Tag: compliance

Categories
Compliance Tip of the Day

Compliance Tip of the Day – NBA Betting Scandal-Introduction

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we will mine the ongoing NBA betting scandal for compliance lessons. Today in Part 1, we introduce the scandal, those involved, and the questions we have at this point.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Blog

The NBA Betting Scandal, Part 4: The Role of Compliance in Sports Leagues

We previously considered the who, the what, and the histories of the NBA betting scandal. Today, we explore the ‘how’: how a compliance function could have prevented this, and what both sports leagues and corporations can learn from each other about safeguarding integrity. Whether your organization manages global investments or global fan bases, the lesson remains the same: governance without compliance is merely a façade, and compliance without culture is noise.

The NBA’s Blind Spot: Compliance Is Not Just for Corporations

The NBA, like many professional leagues, has long emphasized rules enforcement rather than risk management. It has compliance policies, anti-gambling rules, player education programs, and disclosure requirements, but these are largely reactive. What’s missing is the proactive, integrated approach that corporate compliance professionals have built over the last two decades.

Think about the Sarbanes-Oxley Act (SOX). Following a series of accounting scandals in the early 2000s, companies not only created new rules but also established compliance infrastructures, internal controls, whistleblower channels, independent oversight committees, and risk-based monitoring systems.

The NBA, in contrast, still operates under a “trust-the-player” model, one that assumes personal integrity will outpace financial temptation. The DOJ indictment proves that assumption no longer holds. In today’s data-driven, gambling-integrated sports environment, league compliance must evolve into a true governance function, not merely a disciplinary office.

The Corporate Compliance Framework Applied to Sports

To understand what that evolution might look like, I want to apply the classic corporate compliance framework — the Seven Elements of an Effective Compliance Program, as outlined in the US Sentencing Guidelines —to a professional sports context.

1. Standards and Procedures

Corporations have codes of conduct that define acceptable behavior. Sports leagues have them too, but they’re often vague or limited to rulebooks. The NBA needs a clear, enforceable code of compliance that articulates not just what players cannot do, but also why a framework rooted in integrity, rather than punishment, is necessary. Imagine a “Sports Compliance Charter” that explicitly defines insider betting as a form of fraud, akin to insider trading. That reframing alone would elevate the stakes, moving it from a “rules violation” to a “trust violation.”

2. Oversight and Accountability

Corporate boards delegate compliance oversight to audit and ethics committees. The NBA’s governance, however, largely resides in the Commissioner’s office. That’s too much concentration of oversight for a league managing billions in sports betting partnerships.

A modern model would involve an independent Compliance and Integrity Committee reporting directly to the league’s Board of Governors. This committee would review potential conflicts of interest, audit betting-related data, and monitor patterns of suspicious player performance. Independence breeds credibility.

3. Due Diligence and Risk Assessment

Before a merger, corporations perform risk-based due diligence. Before every season, leagues could conduct a similar compliance risk assessment, focusing on areas such as gambling exposure, data security, and player-agent relationships. Who are the players with large gambling debts? Which coaches or trainers have undisclosed financial interests in betting companies? These are not personal invasions; they are integrity controls. Compliance starts by identifying risk, not reacting to scandal.

4. Training and Communication

Corporate compliance officers understand that training isn’t about memorizing policy; it’s about shifting mindsets. The NBA’s anti-gambling training should move beyond the “don’t do this” model toward scenario-based ethics education where players explore gray areas, learn about real-world enforcement cases, and understand the long-term reputational damage of misconduct. In corporate terms, this distinction lies between check-the-box training and culture-building education. Compliance is not a slide deck; rather, it is a dialogue.

5. Monitoring and Auditing

Just as compliance programs utilize transaction monitoring or expense audits, the NBA can leverage data analytics to identify irregularities in player performance and betting patterns. If a player suddenly exits two games early, as Jontay Porter did, that should trigger an automatic integrity review, just as an anomalous financial transaction might trigger an AML alert.

This is where the corporate concept of continuous monitoring can revolutionize sports compliance. Algorithms already track betting odds in real-time; coupling that data with player analytics would enable early detection of suspicious trends.

6. Reporting and Whistleblowing

No compliance program functions without psychological safety. The NBA should establish anonymous channels for reporting concerns not only for employees but also for players, trainers, and referees. If a player suspects a teammate is manipulating outcomes, there must be a trusted way to report it without fear of retaliation. In the corporate world, such mechanisms are essential to uncovering misconduct early. The same must apply to locker rooms.

7. Enforcement and Remediation

Discipline must be consistent and transparent. When corporations investigate misconduct, they publish their findings, impose proportionate penalties, and integrate the lessons learned. The NBA’s enforcement process remains opaque, with outcomes often perceived as being influenced by politics. Public trust demands transparency in discipline. When penalties are seen as fair and consistent, they reinforce the league’s credibility, just as consistent FCPA enforcement enhances the integrity of the corporate sector.

Compliance Culture: The Missing Link

Ultimately, no framework works without culture. Compliance officers recognize that even the most sophisticated policies are ineffective if the culture prioritizes winning at any cost. Sports leagues often celebrate risk-taking, competitiveness, and personal brand-building, traits that, when unchecked, evolve into entitlement and moral flexibility. That’s the same cultural recipe that fueled Enron, Wells Fargo, and Volkswagen.

The solution is not to suppress ambition, but to align it with ethical purpose. Imagine if the NBA  and other leagues embedded compliance values into player leadership programs, performance reviews, and even contract bonuses. The message would shift from “Don’t get caught” to “Play with integrity.”

The Compliance Officer as Integrity Architect

For compliance professionals, this scandal presents an opportunity to reimagine the role of the compliance officer not just in business, but in every trust-based institution. In corporations, the CCO acts as an integrity architect, designing systems that enable ethical decision-making even under pressure. Sports leagues need the same role. Call it the Chief Integrity Officer: a function that bridges governance, analytics, education, and enforcement.

This role could oversee not just gambling risks, but conflicts of interest, sponsorship ethics, and social media conduct, the entire ecosystem of reputation management. In the modern economy, integrity is a managed asset, and someone must be accountable for its stewardship.

Moreover, corporate compliance programs succeed when leadership models ethical behavior. The same applies in sports. When coaches or executives participate in insider schemes, as alleged in the case of Damon Jones, they set a destructive tone. But imagine the opposite, a league where coaches discuss integrity as openly as game strategy, and general managers reward transparency over secrecy. Tone at the top is contagious. In corporations, it builds trust. In sports, it rebuilds it.

From Scandal to Systemic Change

The NBA betting scandal is a compliance failure, but it can also be a catalyst. Like Enron and WorldCom before it, this crisis can drive reform if the league commits to systemic change.

For compliance officers, the takeaway is both familiar and urgent:

  • Do not wait for regulation to force change.
  • Design compliance as governance, not guidance.
  • Measure culture as closely as you measure performance.

Whether you’re managing a multinational enterprise or a billion-dollar sports league, the principle remains constant: integrity isn’t enforced; it’s engineered.

Final Thought: Compliance Beyond the Court

The NBA’s scandal is not simply a sports story. It is a warning about what happens when performance eclipses principle. For compliance professionals, it also serves as a form of validation.

Our work, often behind the scenes, is what protects institutions from self-destruction. The NBA didn’t fail because of bad luck; it failed because of missing systems. The same can happen in any organization that mistakes compliance for bureaucracy instead of recognizing it for what it truly is: the infrastructure of trust. Whether you are in a boardroom or a locker room, culture always calls the next play.

Join us tomorrow, as we continue our exploration in Part 5, to delve into the intersection of culture, incentives, and the psychology of ethical failure. We will examine how even well-meaning individuals cross ethical lines when the system prioritizes results over values.

Categories
From the Editor's Desk

From the Editor’s Desk: Compliance Week’s Insights and Reflections for October and into November 2025

In this episode of ‘From The Editor’s Desk’ podcast, hosts Tom Fox and Aaron Nicodemus delve into key compliance issues featured in Compliance Week. Tom and Aaron discuss the top stories from Compliance Week in October, look at some stories that will appear in November, and provide a preview of upcoming content and events.

They discuss the insights from a case study on Lafarge’s anti-bribery issues linked to cartels and terrorist organizations, as well as challenges in business due diligence in high-risk areas. The episode also covers recent trends around DOJ compliance monitorship under different administrations, insights into Foreign Corrupt Practices Act (FCPA) enforcement, and evolving compliance issues related to artificial intelligence (AI). Finally, they highlight upcoming Compliance Week initiatives and webinars, focusing on career pathways in compliance, the importance of due diligence in high-risk environments, and the practical applications of AI in the compliance field.

Resources:

Aaron Nicodemus on LinkedIn

Compliance Week

Categories
Popcorn and Compliance

Popcorn and Compliance: Episode 5 – Invisible Compliance: Lessons from The Invisible Man

Welcome to a special series of Popcorn and Compliance. In this series, we will examine the Classic Universal Monster Movies from the 1930s and 1940s, mining them for compliance lessons. (Yes, it really is an excuse to rewatch them all.) In this series, we will examine Frankenstein, Dracula, The Wolf Man, The Mummy, and conclude with The Invisible Man. In today’s episode of ‘Popcorn and Compliance,’ we wrap up our series by analyzing the 1933 classic, ‘The Invisible Man,’ for compliance insights.

Joined by Fiona and Timothy, Fox explores how Claude Rains’ portrayal of Jack Griffin, a scientist who becomes unhinged after discovering invisibility, parallels challenges in corporate compliance. The episode distills five key lessons: the perils of lacking transparency, the necessity of accountability, the critical role of organizational culture, the exponential risks when innovation outpaces ethics, and the importance of crisis preparedness. This episode highlights the importance of making the invisible visible in compliance practices, aiming to uncover hidden risks, enforce accountability, and maintain robust ethical standards.

Key highlights:

  • Exploring ‘The Invisible Man’
  • Lesson 1: The Dangers of Lack of Transparency
  • Lesson 2: The Importance of Accountability
  • Lesson 3: The Role of Culture in Compliance
  • Lesson 4: Innovation and Ethical Boundaries
  • Lesson 5: Crisis Preparedness
  • Final Thoughts

Resources:

Compliance Lessons from the Invisible Man on the FCPA Compliance and Ethics Blog

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Persuasion and Compliance

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we discuss how ‘Persuasion Science’ can help compliance.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Regulatory Ramblings

Regulatory Ramblings: Episode 81 – The Compliance Implications of Chinese Wealth Flooding Singapore // Spotlight on: HK Regulators Moving Digital Assets Forward

Today’s podcast begins with a brief discussion in our spotlight segment featuring a returning guest, Donald Day of VDX, on the Securities and Futures Commission (SFC) and the Hong Kong Monetary Authority’s (HKMA) newly issued supplemental circular, which updates the framework for intermediaries’ virtual asset activities.

Following that, we chat with Philippa Allen of IQ-EQ about the compliance implications of a large number of high-net-worth mainland Chinese individuals parking their funds – and, all too often, themselves and their families – in Singapore in recent times, especially since the pandemic.

Biography:

Donald Day is the Chief Operating Officer of VDX, a fintech startup in Hong Kong committed to building a digital asset ecosystem for institutional investors. He was previously the SFC’s in-house crypto expert at the SFC, Hong Kong’s capital markets regulator, where he helped shape the licensing regime for virtual asset trading platforms and designed and led the supervision of virtual asset fund managers and trading platforms.

Donald is a veteran of Deutsche Bank and Accenture. He was a co-founder, partner, and CTO at Bletchley Park Asset Management, an institutional-grade crypto hedge fund where he led systematic portfolio management.

Having served many roles at brokerage houses and hedge funds, including as COO of Qantex, a pan-Asian OTC derivatives brokerage, as a Delta-1 trader at Segantii, a multi-strategy hedge fund, and as a quantitative strategist and trader at Deutsche Bank. He began his career in Accenture’s capital markets practice, where he helped design and build world-class trading systems for some of the largest equity and derivatives exchanges.

Donald holds an MBA from the London Business School and a master’s degree in computer science from LMU University Munich.

Philippa Allen is the managing director of Regulatory Compliance, Asia at IQ-EQ. A compliance veteran, she has over 30 years of extensive experience in business and regulation across Asia.

She founded ComplianceAsia Consulting in early 2003. ComplianceAsia has been a part of IQ-EQ since August 2023. Previously, Philippa served as the head of compliance for the Asia-Pacific region at Dresdner Bank, based in Hong Kong, and at GT Asset Management (now part of LGT Asset Management). She was one of the drafters of the original Fund Manager Code of Conduct for Hong Kong’s SFC, and is involved in numerous submissions to regulators and lobbying efforts with financial industry bodies.

She graduated from the University of Western Australia with a Bachelor of Jurisprudence and Bachelor of Laws (LLB) degree. Upon graduation, she commenced practice as a barrister and solicitor for Freehill Hollingdale and Page, in Perth, Western Australia.

Philippa is also a frequent speaker at financial industry conferences and technical panels, and a member of various industry representative bodies, including the Asia Securities Industry & Financial Markets Association, the Hong Kong Venture Capital Association, AIMA, SFAA, and SVCA.

Discussion:

Our initial spotlight segment begins with reference to a recent LinkedIn Post authored by Don, entitled Hong Kong Raises the Bar in Digital Finance. He praised the SFC and HKMA’s recent circular update on the territory’s framework for intermediaries engaged in virtual asset activities.

Key changes include permitting licensed firms to offer staking services, as well as “use off-platform execution channels, and facilitate subscriptions/redemptions in virtual assets, giving institutions and investors greater flexibility. At the same time, retail clients remain protected through knowledge tests, suitability checks, and strict custody standards,” Don said, stressing that protection of retail customers was a key goal.

Emphasizing his optimism for the territory’s prospects to Regulatory Ramblings host Ajay Shamdasani, Don noted that such updates “show how Hong Kong is balancing innovation with trust, reinforcing its role as a leading global hub for regulated digital assets and institutional adoption.”

Don pointed out that Appendices A and B of the circular provide the updated licensing and compliance terms.

“These refinements balance market development with safeguards, further cementing Hong Kong’s role as a global hub for regulated digital assets,” he said.

Don concludes his remarks by stating that the right balance has been struck between market development and adequate guardrails, while also providing room for growth and innovation in Hong Kong’s digital assets market and promoting its position as a well-regulated global hub.

Following that, we speak with Philippa, who shares a bit about her personal and professional background, telling us about her roots in Australia, what drew her to the legal profession, and ultimately, to careers in compliance, consulting, and entrepreneurship.

We then delve into the rapid increase in wealth within post-pandemic Singapore – particularly from the arrival of wealthy mainland Chinese high-net-worth individuals (HNWIs) – and what that has meant for greater regulatory scrutiny in the Lion City’s private banking, wealth management, and family office sectors. Against this backdrop, Philippa shares her impressions of Singapore’s evolving regulatory landscape, the importance of robust compliance, and how firms can proactively adapt their strategies to navigate heightened expectations, while also maintaining client trust and operational excellence.

The discussion then turns to how HNWIs from mainland China often have ties to the government. Philippa remarks on when individuals should be presumed to be politically exposed persons (PEPs), what risks being a PEP entails, and when a former PEP is no longer considered to be such. As she stresses, the label and designation should not be applied expansively.

The conversation concludes with Philippa commenting on the efficacy of the UK’s Financial Conduct Authority’s (FCA’s) recently opened APAC office in Australia.

Regulatory Ramblings podcasts is brought to you by The University of Hong Kong – Reg/Tech Lab, HKU-SCF Fintech Academy, Asia Global Institute, and HKU-edX Professional Certificate in Fintech, with support from the HKU Faculty of Law.

Useful links in this episode:

You might also be interested in:

Connect with RR Podcast at:

LinkedIn: https://hk.linkedin.com/company/hkufintech 
Facebook: https://www.facebook.com/hkufintech.fb/
Instagram: https://www.instagram.com/hkufintech/ 
Twitter: https://twitter.com/HKUFinTech 
Threads: https://www.threads.net/@hkufintech
Website: https://www.hkufintech.com/regulatoryramblings 

Connect with the Compliance Podcast Network at:

LinkedIn: https://www.linkedin.com/company/compliance-podcast-network/
Facebook: https://www.facebook.com/compliancepodcastnetwork/
YouTube: https://www.youtube.com/@CompliancePodcastNetwork
Twitter: https://twitter.com/tfoxlaw
Instagram: https://www.instagram.com/voiceofcompliance/
Website: https://compliancepodcastnetwork.net

Categories
Blog

Compliance Lessons from Claude Rains – The Invisible Man

Ed. Note: We conclude our five-part blog post series on compliance lessons from Classic Universal Movie Monsters this week by examining one of the lesser-known movies and monsters: The Invisible Man. Accompanying this blog post series are Fiona and Timothy, who review the movie and share their thoughts on the compliance lessons from this classic, starring Claud Rains. They appear on a special series on the Popcorn and Compliance, part of the Compliance Podcast Network.

When Claude Rains debuted in James Whale’s 1933 film The Invisible Man, audiences were introduced to one of Universal Pictures’ most chilling and thought-provoking monsters. Unlike Frankenstein’s creature or the Wolf Man, Rains’s Jack Griffin is not a tragic victim of fate. He is a brilliant scientist who, after discovering a formula for invisibility, loses all sense of restraint and morality. His newfound freedom from accountability drives him to madness, violence, and destruction.

For compliance professionals, The Invisible Man is a powerful allegory about transparency, accountability, and the risks of unchecked power. Rains’s chilling laugh and the image of clothing moving without a body remind us that when actions go unseen, misconduct is most likely to flourish. The compliance program’s task is to make the invisible visible.

We conclude our special Classic Universal Monster series for October 2025 by examining five key lessons in compliance from the Claude Rains film, The Invisible Man.

1. Lack of Transparency Breeds Misconduct

Griffin’s transformation into the Invisible Man immediately removes the ordinary constraints of social behavior. Knowing that others cannot see him, he becomes bolder, more reckless, and ultimately violent. His invisibility grants him a sense of impunity.

This is the same danger corporations face when operations, transactions, or third parties operate without transparency. Hidden bank accounts, shell companies, off-the-books payments. These are the “invisible” spaces where bribery, fraud, and misconduct thrive. Regulators, such as the DOJ and SEC, consistently emphasize transparency as a cornerstone of compliance, as opacity often enables wrongdoing.

Compliance takeaway: Compliance officers must eliminate blind spots. Use data analytics to detect unusual transactions, require third-party disclosures, and insist on clear documentation. Invisibility may be thrilling in fiction, but in business, it is a direct path to misconduct.

2. Power Without Accountability Is a Recipe for Abuse

Griffin revels in his power. “An invisible man can rule the world! No one will see him come, no one will see him go,” he boasts. But stripped of accountability, his brilliance is corrupted. What begins as a scientific achievement devolves into tyranny.

Organizations face the same risk when individuals wield unchecked power. A star salesperson who brings in revenue but defies compliance controls, a regional manager who operates “off the radar,” or a senior executive whose behavior goes unquestioned, these are real-world Invisible Men. Without oversight, they can manipulate systems, pressure subordinates, and expose the company to massive legal and reputational harm.

Compliance takeaway: Build accountability into every level of the organization. No one should be exempt from oversight, not even high performers or senior leaders. Clear escalation pathways, independent reporting to the board, and consistent enforcement of rules ensure that power remains accountable.

3. Culture Determines Whether Controls Work

What makes Griffin’s story chilling is not only his invisibility, but how others respond to it. At first, they are horrified. However, some characters quickly fall into denial, hoping the threat will subside. Others are fascinated, drawn in by his apparent power. Ultimately, fear dominates; no one wants to confront him directly.

This dynamic mirrors corporate culture. Even the best-designed controls fail if the culture tolerates misconduct, ignores warning signs, or allows fear to silence employees. Culture determines whether employees speak up or stay silent, whether compliance officers are respected or marginalized, and whether ethical boundaries are enforced or ignored.

Compliance takeaway: Compliance officers must relentlessly shape and measure culture. Culture surveys, hotline analytics, and focus groups are as important as transaction monitoring. If employees are too afraid to confront misconduct—or too fascinated by results to ask questions—compliance controls will never succeed.

4. Risk Becomes Exponential When Innovation Outpaces Ethics

The core of The Invisible Man is a cautionary tale about the dangers of innovation. Griffin’s formula is groundbreaking, but it was developed without consideration of ethics, risk assessment, or oversight. His scientific achievement outpaces his moral responsibility, leading to catastrophe.

This is the same challenge corporations face today with artificial intelligence, biotechnology, and other emerging technologies. Innovation is valuable, but when ethics and compliance lag, risks multiply. Regulators are increasingly focused on whether companies consider the ethical implications, not just the technical achievements.

Compliance takeaway: Compliance must be embedded in innovation. New products, markets, or technologies should undergo compliance risk assessments, just as they undergo financial or safety reviews. Ethics cannot be an afterthought; it must guide innovation from the start.

5. Crisis Preparedness Is Non-Negotiable

The climax of the film shows villagers and authorities in chaos. They have no plan for dealing with an invisible adversary. Panic ensues. Griffin wreaks havoc until circumstances, not preparation, bring him down.

For organizations, this is a vivid illustration of why crisis preparedness matters. Whether it is a corruption investigation, a cyberattack, or an ESG controversy, chaos reigns if companies are unprepared. By the time regulators or the media arrive, it is often too late to design an effective crisis response.

Compliance takeaway: Compliance programs must include crisis management planning. This means having clear incident response procedures, conducting tabletop exercises, and ensuring cross-functional coordination. Preparedness is the difference between chaos and resilience.

Conclusion: Making the Invisible Visible

Claude Rains’s Invisible Man endures because it speaks to something primal, the fear of what cannot be seen. For compliance professionals, it resonates because much of our work involves uncovering the unseen: hidden risks, opaque transactions, and cultural undercurrents.

The Invisible Man reminds us that risk is most dangerous when it is hidden, when accountability is absent, and when systems fail to shine light into the shadows. The task of compliance is to make the invisible visible, to detect what others cannot see, to enforce accountability, and to ensure that innovation and power operate within ethical boundaries.

The Invisible Man, as portrayed by Claude Rains, is not just a horror story; rather, it is a commentary on the nature of compliance. For organizations, the real monster is not invisibility itself, but the complacency that allows invisible risks to thrive unchecked. Our job is to ensure that nothing in our organizations operates unseen.

Categories
Compliance and AI

Compliance and AI: Automate the Noise Away – The Future of Financial Crime Detection with Oracle’s Jason Somrak

What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These questions are just three of the many we will explore in this cutting-edge podcast series, Compliance and AI, hosted by Tom Fox, the award-winning Voice of Compliance. In this insightful episode, Tom Fox interviews Jason Somrak, Chief of Product & Strategy – Financial Crime & Compliance at Oracle Financial Services Software Limited.

They delve into the evolving role of AI in combating financial crimes and the proactive potential of AI in compliance investigations. Highlighting the transformative power of AI, Jason explains its applications, ranging from detection to investigation, and its impact on regulatory practices. They also discuss future emerging challenges in risk management and the collaboration between humans and AI in enhancing financial crime detection and compliance.

Key highlights:

  • AI’s Role in Financial Crime Prevention
  • Proactive and Preventive Measures
  • AI in Investigations and Triage
  • Automating the Noise Away
  • Regulatory Interactions and Challenges
  • Emerging Challenges in Risk Management
  • Future of AI in Compliance
  • Corporate Culture and AI Adoption

Resources:

Jason Somrak on LinkedIn

Oracle Financial Services

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Fostering a Compliance Brand

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice for navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we discuss why your compliance brand should be as iconic as James Patterson or David Baldacci.

For more on this topic, check out The Compliance Handbook: A Guide to Operationalizing your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Blog

It’s The Great Pumpkin Charlie Brown – Lessons in Process Validation Through Continuous Monitoring

Halloween is almost upon us, and we celebrate the greatest Halloween cartoon in the world’s history, “It’s the Great Pumpkin, Charlie Brown,” which premiered in 1966. As usual, the story revolves around the Peanuts gang, who are preparing for Halloween; Linus writes his annual letter to the Great Pumpkin, despite Charlie Brown’s disbelief, Snoopy’s laughter, Patty’s assurance that the Great Pumpkin is a fake, and even his sister Lucy’s violent threat to make her brother stop.

On Halloween night, the gang goes trick-or-treating. On the way, they stop at the pumpkin patch to ridicule Linus, missing the festivities as he has done every year. Undeterred, Linus is convinced that the Great Pumpkin will come, and he even persuades Charlie Brown’s little sister, Sally, to remain with him and wait. At 4:00 AM the following day, Lucy notices Linus is not in his bed. She finds her brother asleep in the pumpkin patch, shivering. She brings him home and puts him to bed. Later, Charlie Brown and Linus are at a rock wall, commiserating about the previous night’s disappointments. Although Charlie Brown attempts to console his friend, admitting he has also done stupid things, Linus angrily vows that the Great Pumpkin will come to the Pumpkin Patch next year.

In corporate compliance, much like in the world of It’s the Great Pumpkin, Charlie Brown, expectations must meet reality. In the compliance world, Linus’s actions might be likened to a company that sets up its processes without validating or continuously monitoring them. Year after year, Linus is let down because he needs to adjust his process or monitor his outcomes in real time. This is where the critical lesson in process validation through continuous monitoring becomes clear: Hope without validation is not a strategy. Let’s dive deeper into the compliance lessons from this Halloween favorite.

The Importance of Process Validation

Linus believes that his sincere faith in the Great Pumpkin will yield results. However, more than faith is needed to cut it in compliance. In the same way, companies may implement policies and procedures they believe will lead to effective compliance, but they need to validate these processes to ensure they are effective. Process validation is essential for ensuring that your compliance program operates as intended. From anti-bribery controls to third-party risk management, validating that processes work under real-world conditions ensures you aren’t waiting in a metaphorical pumpkin patch, hoping for good results.

As a compliance professional, you must validate that a process works after designing it, whether it is a transaction monitoring system or a third-party due diligence program. You must validate through testing, audits, and benchmarks to see if it’s achieving your desired outcomes.

The Role of Continuous Monitoring

Linus returns to the same pumpkin patch every year, never adjusting his approach and hoping that next time will be different. This is akin to organizations that implement processes without continuous monitoring—hoping things will change but never keeping a close eye on what’s happening in real-time. In the compliance space, continuous monitoring means maintaining oversight of key processes and using data-driven metrics to spot potential problems before they grow into major risks. Whether monitoring third-party interactions, employee transactions, or internal controls, compliance officers must ensure that data is continuously fed into the system. When a process is off course, continuous monitoring enables you to catch it early and correct it before it becomes a regulatory issue.

Every compliance professional should understand that continuous monitoring is essential for refining compliance processes. Regularly assess your systems, monitor anomalies, and make necessary adjustments. It’s about being proactive, not reactive.

Adjusting to Changing Realities

One of the more poignant lessons from It’s the Great Pumpkin, Charlie Brown, is that Linus doesn’t adjust his expectations despite repeated failures. He continues to sit in the pumpkin patch year after year. In compliance, ignoring evidence and sticking to outdated processes can lead to serious issues. Regulations change, risks evolve, and market conditions shift. A method that was valid last year may no longer be effective under new rules or circumstances. The only way to ensure your compliance program stays relevant is through ongoing adjustments based on continuous feedback.

As the corporate compliance expert, you must ensure that your compliance processes evolve with changing regulatory landscapes. Use continuous monitoring data to validate that your program remains robust in real-time conditions.

Clear Communication and Buy-In

Throughout It’s the Great Pumpkin, Charlie Brown, Linus is adamant about the arrival of the Great Pumpkin, but he fails to bring others along with him. His friends and even his sister don’t believe in his mission, leaving him alone in the pumpkin patch.

This illustrates the importance of communication and stakeholder buy-in in the compliance world. If compliance officers or departments communicate the value of continuous monitoring and validation, the rest of the organization will be engaged and supportive. Building an ethical culture requires alignment across all levels, from senior management to line employees. With it, your compliance efforts may be more cohesive than Linus’s pumpkin patch vigil.

Effective compliance depends on clear communication and organizational buy-in for the compliance professional. Ensure everyone understands the importance of continuous monitoring and how it safeguards the organization.

Linus’s faith in the Great Pumpkin may not pay off in It’s the Great Pumpkin, Charlie Brown, but for compliance professionals, validation and continuous monitoring can deliver real results. Compliance is about something other than waiting in the pumpkin patch, hoping things work out. It’s about ensuring your processes are tested, validated, and continuously monitored to catch risks early and compliance remains proactive rather than reactive.

Moreover, by watching the TV show, reading this blog, and, most importantly, applying these lessons, compliance officers can avoid Linus’s fate and ensure their processes are strong, dynamic, and capable of delivering the results they need to meet today’s regulatory demands. I hope you can watch It’s the Great Pumpkin, Charlie Brown again this year. I did. When you watch, think about the compliance implications. Will anyone ever set a ‘second set of eyes’ on the Great Pumpkin? If not, will it ever be validated? I hope you will be safe and dry if you are trick-or-treating tonight.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a really sincere pumpkin patch! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll SEE the Great Pumpkin!

You wait, Tom Fox.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a real, sincere pumpkin patch! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll see the Great Pumpkin!

Just wait, Tom Fox.