarity across all aspects of competition risk.

The Modern Antitrust Landscape Has Changed

For decades, antitrust enforcement was largely predictable. Regulators assessed whether consumers would face higher prices or fewer choices. Digital transformation has rendered that approach insufficient. Several trends shape today’s enforcement environment:

  • Concerns over digital gatekeepers and platform dominance;
  • Data accumulation is viewed as a competitive barrier.
  • Algorithmic influence over consumer decision-making;
  • Transparency expectations for recommendation engines; and
  • Vertical integration across content, distribution, and technology.

Netflix already commands a massive global distribution footprint. Warner Bros. brings world-class content, deep intellectual property reserves, and historical influence. The merger unites distribution power with content scale in a way that few competitors can replicate. Regulators will see this as a significant shift in industry structure.

For compliance professionals, the question is not whether regulators will scrutinize the deal. They absolutely will. The question is how prepared the enterprise will be to demonstrate that it understands and is mitigating competition risks.

Vertical and Horizontal Consolidation Risks

This acquisition presents both vertical and horizontal integration considerations. From a horizontal perspective, Netflix expands its content portfolio by acquiring an iconic studio. From a vertical perspective, Netflix gains control over additional production pipelines, licensing pathways, and distribution relationships.

Regulators increasingly evaluate whether vertical integration enables a company to foreclose competitors. The compliance team must be prepared to articulate why the transaction does not restrict access, inflate licensing costs, or distort downstream markets. Key questions regulators will ask include:

  • Will Netflix prioritize its own platforms to the detriment of competitors?
  • Will Warner Bros. content become less accessible to independent distributors?
  • Will competitors face higher licensing fees?
  • Will Netflix’s data advantage expand in a way that harms competition?

These questions demand more than strategic talking points. They require data, analysis, and ongoing monitoring. Compliance must work hand in hand with legal, antitrust counsel, and business partners to ensure responses are consistent, well-documented, and supported by evidence.

Data Concentration and Algorithmic Reach

One of the most significant competitive issues in the digital era is data concentration. Netflix already possesses deep insights into viewer behavior, content preferences, engagement patterns, and global demand signals. Warner Bros. adds decades of production data, marketing intelligence, performance histories, and talent analytics.

Regulators understand that data is a competitive asset that can create significant barriers to entry. With more data, a company can refine its algorithms, improve personalization, and strengthen its market position in ways that rivals may find difficult to counter. Compliance must therefore help prepare a comprehensive narrative around:

  • How the combined company will safeguard data privacy.
  • How algorithmic decisions will be documented and monitored;
  • How data from both entities will be integrated ethically, and
  • How the company will prevent anti-competitive uses of combined datasets.

A robust data governance program is no longer solely a privacy requirement. It is a competition requirement. Regulators expect companies to demonstrate not only compliant data use but also responsible data stewardship that avoids market distortion.

Obligations for Document Preservation, Monitoring, and Engagement

Antitrust investigations can span years. Regulators typically issue extensive documents and information requests, conduct interviews and depositions, and request economic modeling. Compliance professionals must ensure that the company is ready for this level of scrutiny.

That preparation includes:

  • Document preservation protocols;
  • Centralized communication tracking;
  • Strict guidance on executive communications;
  • Coordination across internal and external counsel; and
  • Clear training for employees on antitrust communication risks.

Failure to preserve documents, even inadvertently, can create major regulatory problems. Compliance must be proactive rather than reactive. Regulators also reward transparency. Early engagement, clear responses, and a willingness to address concerns directly can reduce both the duration and severity of regulatory inquiries. Compliance plays a crucial role in framing the company’s narrative and ensuring consistency.

The Need for a Multijurisdictional Strategy

A single regulator will not review this deal. Netflix and Warner Bros. operate globally, and every major jurisdiction has its own competition laws, unique priorities, and investigative styles. Compliance must support a multijurisdictional engagement strategy by:

  • Mapping regulatory timelines across regions;
  • Ensuring consistency in global responses;
  • Understanding local documentation and reporting requirements;
  • Managing translation, disclosure, and data-sharing protocols; and
  • Monitoring regulatory developments in real time.

The complexity of these interactions requires disciplined internal coordination. Compliance professionals are uniquely positioned to ensure that the enterprise stays aligned, audit-ready, and clear in its messaging.

Preparing for New Regulatory Expectations

Antitrust regulators are expanding their expectations beyond traditional competition analysis. They now examine:

  • Labor market effects;
  • Creative industry concentration
  • Media plurality;
  • Platform neutrality; and
  • Long-term ecosystem impacts

For the entertainment industry, issues such as creator rights, content diversity, and access to distribution channels are becoming increasingly relevant. Compliance must guide senior leadership through these evolving expectations and ensure that integration plans demonstrate responsible stewardship of market influence.

The Compliance Lesson

The Netflix acquisition of Warner Bros. highlights a central truth of modern compliance: the regulatory perimeter expands as corporate influence grows. Antitrust and competition concerns are no longer the exclusive domain of legal or economic experts. They are multidisciplinary issues that intersect with data governance, algorithmic transparency, content distribution, and ecosystem integrity.

Compliance professionals play a critical role in shaping the company’s readiness for regulatory scrutiny, building robust documentation practices, strengthening oversight channels, and ensuring that the enterprise can defend its decisions with clarity and confidence.

The merger of these two storytelling giants is as much a regulatory story as a strategic one. For compliance leaders, this is an opportunity to elevate competition governance, anticipate risk, and demonstrate the value of compliance as both a strategic partner and a regulatory safeguard.

Join us tomorrow, where we bring it all together for Part 5.

Categories
Great Women in Compliance

Great Women in Compliance – Global Corruption Prevention: A View from France

In this episode of Great Women in Compliance, Lisa sits down with Valentina Lana, a Paris-based attorney and ethics & compliance leader who bridges industry and academia.

Valentina shares how an early-career opportunity sparked her passion for anti-corruption work and led her to where she is today.  She has helped build major compliance programs and teaches at Sciences Po.  She worked with Michael Sapin on the Sapin II law and breaks down its core elements for the GWIC audience.  She discusses the requirement for companies to prevent corruption through formal compliance programs—and highlights why risk mapping and third-party due diligence remain the biggest practical challenges for organizations.

Valentina also discusses the evolution of cross-border cooperation between France and the U.S., how trust was built after years of tension, and why she believes that the partnership remains stable despite shifting global priorities. 

She shares her view on AI’s growing role in compliance, emphasizing that AI is a powerful assistant, not a replacement for human judgment, nuance, and interpersonal insight, which remain the core of what we do.

Categories
Blog

Netflix Acquisition of Warner Brothers: Part 3 – Intellectual Property Risk, The Hidden Compliance Battlefield

The Netflix acquisition of Warner Bros brings together two of the largest content ecosystems in the world. The deal has enormous strategic implications, but for compliance professionals, the deeper story lies in the immense web of intellectual property that now shifts under a single roof. Intellectual property is often viewed through a legal or commercial lens, yet it is increasingly a core compliance risk area. When two content giants merge, the IP battlefield becomes larger, more complex, and more consequential for regulatory exposure, operational continuity, and corporate integrity.

In the entertainment industry, intellectual property is not an abstract asset. It is the core of the business model. Every film, series, character, distribution right, piece of music, and residual obligation sits on a foundation of contracts, permissions, and time-bound commitments. These rights govern who may exploit a property, where, for how long, in what format, and under which financial arrangements. A merger like this does more than combine two content catalogues. It overlays two entirely different IP architectures, each with its own legacy practices, risk profiles, and global obligations.

In Part 3, we consider intellectual property risks and compliance risks. Compliance professionals must treat IP integration as a top post-transaction priority. The risks are real. They are operational, regulatory, financial, reputational, and strategic. They are also deeply intertwined with the organization’s ability to distribute content, monetize assets, and avoid disputes that can stall growth and trigger regulatory interest. In the modern entertainment ecosystem, IP governance is compliance governance.

Why IP is a Compliance Issue, Not Just a Legal One

Intellectual property sits at the intersection of law, business strategy, ethics, and risk management. Compliance teams cannot assume that IP risk will be contained within the legal department because the greatest vulnerabilities emerge during operational execution. When teams touch content without a clear understanding of rights limitations, compliance exposure grows quickly.

Several forces make IP a compliance battlefield:

  1. Legacy contracts contain obligations that may conflict with modern distribution models.
  2. Digital rights evolve faster than contracts can be renegotiated.
  3. Cross-border distribution requires alignment with dozens of regulatory frameworks.
  4. Residuals, royalties, and talent agreements require precise reporting and transparency; and
  5. AI-generated content introduces new concerns around derivative rights and authenticity.

Compliance professionals must help bridge the gap between legal interpretation and operational execution, ensuring that content is exploited within the boundaries of contractual and regulatory obligations.

The Merger Magnifies IP Complexity

Netflix brings a vast library of digital-native content governed by modern rights frameworks. Warner Bros brings nearly a century of IP governed by old studio contracts, union agreements, guild rules, and legacy licensing arrangements. When these systems merge, friction is inevitable. For example:

  • Streaming rights for classic properties may be fragmented across multiple regions
  • Some Warner properties may have exclusivity commitments that conflict with Netflix’s global release model
  • Distribution rights may vary by medium: theatrical, linear TV, streaming, DVD, gaming, or merchandising
  • Regional licensing arrangements may prevent automatic global rollout
  • Musical compositions and soundtracks may have rights administered separately from visual content

Each of these scenarios carries compliance implications, particularly when the combined company seeks to monetize its expanded library at speed. Compliance leaders must ensure that content decisions do not inadvertently violate distribution restrictions or contractual limitations. The volume of content makes manual oversight unrealistic. IP governance must therefore become systematic, data-driven, and documented.

Legacy Contracts: The Underestimated Risk

Some Warner Bros. contracts were written in an era long before streaming existed. Terms like “broadcast,” “home video,” or “syndication” may not map cleanly to digital or global distribution.

Compliance professionals must ask:

  • Do legacy contracts implicitly or explicitly cover streaming?
  • Are residual obligations triggered differently under new business models?
  • Do union or guild agreements change with new modes of distribution?
  • Have rights expired or reverted to creators without internal teams realizing it?

Each misinterpretation carries financial and reputational risk. Lawsuits over misused IP are costly, public, and damaging to stakeholder trust. A disciplined compliance approach involves creating a unified contract repository, conducting rights audits, and establishing escalation protocols for ambiguous terms.

The Rise of AI and Deepfakes: A New IP Threat Vector

The integration of two content libraries also raises a newer frontier of IP risk: AI-generated content and deepfake technologies. Netflix and Warner Bros both operate in a world where audiences expect cutting-edge innovation. However, AI-generated content requires strict governance to ensure:

  • It does not violate publicity rights
  • It does not reproduce copyrighted elements without authorization
  • It does not misrepresent actors, characters, or brand assets
  • It does not create derivative works that violate existing licensing arrangements

Regulators are increasingly attentive to the misuse of identity, likeness, and creative assets. Compliance must therefore play a leading role in defining ethical and legal boundaries for AI-assisted content creation.

The combined enterprise will possess one of the largest libraries of visual and audio material in the world, making it a prime target for misuse. Strong controls, watermarking strategies, and documentation of content provenance will be essential.

Auditability Challenges Inside Massive Content Repositories

When content libraries expand to millions of assets, visibility becomes an operational challenge. Compliance leaders must ensure that systems exist to track:

  • Rights ownership
  • Expiration dates
  • Restrictions by territory, language, and platform
  • Licensing limitations
  • Partners and counterparties
  • Historical distribution patterns

Without centralized auditability, well-intentioned teams may release content under the mistaken belief that the company owns full rights.

IP governance systems should include:

  • Digital rights management modules;
  • Automated alerts for expiring rights;
  • A central repository for contract metadata.
  • Integration with project management and release workflows; and
  • Role-based access controls.

Compliance must work alongside legal and technology teams to build infrastructure that prevents inadvertent misuse.

The Compliance Playbook for IP Governance During Integration

To navigate the IP battlefield successfully, compliance professionals should implement a structured approach:

  1. Conduct a comprehensive rights and obligations inventory
  2. Identify gaps, inconsistencies, and high-risk obligations across both legacy portfolios.
  3. Create a unified IP governance framework
  4. Standardize how decisions are documented, escalated, and reviewed.
  5. Align cross-functional teams
  6. Legal, compliance, content development, marketing, and distribution must share a common view of rights limitations.
  7. Train operational teams on rights awareness
  8. Editors, producers, marketers, and technologists need clarity on what they can and cannot use.
  9. Integrate IP governance into strategic decision-making
  10. New productions, remasters, spinoffs, and distribution initiatives should begin with rights verification.
  11. Strengthen third-party oversight
  12. Vendors, contractors, and partners must comply with rights limitations, especially when working with sensitive IP.
  13. Document interpretation decisions
  14. Regulators expect clear evidence that the company acted in good faith and applied consistent judgment.

The Compliance Lesson

The Netflix acquisition of Warner Bros shows why intellectual property is no longer simply a legal or creative asset. It is a compliance domain that carries operational, financial, regulatory, and reputational implications. When two vast content libraries merge, the risk landscape expands dramatically. Compliance professionals must embrace a proactive, system-driven approach to IP governance.

Content becomes an asset only when ownership, permissions, and obligations are fully understood. In a deal of this magnitude, IP governance is not only a hidden battlefield. It is the battlefield that will determine whether the combined enterprise achieves its strategic goals or stumbles under the weight of unanticipated risk. For compliance professionals, this is a moment to elevate IP risk management, strengthen oversight systems, and ensure that creativity and compliance move forward together.

Join us tomorrow for Part 4 as we examine antitrust, competition, and the new regulatory perimeter.

Categories
Blog

Netflix Acquisition of Warner Brothers: Part 2, Culture Clash and Culture Opportunity

When Netflix announced its acquisition of Warner Brothers, some industry observers immediately reached for superlatives. It is rare to witness the merging of two companies that so powerfully define the past and future of entertainment. Netflix represents the digital era’s relentless velocity. Warner Brothers represents a century-long tradition of filmmaking, artistry, and institutional memory. Many analysts have framed this transaction as a battle between new and old Hollywood. For compliance professionals, the more important reality is that culture will determine whether the combined enterprise thrives or falters.

Every acquisition carries cultural implications, but few present such a stark contrast. Netflix’s culture has long been described as radical transparency, high accountability, and a willingness to experiment without fear of failure. Warner Brothers has its own culture, marked by legacy practices, powerful creative guilds, long-standing production hierarchies, and a deep reverence for the studio system. When two creative ecosystems operating on fundamentally different rhythms are forced together, cultural friction is inevitable. The question is not whether tensions will emerge. The question is whether compliance, ethics, and governance leaders recognize the early signals and guide the organization through them.

Today, in Part 2, we explore whether the acquisition will be a clash of cultures or a cultural opportunity. Culture is not a soft concept. It is a compliance risk vector. Culture shapes decision-making, reporting behavior, ethical judgment, and employees’ willingness to raise concerns. Culture determines whether a problem surfaces early or metastasizes quietly. A transaction of this magnitude requires compliance professionals to approach culture not as a slogan to harmonize, but as an operational system that requires disciplined stewardship.

Why Culture Drives Compliance Outcomes in Creative Enterprises

Entertainment companies operate differently from many corporate environments. The creative process is inherently subjective. Decision-making is distributed across talent, producers, executives, and technical teams. Informal norms often guide behavior more powerfully than written policies. In this context, culture determines not only how work gets done but also how risks are managed.

Netflix has built a culture that embraces candid feedback, open decision frameworks, and data-driven experimentation. This environment reduces the risk that ethical concerns remain unspoken because communication channels are normalized around transparency. Warner Brothers, in contrast, operates in a world where relationships, tradition, and lineage carry weight. Legacy contracts, industry customs, and the tacit expectations between studios and talent can influence decisions.

Both cultures have strengths. Both cultures have vulnerabilities. Compliance professionals must understand that the goal of integration is not to erase one culture and impose another. The goal is to create a culture aligned with the company’s values that supports ethical decision-making and enables employees to speak up without hesitation. This is particularly important during a merger, when uncertainty heightens risk.

Two Different Operating Systems

Culture is an operating system. Netflix’s operating system prizes agility and real-time feedback loops. Warner Brothers’ operating system prizes craft, tradition, and continuity. When these systems converge, the risk is not that one replaces the other. The risk is that both weaken simultaneously without strong governance.

Netflix’s rapid decision cycles may clash with Warner Brothers’ structured production processes, where approvals, guild rules, and contractual obligations often slow the pace by design. If Netflix attempts to accelerate processes without a deep understanding of these obligations, compliance risks can emerge quickly, including breached talent contracts, overlooked union requirements, or misaligned production timelines.

Conversely, if Warner Brothers imposes its legacy processes without adapting to the digital and data-driven environment in which Netflix operates, it may undermine the transparent decision-making practices that help identify ethical and operational risks early.

Compliance leaders must act as interpreters between these operating systems. They must help leadership understand where flexibility is an asset and where structure is indispensable. Compliance must also ensure that employees across both organizations understand not only what the combined culture aspires to be, but also why certain controls exist and how they protect both the enterprise and the creative process.

Ethical Decision Frameworks Across Two Creative Ecosystems

Another challenge in cultural integration is aligning ethical decision frameworks. Netflix’s culture is rooted in accountability to metrics and performance outcomes. Warner Brothers’ culture is rooted in long-term relationships with talent, creative guilds, and industry stakeholders. This means the two companies differ in how they make decisions, escalate concerns, and evaluate the risks associated with innovative choices.

Compliance professionals must provide an ethical framework that is consistent, intuitive, and accessible across the enterprise. Employees should know how to evaluate potential conflicts of interest, report concerns, document decisions, and align risk-taking with corporate values.

When a company operates across multiple jurisdictions, creative functions, and regulatory environments, ethical consistency becomes essential. The compliance function must clearly articulate expectations repeatedly, using training, leadership engagement, and storytelling to reinforce behaviors that support integrity.

Early Indicators of Cultural Strain

Cultural tension is predictable in a transaction of this scale. The key is not to prevent tension but to identify it early. Compliance professionals should monitor indicators such as:

  • Decreased willingness to speak up;
  • Increased turnover in specific departments;
  • Divergent interpretations of policies between legacy teams.
  • Informal decision-making that bypasses established controls; and
  • Escalation patterns that shift without explanation.

These signals are rarely obvious to senior leadership unless compliance highlights them. Regular cultural risk assessments, pulse surveys, and qualitative interviews help the compliance function stay ahead of emerging conflict zones. Culture is dynamic, and risk velocity increases when expectations are unclear.

Building a Unified Culture Through Transparency and Accountability

Culture integration must be intentional. It cannot be delegated to internal communications or left to evolve without direction. Compliance leaders should work alongside HR, legal, and integration management to define the key elements of a unified culture.

This may include:

  • A consolidated code of conduct that reflects both creativity and accountability;
  • Standardized reporting channels that work across all business units;
  • Leadership models that bring together Netflix’s transparency and Warner Brothers’ collaborative ethos;
  • Clear explanations of why controls exist and how they support the creative process; and
  • Renewed emphasis on ethics as a competitive advantage.

Transparent communication is essential. Employees need to know why the organization is making certain cultural choices, what is expected of them, and how they can raise questions without fear.

The Compliance Lesson

The Netflix acquisition of Warner Brothers reveals a timeless truth: culture determines compliance outcomes. When two creative powerhouses join forces, the opportunity is immense, but the risk is equally significant. Compliance professionals must approach cultural integration with the same rigor they apply to regulatory integration or third-party risk management. Culture is not ornamental. It is operational. It is the foundation upon which speak-up behavior, ethical judgment, and internal trust are built.

If governance is the anchor of a merger, culture is the current that either carries the organization forward or pulls it off course. For compliance leaders, this is the moment to step forward, shape expectations, and ensure that the convergence of two storytelling giants becomes a model of ethical integration rather than a cautionary tale.

Join us tomorrow in Part 3, where we will consider the intellectual property risk, which could well be the hidden compliance battlefield going forward.

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending December 6, 2025

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings you the compliance stories you need to know to end your busy week. Sit back, and in 10 minutes, hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network. 

This week’s stories include:

  • The US lost over $29bn to fraud, waste, and abuse in Afghanistan. ⁠(USA Today⁠)
  • Does AI portend the end of the law/consulting firm pyramid? ⁠(FT⁠)
  • Will a Civility Oath make lawyers more civil?  ⁠(Reuters)⁠
  • What is the environmental cost of corruption? ⁠(BBC)⁠
  • Lane Kiffin should be nowhere near Ole Miss football. ⁠(WSJ⁠)
  • Police detain former EU top diplomat. ⁠(FT)⁠
  • Massive fraud in aircraft parts uncovered in the UK. ⁠(The Times⁠)
  • Switzerland charges Credit Suisse over Tuna Bond fraud. ⁠(ACAMS)⁠
  • Corruption scandals impact the Chinese Army.  ⁠(Reuters)⁠
  • Former Labour PM convicted of corruption in Bangladesh. ⁠(Independent)⁠

You can check out the Daily Compliance News for four curated compliance and ethics-related stories each day, ⁠here⁠.

Connect with Tom 

⁠Instagram⁠

⁠Facebook⁠

⁠YouTube⁠

⁠Twitter⁠

⁠LinkedIn⁠

You can purchase a copy of my new book, Upping Your Game, on ⁠Amazon.com.⁠

Categories
Compliance Tip of the Day

Compliance Tip of the Day – M&A-Pre-Acquisition: Final Lessons

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice for navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we looked at the role of compliance in the pre-acquisition phase of a merger and acquisition. We wrap it all up for you.

For more on this topic, check out The Compliance Handbook: A Guide to Operationalizing your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.