Tag: compliance

Categories
Great Women in Compliance

Great Women in Compliance: The Art and Science of Compliance: Nicole Rose on Culture, Curiosity, and Change

In this episode of Great Women in Compliance, host Sarah Hadden sits down with Nicole Rose—lawyer, artist, author, and creator of the FRAME Training Method—to explore how human behavior, psychology, and creativity can transform compliance from a checkbox exercise into a movement that drives real change. Nicole shares the story behind her “Moneyball Compliance” approach, showing how small, measurable behaviors can predict integrity, build stronger cultures, and make ethics training finally stick. The two also discuss Nicole’s upcoming book, Told: How In-House Legal and Compliance Professionals Secure Airtime, Gain Traction, and Transform Organizations.

Four Takeaways:

1. Compliance Is About People, Not Policies

Nicole’s journey from lawyer to artist to compliance innovator reveals that effective compliance starts with understanding human behavior and culture—not just ticking boxes or enforcing rules.

2. Behavior Beats Metrics

Traditional compliance programs measure completion rates; Nicole’s “Moneyball Compliance” approach measures behaviors that predict integrity—like speaking up, giving feedback, and practicing micro-activities that build ethical “muscle memory.”

3. Curiosity Is the Secret Ingredient

Engagement happens when employees are curious. Nicole emphasizes creating “pre-frames” that connect compliance messages to what people already know and care about, making training meaningful and memorable.

4. Make It Real, Not Funny

Humor has its place in presentations, but when it comes to serious topics like bribery, privacy, or human rights, authenticity and relatability are far more powerful than laughs. Real characters and relatable stories drive real change.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Incentives in Compliance: Structuring Effective Compensation Plans

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Seeking insightful perspectives on compliance? Look no further than Compliance into the Weeds! In this episode, Tom Fox and Matt Kelly discuss the intricacies of integrating incentives into corporate compliance programs.

Matt shares insights from a recent webinar and blog posts, discussing how companies can encourage ethical behavior through executive compensation plans, performance bonuses, and other incentive schemes. The conversation explores the Justice Department’s guidelines on executive compensation, the intricacies of designing these programs to align with industry-specific risks, and the implications for various levels of management. They also examine the challenges of establishing meaningful compliance metrics and striking a balance between compliance incentives and overall business objectives across multiple sectors.

Key highlights:

  • The Role of Incentives in Compliance Programs
  • Structuring Executive Compensation for Compliance
  • Challenges and Nuances in Incentive Programs
  • Incentives for Different Business Models
  • Compensation Types and Ethical Behavior

Resources:

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

A multi-award-winning podcast, Compliance into the Weeds was most recently honored as one of the Top 25 Regulatory Compliance Podcasts, a Top 10 Business Law Podcast, and a Top 12 Risk Management Podcast. Compliance into the Weeds has been honored with a Davey, Communicator, and W3 Award, all for excellence in podcasting.

Categories
Blog

Who Is an Officer? The D&O Implications of an Evolving Compliance Title

If you are a Chief Compliance Officer (CCO), you have likely spent countless hours parsing language in policies, contracts, and regulations. Words matter, especially when those words define responsibility, liability, and protection. Few words in the D&O insurance world carry as much significance or ambiguity as officer.

In a recent D&O Diary guest post, John Orr, D&O Liability Product Leader for Willis FINEX North America, tackled a deceptively simple question: Who qualifies as an “officer” under a directors and officers (D&O) insurance policy? His analysis extends beyond an insurance issue. As organizations evolve, titles proliferate, and regulatory exposure expands, the boundaries of who counts as an “officer” and thus who bears personal risk are blurring.

In today’s compliance landscape, the CCO cannot afford to let that ambiguity go unexamined. Because, as Orr notes, “titles no longer define exposure; functions do.” And that statement carries profound implications for how we manage risk, structure accountability, and design compliance frameworks in the era of AI, ESG, and cybersecurity. It also puts CCOs directly in the line of fire for shareholder litigation based upon a Caremark claim, which was expanded to include officers in the In re McDonald’s Corporation Stockholder Derivative Litigation case.

Today, explore five key lessons compliance officers should take away from this discussion.

1. The Old Definition No Longer Fits the New Enterprise

For decades, D&O insurance policies defined “officer” narrowly: those “duly elected or appointed” under corporate bylaws, which typically included the CEO, CFO, COO, and General Counsel. That made sense when corporate structures were simple and hierarchies clear.

But those days are gone. Modern organizations are matrixed, decentralized, and global. Entire risk domains, such as cybersecurity, compliance, sustainability, and AI governance, now have leaders whose decisions can expose the company to significant regulatory, reputational, or legal peril. Orr points out that after the SEC charged the CISO of SolarWinds in 2023, companies began asking a new question: Is my CISO actually covered under our D&O policy?

That question should not just keep risk managers up at night. It should jolt every compliance leader. Because if your peers in cybersecurity, privacy, or ESG can face personal liability for organizational failures, and if their roles fall outside traditional definitions of “officer,” then your compliance architecture is incomplete.

2. Titles Cannot Shield You from Risk, and They Should Not Define Protection.

Orr rightly criticizes what he calls the “legacy efforts at deliberate ambiguity” in defining who counts as an officer. Historically, this ambiguity offered flexibility to insurers and policyholders. But now it provides uncertainty; if your coverage depends on whether someone’s title happens to include “officer,” you are one reorganization away from being uninsured.

For compliance professionals, this echoes a familiar theme: form versus substance. Regulators, from the DOJ to the SEC, are increasingly looking beyond the organizational chart to assess who truly exercises authority and control. The same principle should apply internally when defining who merits D&O coverage or corporate indemnification in civil litigation.

If a CISO, Chief People Officer, or Head of AI Governance makes risk-laden decisions equivalent in impact to those of a CFO, should they not receive equivalent protection? Orr argues for a shift from title-based to function-based definitions, a position entirely consistent with modern compliance thinking. Accountability should flow from influence, not nomenclature.

3. Endorsements Are Band-Aids, Not Blueprints

As ambiguity around “officer” status has grown, companies have sought quick fixes, such as endorsements listing specific titles or individuals to be covered under D&O policies. Orr concedes that while these endorsements “address the need,” they are not scalable or sustainable. Compliance officers should recognize the analogy to policy exceptions and one-off approvals. Every time you bolt on an endorsement, you introduce friction, inconsistency, and the potential for oversight. It’s a reactive, not proactive, form of risk management.

Endorsements also fail the foresight test. They require organizations to predict which roles might become legally exposed next year, a nearly impossible task in a fast-evolving regulatory landscape. Who foresaw five years ago that ESG directors or AI governance leads would be in the crosshairs of regulators? For compliance, the takeaway is clear: tactical fixes can’t substitute for structural reform. Instead of adding endorsements to patch the definition, align the policy’s logic with the company’s real-world indemnification practices, a concept Orr calls using indemnification as the “North Star.”

4. Indemnification Is the True Test of Officer Status

Orr’s most compelling insight is his proposed “indemnification-based” solution. Under this model, anyone whom the company indemnifies or would have indemnified but for insolvency or other barriers qualifies as an officer under the D&O policy.

This approach elegantly ties together governance, insurance, and compliance. It shifts the focus from job titles to actual corporate behavior: if your organization considers someone important enough to indemnify for their decisions, they are important enough to insure. It also harmonizes coverage with reality, reducing uncertainty during a claim and ensuring consistency across corporate structures.

From a compliance standpoint, this is a governance revolution. It aligns with what the DOJ has repeatedly emphasized in its most recent Evaluation of Corporate Compliance Programs (2024 Ed.): policies must reflect “the actual day-to-day functioning” of the organization, not theoretical constructs. Indemnification as a coverage anchor reflects the compliance principle that responsibility should align with decision-making authority. If someone makes risk-bearing decisions, your compliance and D&O frameworks should converge to support and monitor that role.

5. Modern Risk Requires Modern Coverage and Modern Collaboration

The concluding insight from Orr’s piece should resonate deeply with every compliance officer: “This is not about expanding coverage. It’s about modernizing coverage to address the way companies operate today.”

That statement could serve as the mission of compliance itself. As emerging technologies and global expectations reshape the corporate landscape, the boundaries of responsibility shift daily. AI, ESG reporting, data ethics, and cybersecurity aren’t just technical or operational concerns; instead, they are compliance risks with individual accountability attached.

If your D&O policy does not reflect those realities, neither does your compliance program. The modern CCO must therefore work closely with risk management, finance, and HR to ensure alignment between the forms of protection (insurance, indemnification) and the functions of oversight (compliance, ethics, governance). The article also hints at an opportunity for insurers: innovation. Just as compliance leaders must find new ways to embed ethical decision-making, insurers must design products that reflect the fluid nature of modern corporate risk. Both fields, compliance and D&O, are being asked the same fundamental question: Are you structured for yesterday’s risks or tomorrow’s realities?

What It Means for the Chief Compliance Officer

For the CCO, this discussion is not simply an academic exercise. The question “Who is an officer? ” is really a question about who bears the moral and legal weight of corporate decision-making. As compliance matures into a strategic function, the CCO’s role increasingly resembles that of the “modern officer,” as Orr describes it: not just a gatekeeper, but a guardian of integrity, transparency, and accountability.

Here’s what that means in practice:

  • Map functional authority. Identify which roles across your enterprise carry significant compliance or legal exposure, regardless of title.
  • Engage with risk management. Ensure your D&O policy reflects the true landscape of decision-making authority.
  • Revisit indemnification practices. Advocate for parity between those granted indemnity and those exposed to regulatory risk.
  • Educate the C-suite and Board. Clarify that modern risk is horizontal, not vertical, and coverage must follow function, not hierarchy.
  • Champion continuous evolution. Compliance, like D&O coverage, must adapt as corporate structures evolve. Stasis is not a strategy.

Ultimately, the compliance function exists to ensure that individuals are accountable for their actions and protected for acting in good faith. That dual mandate, accountability and protection, lies at the heart of Orr’s argument and at the soul of every effective compliance program.

Compliance is not about saying no; it is about creating the conditions where doing the right thing is easy. In this context, that means ensuring your organization’s structure, policies, and insurance mechanisms make ethical leadership a safe and supported choice. The term “officer” may seem like a semantic detail, but as John Orr reminds us, it reflects how corporations define responsibility in an era of constant change. For compliance professionals, the challenge and the opportunity are to make sure that the mirror reflects reality.

 

Categories
Compliance Tip of the Day

Compliance Tip of the Day – NBA Betting Scandal – Prop Bets and Sports Books

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we will mine the ongoing NBA betting scandal for compliance lessons. Today in Part 2, we look at the role of prop bets and sports books in the scandal.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
AI Today in 5

AI Today in 5: November 4, 2025, The AI Gut Check Edition

Welcome to AI Today in 5, the newest edition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest related to AI.

Top AI stories include:

  1. Proactive AI. (FinTech Global)
  2. Of moral hazard and risk management. (Independent Institute)
  3. AI compliance tools for start-ups. (ECommerceTimes)
  4. The rise of the AI gut check. (Reuters)
  5. How Hollywood is harnessing AI. (ABCNews)

For more information on the use of AI in Compliance programs, my new book, Upping Your Game, is available. You can purchase a copy of the book on Amazon.com.

Categories
Innovation in Compliance

Innovation in Compliance: Dare to Dream: Leveraging AI and Innovation

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox welcomes Dr. Hemma Lomax from DocuSign, Chris Crowder from Airbus, and Vince Walden from konaAI to explore the future of compliance with AI and AgenticAI. This podcast was edited from a konaAI-sponsored webinar. For a link to the full webinar replay, see below.

Our discussion centers around the integration of AI, innovation, and compliance within corporate environments. Chris and Hemma share insights about their current data analytics efforts and the transformative role of AI in enhancing compliance processes. They discuss the importance of human judgment, exploring new technologies, and creating a forward-thinking compliance culture. Audience members are encouraged to think creatively about leveraging technology to address compliance challenges and prepare for a rapidly evolving business landscape.

Key highlights:

  • Current State of AI and Data Analytics in Compliance
  • Challenges and Opportunities in AI Implementation
  • The Role of AI in Risk Management
  • Human Judgment and AI: A Balanced Approach
  • Future of AI in Compliance and Business
  • Future of AI Agents in Compliance

Resources:

For a full replay of the Webinar, click here.

For the konaAI white paper on AgenticAI, click here.

To listen to the award-winning podcast Upping Your Game on the use of AI in a compliance program, click here.

Check out my latest book, Upping Your Game-How Compliance and Risk Management Move to 2023 and Beyond, available from Amazon.com.

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Categories
Blog

The NBA Betting Scandal, Part 5: Rebuilding Trust – The NBA’s Path Toward Integrity

In the span of a single week, the NBA went from celebrating another record-breaking season-opening week to confronting its deepest crisis of credibility since the Tim Donaghy officiating scandal. A federal indictment has now tied active players, a head coach, and organized crime figures to a sprawling gambling conspiracy. For a league that spent the past decade embracing sports betting as part of its commercial strategy, this is no longer a public relations problem. It is an existential one. And that means one thing: Adam Silver must now govern like a compliance officer, not a marketer.

The Commissioner’s Crossroads

Adam Silver’s leadership has always been defined by calm rationality and consensus-building, the antithesis of David Stern’s authoritarian decisiveness. That style worked well during the NBA’s globalization boom and its progressive cultural era. But this moment demands something different: urgency, accountability, and structural reform. The NYT reported that the NBA has begun a review of its policies and procedures, which were clearly inadequate for the situation.

Eric Koreen, writing in  The Athletic, said, Silver faces ‘the league’s biggest credibility issue in at least two decades”. His challenge is to walk a tightrope between patience and justice, acting decisively without overreaching, restoring trust without alienating players and owners. The league’s relationship with gambling partners, its governance model, and its disciplinary framework are all now under scrutiny.

The key question: Can Adam Silver act as both steward of the game and enforcer of its ethics?

1. Recognize the Scope of the Problem

Silver’s first task is to stop treating the scandal as a series of isolated events. As Nate Silver noted in Silver Bulletin, the vulnerabilities are structural; “the NBA is particularly susceptible to cheating based on inside knowledge of player availability”. Prop bets, load management, and tanking have created a shadow economy of insider information that blends seamlessly into the legalized betting marketplace.

This is not just about Terry Rozier’s “fake injury” game or Chauncey Billups’ alleged poker ring. It’s about a league whose financial ecosystem and culture have become dependent on gambling exposure. It’s about the business model itself. Compliance professionals will recognize this dynamic: when the core of your revenue strategy intersects with the core of your risk profile, you do not have a program problem, you have a governance problem.

2. Strengthen Information Governance

This crisis is about information. The NBA’s integrity crisis began with a failure to manage information effectively. Player availability, injury reports, and lineup changes are now tradeable assets in the betting marketplace. As Nate Silver observed, even minor leaks about “who’s actually playing” can swing point spreads by eight or more points. That’s the equivalent of non-public material information in the securities world. In corporate terms, this is MNPI, Material Non-Public Information, and it must be treated with the same rigor as insider trading data. Here are some steps the NBA must implement:

  • Tightened disclosure protocols: Require that injury and lineup information be filed within one hour of a team’s decision, with fines for noncompliance.
  • Digital access controls: Limit and log who within each team can access confidential player data.
  • Independent data audits: Just as SOX audits test financial controls, the NBA needs integrity audits on injury disclosure and betting irregularities.

The league must establish a compliance-grade information governance system, not a PR-based injury reporting mechanism.

3. Redefine the League’s Relationship with Sportsbooks

Silver’s visionary 2014 op-ed in The New York Times helped legalize sports betting in the U.S. But that success has come full circle. The NBA is now “inextricably tied to the alleged behavior,” as Koreen bluntly put it. To restore credibility, Silver must impose a firewall between integrity and revenue, similar to how compliance departments maintain independence from sales in regulated industries. Specific steps include:

  • Eliminating player-specific prop bets, which even industry insiders like Nate Silver identify as “inherently more subject to manipulation”.
  • Revising sponsorship structures, ensuring that betting companies can’t advertise on game broadcasts while the league investigates integrity risks.
  • Creating a Gambling Integrity Council, comprising league officials, compliance experts, and independent regulators, to review data-sharing protocols and monitor suspicious patterns.

Suppose the NBA continues to profit from gambling partnerships while claiming to protect the game’s purity. In that case, it risks the same credibility collapse that befell financial institutions during the 2008 crisis, when compliance was reported to serve profit.

4. Rebuild the Culture of Integrity

At its core, this scandal is not about technology or regulation; rather, it is about culture. The NBA’s locker room culture, as Danny Chau argued in The Ringer, was shaped by “a league that has normalized the gambling impulse under the guise of fan engagement”. Players now live in a universe where betting odds appear on broadcast screens, team apps link directly to sportsbooks, and performance data doubles as betting fodder.

To change this, the NBA must embed compliance education into player development from day one. Rookie orientation should include mandatory integrity training that covers gambling ethics, data confidentiality, and behavioral risks, just as financial firms train new analysts on insider trading.

Moreover, players need a Speak-Up Culture. The league should expand its anonymous hotline system into a comprehensive integrity platform, enabling players, staff, and referees to report suspicious betting behavior confidentially and without fear of retaliation. In compliance terms, culture eats code for breakfast. If the NBA wants to protect the game, it must rebuild a culture that values integrity as much as it values victory.

5. Reform Enforcement and Transparency

Silver now faces his “David Stern moment.” In 2007, Stern responded to the Tim Donaghy scandal with swift discipline, public accountability, and systemic change. Silver’s reputation for diplomacy is an asset in negotiations, but in enforcement, it can look like hesitation.

As Koreen noted, “Silver’s judicious nature has helped put the NBA in a strong financial position… but those were straightforward issues with simple moralities”. This one isn’t. This is about the soul of the league. To restore trust, the NBA should commit to:

  • Independent oversight of the investigation, not internal review.
  • Public disciplinary reports that detail findings and remediation steps.
  • Lifetime bans for proven offenders and mandatory ethics rehabilitation programs for lesser infractions.
  • Annual integrity reports, modeled after corporate sustainability or compliance reports, detail investigations, resolutions, and reforms.

Transparency is not weakness; it is the foundation of credibility. Fans don’t need perfection; they need proof that accountability exists.

6. The Compliance Parallel: Learning from Corporate Scandals

The NBA’s predicament mirrors what compliance officers saw after Enron, Wells Fargo, and Boeing: systems designed for performance became blind to integrity. The fix wasn’t more PR; it was embedding ethics into governance. What Silver must build now is not a crisis response team but an Integrity Management System:

  • A structure where compliance is independent.
  • A tone at the top that puts ethics before revenue.
  • A culture that values truth-telling more than brand protection.

The NBA can learn from the financial industry’s compliance architecture post-SOX and Dodd-Frank: independent monitoring, whistleblower protection, and transparency are not burdens; they are safeguards.

7. Restoring the Social License

Beyond regulation and enforcement, Silver must focus on what corporate governance experts refer to as the “social license to operate.” Sports leagues, like corporations, depend on public trust for legitimacy. As Koreen warned, “If people don’t believe your games are fair and your teams are playing by the same rules, then you don’t have much of a league at all”.

That’s the ethical horizon Silver must navigate. Rebuilding trust will take years, but it begins now, with decisive, integrity-centered leadership. The next time fans see an NBA injury update or a sportsbook advertisement, they shouldn’t wonder if the league is complicit in the gamble. They should believe, without hesitation, that the NBA is protecting the game.

Final Thought: Betting on Integrity

The NBA’s crisis is not just a gambling story; it’s a mirror held up to every organization that prioritizes engagement over ethics. For compliance professionals, the message is universal:

Integrity isn’t a cost center. It’s the scoreboard that determines whether your enterprise survives.

If Adam Silver can pivot from expansion to ethics from betting on growth to betting on trust, he will not simply save the league’s reputation. He will redefine what compliance leadership looks like in modern sports. Because in the end, the only wager worth making is on integrity itself.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – NBA Betting Scandal-Introduction

Welcome to “Compliance Tip of the Day,” the podcast that brings you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our goal is to provide you with bite-sized, actionable tips to help you stay ahead in your compliance efforts. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we will mine the ongoing NBA betting scandal for compliance lessons. Today in Part 1, we introduce the scandal, those involved, and the questions we have at this point.

For more information on this topic, refer to The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, recently released by LexisNexis. It is available here.

Categories
Blog

The NBA Betting Scandal, Part 4: The Role of Compliance in Sports Leagues

We previously considered the who, the what, and the histories of the NBA betting scandal. Today, we explore the ‘how’: how a compliance function could have prevented this, and what both sports leagues and corporations can learn from each other about safeguarding integrity. Whether your organization manages global investments or global fan bases, the lesson remains the same: governance without compliance is merely a façade, and compliance without culture is noise.

The NBA’s Blind Spot: Compliance Is Not Just for Corporations

The NBA, like many professional leagues, has long emphasized rules enforcement rather than risk management. It has compliance policies, anti-gambling rules, player education programs, and disclosure requirements, but these are largely reactive. What’s missing is the proactive, integrated approach that corporate compliance professionals have built over the last two decades.

Think about the Sarbanes-Oxley Act (SOX). Following a series of accounting scandals in the early 2000s, companies not only created new rules but also established compliance infrastructures, internal controls, whistleblower channels, independent oversight committees, and risk-based monitoring systems.

The NBA, in contrast, still operates under a “trust-the-player” model, one that assumes personal integrity will outpace financial temptation. The DOJ indictment proves that assumption no longer holds. In today’s data-driven, gambling-integrated sports environment, league compliance must evolve into a true governance function, not merely a disciplinary office.

The Corporate Compliance Framework Applied to Sports

To understand what that evolution might look like, I want to apply the classic corporate compliance framework — the Seven Elements of an Effective Compliance Program, as outlined in the US Sentencing Guidelines —to a professional sports context.

1. Standards and Procedures

Corporations have codes of conduct that define acceptable behavior. Sports leagues have them too, but they’re often vague or limited to rulebooks. The NBA needs a clear, enforceable code of compliance that articulates not just what players cannot do, but also why a framework rooted in integrity, rather than punishment, is necessary. Imagine a “Sports Compliance Charter” that explicitly defines insider betting as a form of fraud, akin to insider trading. That reframing alone would elevate the stakes, moving it from a “rules violation” to a “trust violation.”

2. Oversight and Accountability

Corporate boards delegate compliance oversight to audit and ethics committees. The NBA’s governance, however, largely resides in the Commissioner’s office. That’s too much concentration of oversight for a league managing billions in sports betting partnerships.

A modern model would involve an independent Compliance and Integrity Committee reporting directly to the league’s Board of Governors. This committee would review potential conflicts of interest, audit betting-related data, and monitor patterns of suspicious player performance. Independence breeds credibility.

3. Due Diligence and Risk Assessment

Before a merger, corporations perform risk-based due diligence. Before every season, leagues could conduct a similar compliance risk assessment, focusing on areas such as gambling exposure, data security, and player-agent relationships. Who are the players with large gambling debts? Which coaches or trainers have undisclosed financial interests in betting companies? These are not personal invasions; they are integrity controls. Compliance starts by identifying risk, not reacting to scandal.

4. Training and Communication

Corporate compliance officers understand that training isn’t about memorizing policy; it’s about shifting mindsets. The NBA’s anti-gambling training should move beyond the “don’t do this” model toward scenario-based ethics education where players explore gray areas, learn about real-world enforcement cases, and understand the long-term reputational damage of misconduct. In corporate terms, this distinction lies between check-the-box training and culture-building education. Compliance is not a slide deck; rather, it is a dialogue.

5. Monitoring and Auditing

Just as compliance programs utilize transaction monitoring or expense audits, the NBA can leverage data analytics to identify irregularities in player performance and betting patterns. If a player suddenly exits two games early, as Jontay Porter did, that should trigger an automatic integrity review, just as an anomalous financial transaction might trigger an AML alert.

This is where the corporate concept of continuous monitoring can revolutionize sports compliance. Algorithms already track betting odds in real-time; coupling that data with player analytics would enable early detection of suspicious trends.

6. Reporting and Whistleblowing

No compliance program functions without psychological safety. The NBA should establish anonymous channels for reporting concerns not only for employees but also for players, trainers, and referees. If a player suspects a teammate is manipulating outcomes, there must be a trusted way to report it without fear of retaliation. In the corporate world, such mechanisms are essential to uncovering misconduct early. The same must apply to locker rooms.

7. Enforcement and Remediation

Discipline must be consistent and transparent. When corporations investigate misconduct, they publish their findings, impose proportionate penalties, and integrate the lessons learned. The NBA’s enforcement process remains opaque, with outcomes often perceived as being influenced by politics. Public trust demands transparency in discipline. When penalties are seen as fair and consistent, they reinforce the league’s credibility, just as consistent FCPA enforcement enhances the integrity of the corporate sector.

Compliance Culture: The Missing Link

Ultimately, no framework works without culture. Compliance officers recognize that even the most sophisticated policies are ineffective if the culture prioritizes winning at any cost. Sports leagues often celebrate risk-taking, competitiveness, and personal brand-building, traits that, when unchecked, evolve into entitlement and moral flexibility. That’s the same cultural recipe that fueled Enron, Wells Fargo, and Volkswagen.

The solution is not to suppress ambition, but to align it with ethical purpose. Imagine if the NBA  and other leagues embedded compliance values into player leadership programs, performance reviews, and even contract bonuses. The message would shift from “Don’t get caught” to “Play with integrity.”

The Compliance Officer as Integrity Architect

For compliance professionals, this scandal presents an opportunity to reimagine the role of the compliance officer not just in business, but in every trust-based institution. In corporations, the CCO acts as an integrity architect, designing systems that enable ethical decision-making even under pressure. Sports leagues need the same role. Call it the Chief Integrity Officer: a function that bridges governance, analytics, education, and enforcement.

This role could oversee not just gambling risks, but conflicts of interest, sponsorship ethics, and social media conduct, the entire ecosystem of reputation management. In the modern economy, integrity is a managed asset, and someone must be accountable for its stewardship.

Moreover, corporate compliance programs succeed when leadership models ethical behavior. The same applies in sports. When coaches or executives participate in insider schemes, as alleged in the case of Damon Jones, they set a destructive tone. But imagine the opposite, a league where coaches discuss integrity as openly as game strategy, and general managers reward transparency over secrecy. Tone at the top is contagious. In corporations, it builds trust. In sports, it rebuilds it.

From Scandal to Systemic Change

The NBA betting scandal is a compliance failure, but it can also be a catalyst. Like Enron and WorldCom before it, this crisis can drive reform if the league commits to systemic change.

For compliance officers, the takeaway is both familiar and urgent:

  • Do not wait for regulation to force change.
  • Design compliance as governance, not guidance.
  • Measure culture as closely as you measure performance.

Whether you’re managing a multinational enterprise or a billion-dollar sports league, the principle remains constant: integrity isn’t enforced; it’s engineered.

Final Thought: Compliance Beyond the Court

The NBA’s scandal is not simply a sports story. It is a warning about what happens when performance eclipses principle. For compliance professionals, it also serves as a form of validation.

Our work, often behind the scenes, is what protects institutions from self-destruction. The NBA didn’t fail because of bad luck; it failed because of missing systems. The same can happen in any organization that mistakes compliance for bureaucracy instead of recognizing it for what it truly is: the infrastructure of trust. Whether you are in a boardroom or a locker room, culture always calls the next play.

Join us tomorrow, as we continue our exploration in Part 5, to delve into the intersection of culture, incentives, and the psychology of ethical failure. We will examine how even well-meaning individuals cross ethical lines when the system prioritizes results over values.

Categories
From the Editor's Desk

From the Editor’s Desk: Compliance Week’s Insights and Reflections for October and into November 2025

In this episode of ‘From The Editor’s Desk’ podcast, hosts Tom Fox and Aaron Nicodemus delve into key compliance issues featured in Compliance Week. Tom and Aaron discuss the top stories from Compliance Week in October, look at some stories that will appear in November, and provide a preview of upcoming content and events.

They discuss the insights from a case study on Lafarge’s anti-bribery issues linked to cartels and terrorist organizations, as well as challenges in business due diligence in high-risk areas. The episode also covers recent trends around DOJ compliance monitorship under different administrations, insights into Foreign Corrupt Practices Act (FCPA) enforcement, and evolving compliance issues related to artificial intelligence (AI). Finally, they highlight upcoming Compliance Week initiatives and webinars, focusing on career pathways in compliance, the importance of due diligence in high-risk environments, and the practical applications of AI in the compliance field.

Resources:

Aaron Nicodemus on LinkedIn

Compliance Week