Tag: compliance

Categories
Great Women in Compliance

Great Women in Compliance – Turning Conversations into Compliance Intelligence with Anna Pitt-Stanley

In this episode of Great Women in Compliance, co-host Hemma Lomax sits down with Anna Pitt-Stanley, Co-Founder and COO of Umony, to explore how the next generation of compliance technology can transform how organizations listen to their people, their culture, and their risk signals.

From her early work in voice innovation to co-founding Umony, Anna’s journey is rooted in a simple but powerful idea: that the truth of human behavior lives in communication. She and her co-founder, Dean Elwood, were driven by the frustration of seeing compliance programs overwhelmed by data but starved for insight. Together, they set out to build a company that turns conversations into decision-useful intelligence, without losing the human heart at the center of it all.

Anna shares how she leads with empathy, builds trust through operational discipline, and models what it looks like to be a C-suite leader who truly cares. This episode blends technology, leadership, and compassion — and reminds us that compliance done well is less about control and more about connection.

Episode highlight:

  • What does “the truth of behavior lives in communication” mean for compliance and culture?
  • How to balance surveillance and stewardship in modern communications governance.
  • Building a culture of compliance and compassion inside a high-growth tech company.
  • Leadership lessons from scaling with integrity: operational empathy, psychological safety, and trust by design.
  • The future of decision-useful compliance and what human-centric technology looks like in practice.

Biography:

Anna Pitt-Stanley is Co-Founder and Chief Operating Officer of Umony, where she leads operational governance, talent, partnerships, and disciplined execution as the company scales.

Before Umony, Anna co-founded Voxygen, a voice and communications innovation company later acquired by Lebara Group, where she served on the leadership team and board. Over her career, she has built a reputation for bridging complex, regulated environments with practical, people-first execution, delivering programs that align compliance, operations, and culture.

Anna holds an LL.M. in Law from the London School of Economics and Political Science (LSE). She also serves as a Director of Umony Limited and Umony Holdings Limited.

She is known for her focus on operational empathy, governance excellence, and creating workplaces where compliance and compassion thrive side by side.

Resources & Mentions:

Categories
Blog

House of Atreus Week: Part 3 – Atreus and Thyestes – Internal Rivalry and the Dangers of Retaliation

We continue to look at the lessons from the House of Atreus for the 21st-century compliance profession, focusing on the key stories and mining them for insights. In today’s Part 3, we take up the feud between Atreus and Thyestes, sons of Pelops and heirs to his poisoned legacy. Their myth is not just about murder and betrayal; it is about what happens when leaders weaponize authority for vengeance rather than stewardship.

Every organization eventually faces conflict within its own ranks. Disagreements over power, vision, and credit are inevitable. But when rivalry turns to revenge, governance collapses, trust erodes, and compliance becomes collateral damage. Today, we take a deep dive into this issue from the 21st-century compliance perspective.

The Feast of Vengeance

After Pelops’ death, his sons Atreus and Thyestes fought over the throne of Mycenae. They began like many corporate siblings, ambitious, capable, and determined to lead. But soon ambition turned into envy. Thyestes seduced Atreus’ wife and stole a prized golden lamb that symbolized kingship.

Atreus, humiliated, plotted revenge. Pretending reconciliation, he invited Thyestes and his sons to a grand banquet. During the feast, Atreus served them a meal of Thyestes’s own children. (Shakespeare used this story much later.) When the truth was revealed, horror swept the hall. Thyestes cursed his brother, and the curse carried through the next generation, consuming Atreus’ son Agamemnon and his grandson Orestes. It is a horrifying tale, but beneath the gore lies a familiar truth: internal retaliation destroys organizations from the inside out.

When Leadership Turns on Itself

Atreus’ banquet is not simply a mythic horror story fit for my classic monster movie month; rather, it is a 21st-century metaphor for every leadership team that devours its own. In terms of compliance, Atreus and Thyestes represent toxic internal politics. They illustrate how leadership rivalries, unchecked ego, and personal vendettas can dismantle governance systems faster than any external scandal.

Modern organizations suffer the same fate when:

  • Executives undermine each other publicly.
  • Managers retaliate against whistleblowers or rivals.
  • Compliance officers are punished for doing their jobs.

When leaders use their authority to punish rather than protect, culture collapses into fear. Employees stop reporting misconduct, colleagues turn on one another, and the compliance function becomes an instrument of control instead of accountability. Atreus’ feast might look extreme, but we have all seen versions of it in the workplace.

The Corporate Equivalent of the Cannibal Feast

Let’s translate the myth into modern terms.

  • Atreus’ “banquet” = a retaliatory campaign designed to humiliate a rival or critic.
  • Thyestes’ seduction = internal manipulation, gossip, or theft of credit.
  • The curse = the lingering culture of distrust that infects every successor.

Retaliation rarely ends with the original act. Once one leader weaponizes power, everyone learns the same lesson: “You’re safe only when you’re silent.” That’s how once-strong organizations become silos of fear. Compliance reports decline not because misconduct has ended, but because employees no longer believe reporting is safe. Like the House of Atreus, the company devours itself while pretending to feast.

The Dangers of Internal Retaliation

From the compliance perspective, retaliation is one of the clearest indicators of cultural rot. It’s also one of the DOJ’s most serious red flags. The 2024 Evaluation of Corporate Compliance Programs (ECCP) explicitly asks prosecutors to evaluate:

  • Whether employees are protected from retaliation.
  • Whether complaints lead to timely investigations.
  • Whether leadership promotes a speak-up culture.

If your organization punishes dissent, even quietly, you may well find yourself already on the DOJ’s radar. Atreus’ actions were the ultimate act of retaliation: gruesome, personal, and destructive. But the underlying pattern is timeless, leadership vengeance disguised as discipline. The lesson is as modern as it is mythic: a compliance program without psychological safety is a compliance program in name only.

Case Study Parallels: When Modern Leaders Feast on Their Own

  • Uber (2017): Retaliation against employees who raised harassment claims led to executive resignations and a cultural overhaul.
  • Wells Fargo: Whistleblowers reported retaliation after flagging fraudulent account practices, compounding reputational damage.
  • Boeing (737 MAX): Internal dissent on safety concerns was suppressed, leading to tragedies that reshaped regulatory scrutiny.

Each of these companies faced its own version of Atreus’ banquet, consuming credibility and trust in the process.

The Role of Compliance in Preventing Organizational Cannibalism

The compliance function exists not just to catch misconduct, but to defend integrity against internal retaliation. A strong compliance culture ensures that ethical leadership trumps personal rivalry. Here’s how to do it:

1. Build governance that transcends personalities. Authority should rest on process, not proximity to power.

2. Separate investigative authority from reporting lines. Compliance officers must have autonomy to act without interference.

3. Educate leadership on the cost of retaliation. Retaliation isn’t just a legal risk — it’s a culture killer.

When leaders understand that internal war erodes value faster than external threats, they start behaving more like guardians than gladiators.

Creating a Culture of Trust After Betrayal

Atreus’ kingdom fell because no one could trust anyone. In business terms, that’s what happens when transparency dies. To rebuild trust, companies must do three things:

1. Acknowledge Harm. Pretending internal feuds never happened only deepens cynicism. Compliance leaders must publicly reinforce that retaliation and toxicity are violations of corporate values. Acknowledgment is the first step toward cultural repair.

2. Reinforce Transparency. Regular reporting on investigations, outcomes, and disciplinary measures builds credibility. Employees must see that misconduct is addressed fairly, not selectively.

3. Model Ethical Reconciliation. Where conflict exists, leaders must model resolution through dialogue, not vengeance. A modern compliance culture is one where accountability coexists with forgiveness, where mistakes are corrected, not avenged.

Leadership Ego and the Compliance Cost

The rivalry between Atreus and Thyestes began with ego, the same ego that drives many corporate meltdowns. Ego tells leaders that compliance is optional, that their moral compass is self-calibrated. It convinces them that retaliation is justified, that “he started it,” or that removing a critic will restore order.

But as every compliance professional knows, ego is expensive. It costs credibility, cooperation, and often millions in remediation and fines. The only sustainable leadership model values humility over hubris. In compliance terms: replace ego with ethics, and rivalry with responsibility.

The Compliance Evangelist’s Reflection: The Curse of the Retaliator

Atreus believed vengeance would bring closure. Instead, it ensured endless conflict. In organizations, retaliation operates the same way. It may silence the critic today, but it guarantees more fear and more silence tomorrow.

The DOJ, SEC, and whistleblower programs worldwide have made one thing clear: protecting those who speak up is not just the right thing to do; it is the smart business approach. The companies that thrive in the modern regulatory landscape are those that treat every internal voice as an asset, not a threat. Atreus’ downfall shows what happens when leaders fail to learn that lesson. His house became a case study in the cost of ignoring culture. For compliance professionals, that’s the real moral: you cannot achieve ethical stability through punishment alone.

From Retaliation to Redemption

The saga of Atreus and Thyestes teaches us that retaliation is never a solution; it is a multiplier of risk. The only way to end the cycle is through structural and cultural change: transparency, accountability, and empathy in leadership. For compliance professionals, that means moving from enforcement to enlightenment, helping leaders understand that the true power of compliance is not control, but trust. Because when leaders stop feeding on their own and start feeding their culture with integrity, the curse finally breaks.

I hope you will join me tomorrow for Part 4 — Agamemnon and Clytemnestra: When Power Breeds Entitlement. In it, we will explore how Agamemnon’s moral compromises and Clytemnestra’s revenge illuminate the modern dangers of performance pressure, ethical trade-offs, and the corruption of power at the top.

Categories
Innovation in Compliance

Innovation in Compliance – AI in Financial Crime and Compliance: A Deep Dive with Oracle’s Jason Somrak

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode,  host Tom Fox welcomes Jason Somrak, the Chief of Product and Strategy for Financial Crime and Compliance at Oracle.

Jason elaborates on his professional background and his decade-long journey at Oracle. He delves into the transformative role of AI in combating financial crimes, exploring how AI has evolved from predicting false positives to using behavioral models and generative AI to enhance investigation processes. Their discussion touches on AI’s potential to shift from detection to prevention, the impact of real-time AML, and the significance of automating noise in compliance investigations. They also discuss the importance of regulatory relationships and the emerging challenges in risk management. The episode concludes with insights into the future skills needed in compliance roles and the critical role of corporate culture in implementing AI solutions.

Key highlights:

  • AI’s Role in Financial Crime Prevention
  • Proactive vs. Reactive Approaches
  • AI in Investigations and Triage
  • Emerging Challenges in Risk Management
  • Future of AI in Compliance
  • Skills for Next-Gen Compliance Officers

Resources:

Jason Somrak on LinkedIn

Oracle Financial Services

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

House of Atreus Week: Part 2 – Pelops and Myrtilus – Corruption in the Bidding Process

The curse of the House of Atreus did not begin and end with Tantalus. Like many toxic corporate cultures, it passed from one generation to the next a legacy of moral shortcuts disguised as clever strategy.

We continue our look at lessons from the House of Atreus for the 21st-century compliance profession, focusing on the key stories and mining them for valuable insights. In today’s Part 2, we consider the myth of Pelops and Myrtilus, an ancient fable about corruption, betrayal, and the fatal cost of winning the wrong way. In this story, we look at Pelops, who was Tantalus’s son. Having been literally restored to life by the gods, he had the chance to rebuild his house on a foundation of integrity. Instead, he reached for the easy win, and in doing so, repeated his father’s error: he traded ethics for expedience.

For modern compliance professionals, it is a reminder that bribery and ethical compromise never end where you think they will. They will always come back to haunt you.

The Chariot Race for a Kingdom

According to Greek legend, King Oenomaus of Pisa received a prophecy that he would die at the hands of his son-in-law. To prevent this, he devised a deadly test for any man seeking to marry his daughter, Hippodamia, a chariot race from Pisa to Corinth. If the suitor won, he gained Hippodamia’s hand. If he lost, he died. Pelops, ambitious and determined, entered the race. But he knew Oenomaus’ horses were divine and unbeatable. So he sought an advantage, not through skill or preparation, but through corruption.

He approached the king’s charioteer, Myrtilus, and offered a bribe: riches, favor, and a promise of reward. Myrtilus agreed to sabotage Oenomaus’ chariot by replacing the bronze linchpins with wax. During the race, the wax melted, the chariot crashed, and the king was killed.

But when Myrtilus came to claim his reward, Pelops betrayed him, either pushing him off a cliff or ordering his death. As he fell, Myrtilus cursed Pelops and his descendants, ensuring the family’s cycle of corruption and vengeance would continue.

The First Procurement Fraud

Strip away the mythic trappings, and Pelops’ race looks remarkably modern.

This was a procurement process, a competition for something of value (in this case, marriage and a kingdom), corrupted by bribery and fraud. Pelops did not win on merit; he won by manipulating a key insider in the process.

That’s the same dynamic at play in so many real-world scandals:

  • A contractor bribing a government official for an unfair advantage.
  • A vendor is rigging bids through inside information.
  • A company turning a blind eye to its agents’ actions abroad, so long as they deliver results.

In each case, the underlying temptation is the same as Pelops’: the belief that “winning is what matters.”

The Illusion of a “Victimless” Bribe

Pelops might have rationalized his actions. He could have told himself that everyone cheats in such races or that Oenomaus’ divine horses made the contest unfair to begin with, that the ends justified the means.

Modern compliance officers hear versions of this rationalization every day:

  • “It’s just a facilitation payment.”
  • “That’s how business is done in this region.”
  • “We’re not bribing; we’re just showing appreciation.”

But as Pelops learned, there is no such thing as a victimless bribe. His corruption did not end with a single race; unfortunately, it defined generations. Myrtilus’ curse became symbolic of the reputational and ethical taint that lingers long after the bribe is paid.

Third-Party Risk: Myrtilus as the First “Agent”

In compliance terms, Myrtilus represents the classic third-party intermediary, the local fixer, the consultant, the distributor. He was not a direct employee, but his actions became Pelops’ liability. When Pelops bribed Myrtilus, he created not just moral exposure, but third-party risk. Once you involve a third party in your scheme, you lose control over the outcome. Myrtilus could expose him, blackmail him, or turn witness.

Modern compliance programs have learned this lesson the hard way. Nearly every major FCPA enforcement action, from Siemens to Petrobras to Deere, involves third-party intermediaries. These individuals promise results, grease local wheels, and leave the company holding the bag when the investigation begins. Pelops thought he could control Myrtilus. He could not. No one ever can.

The Cost of Betrayal: When Corruption Destroys Trust

After the race, Pelops killed Myrtilus to eliminate a liability. But in doing so, he destroyed something even more valuable: trust.

Once an organization uses deception as a tool, it cannot sustain authentic relationships with employees, partners, regulators, or the public. Each act of concealment breeds another, until deception becomes standard operating procedure.

We’ve seen this pattern again and again:

  • A company that falsifies quality reports must falsify safety audits next.
  • A firm that manipulates bid data must suppress whistleblowers who question it.
  • A leader who lies externally must eventually lie internally.

In the end, Pelops did not just kill a man; he killed his organization’s capacity for integrity. That’s the same fate that awaits companies that treat compliance as expendable.

Culture Eats Compliance for Breakfast

The myth of Pelops is not about one race or one bribe; it is about the cultural rot that follows. Once Pelops normalized deceit, his descendants followed suit.

In corporate life, this manifests as a culture of winning at any cost, the most dangerous culture there is. It’s what drives salespeople to falsify data, procurement officers to overlook red flags, and executives to manipulate books.

Culture eats compliance for breakfast because if the unspoken rule of your organization is “get the deal,” no policy manual will save you. Pelops’ court would have had a Code of Ethics printed in gold, and it still wouldn’t have mattered. The only antidote is integrity built into incentives, recognition, and leadership behavior.

Lessons for Modern Compliance Professionals

What can we learn from Pelops’ fall? Quite a lot. His story offers five timeless lessons for those charged with safeguarding ethics and integrity in complex organizations.

1. Corruption Always Starts Small

The first step down the wrong path rarely looks like a scandal. It seems like a shortcut. A “favor.” A small gift. Pelops’ race was just one event, yet it came to define an entire dynasty. The concept of broken windows has demonstrated that you should treat every minor ethical compromise as a potential precedent. Small acts of misconduct become cultural habits faster than anyone realizes.

2. Third-Party Due Diligence Is Non-Negotiable

Myrtilus’ betrayal highlights why vetting, monitoring, and auditing third parties is critical. Companies must know who they’re partnering with and what incentives drive their actions. This means that compliance must have a robust third-party risk management process in place. You should require a business justification, a questionnaire, documented due diligence, risk-based screening, compliance terms and conditions in your contract, and ongoing monitoring for all third parties after the contract is signed.  Finally, transparency is not optional; it is mandatory.

3. Ethical Procurement Builds Long-Term Value

In the rush to “win” contracts, companies often forget that ethical procurement protects more than reputation; it protects relationships. A tainted bid can lead to debarment, litigation, and loss of trust from clients and governments alike. For the compliance professional, you must embed integrity in procurement policy. Make ethics a competitive advantage, not a compliance burden.

4. Retaliation Destroys Cultures

Pelops’ murder of Myrtilus was the ancient equivalent of whistleblower retaliation. Myrtilus knew too much, and instead of managing the risk ethically, Pelops eliminated the witness. The result? A curse or, in modern terms, a scandal that never dies. Every compliance professional must work diligently to protect those who speak up. Encourage reporting. Make it clear that retaliation is a firing offense, not a survival tactic.

5. Integrity Outlasts Every Shortcut

Pelops won his race but lost his legacy. The true measure of success for individuals and organizations alike is sustainability. Ethical wins last; corrupt ones collapse. This requires corporate cultures where ethical behavior and business success are aligned. When values drive results, not the other way around, compliance becomes self-sustaining.

The Curse of the Easy Win

Every compliance professional has faced their “Pelops moment”; that pressure to deliver results faster, cheaper, or more impressively than the rules allow. The temptation is powerful because it is wrapped in the language of success. But as Pelops shows, every unethical win carries a hidden invoice. The ancient Greeks would call it nemesis, the inescapable reckoning that follows hubris. We call it enforcement. Whether through regulators, prosecutors, or public outrage, the bill always comes due.

The challenge for modern compliance leaders is to help their organizations see beyond the race. Winning today is not worth cursing tomorrow.

Join us tomorrow for Part 3 — Atreus and Thyestes: Internal Rivalry and the Dangers of Retaliation. We will explore how infighting, revenge, and the weaponization of leadership destroyed the next generation and how modern organizations can prevent internal culture wars from becoming compliance catastrophes.

 

Categories
Blog

House of Atreus Week: Part 1 – Tantalus’ Transgression – The Birth of a Toxic Culture

I have long been fascinated by the Greek myths around the House of Atreus. It is the most cursed House in all Greek myth. I have also long wanted to blog post series on the compliance lessons for the modern-day compliance professional. This week, I am going to take a deep dive into the most doomed House and explore some of the key stories to mine them for lessons learned for the 21st-century compliance professional. We begin our series with the founder of the House of Atreus, Tantalus, and how one leader’s moral failure can poison the entire culture of an organization. His story is a cautionary tale about hubris, accountability, and the long shadow of tone from the top.

Every great compliance failure begins somewhere. Sometimes it is a single decision, a moment of arrogance, or the quiet belief that the rules apply to everyone else but not to you. In the myths of ancient Greece, that moment came with Tantalus, patriarch of the cursed House of Atreus. His name lives on in infamy, not because of power lost, but because of ethics abandoned.

The Feast of Deception

Tantalus was a favorite of the gods. He dined with them on Mount Olympus, enjoying privileges no mortal ever had. But instead of gratitude, he showed contempt. To test their omniscience, Tantalus served the gods a horrific meal, the cooked flesh of his own son, Pelops. The gods recoiled in horror, restored Pelops to life, and condemned Tantalus to eternal punishment: forever hungry and thirsty, standing in a pool of water beneath fruit-laden branches that receded whenever he reached for them.

This is where we get the word tantalize to tempt with what is always just out of reach. But for compliance professionals, the story isn’t about temptation; it’s about transgression.

Tantalus’ sin was not merely moral or criminal. It was cultural. It revealed a belief that he was above consequence, that his proximity to power made him immune to accountability. Sound familiar? It’s the same psychology that drives corporate misconduct today: the executive who hides risk, manipulates reporting lines, or treats compliance as a box to check rather than a value to live.

Hubris at the Top: When Leaders Believe They Are Untouchable

The core of Tantalus’ failure is hubris, excessive pride that blinds leaders to ethical limits. He thought himself equal to the gods, just as modern executives sometimes see themselves as beyond internal controls, policies, or oversight.

We have seen it in corporate scandals from Enron to Theranos: charismatic leaders who create cultures where questioning authority is punished, transparency is discouraged, and the pursuit of results justifies every means. These leaders often start with good intentions —innovation, performance, growth — but end in disaster because no one dares to tell them “no.” When a CEO, department head, or even a team manager sends the message that rules are flexible for those who produce, that’s the modern equivalent of dining at Olympus. It’s the moment when culture begins to rot from the inside.

Tone from the Top: What Tantalus Forgot

In compliance, we often say “tone from the top” sets the ethical compass of the organization. Tantalus was the top, and his tone was deceitful. Instead of modeling integrity, he modeled arrogance and disrespect. His actions communicated that power excused anything.

Modern organizations are no different. Employees don’t take their ethical cues from the code of conduct on the intranet. They take them from leadership behavior, from what’s rewarded, ignored, or punished.

If Tantalus had shown humility or accountability, his descendants might have inherited a culture of honor. Instead, they inherited corruption, vengeance, and betrayal. It’s no coincidence that every generation of the House of Atreus, including Pelops, Atreus, Thyestes, Agamemnon, Clytemnestra, Orestes, repeats the cycle of wrongdoing and retaliation. The family’s downfall wasn’t fate; it was culture. A toxic tone from the top doesn’t just corrupt a moment; it defines a legacy.

Culture of Consequences: What Happens When Misconduct Goes Unpunished

One of the most striking aspects of the Tantalus myth is how long the effects last. His descendants commit crimes generations later, yet all trace back to his original transgression.

That’s what happens in modern corporations when ethical breaches are not addressed. Once misconduct is tolerated, it becomes precedent. Once precedent hardens, it becomes culture. Think of organizations where sexual harassment was covered up “to protect the company,” or where accounting irregularities were ignored “to meet quarterly targets.” Each decision not to act creates a silent permission structure. And before long, you have what we see in so many enforcement cases: a pattern of misconduct spanning years, sometimes decades.

Tantalus’ punishment, forever reaching but never attaining satisfaction, mirrors what happens in these companies. They chase success endlessly, but integrity is always out of reach because they’ve traded ethics for expedience. A culture of consequences, by contrast, does the opposite. It makes accountability tangible. It shows employees that integrity is the expectation, not the exception.

The Modern Mirror: When Hubris Meets Compliance Failure

The story of Tantalus echoes across modern boardrooms and compliance case studies. Consider:

  • The FCPA case against Siemens (2008): A culture of “business at any cost” led to systematic bribery across divisions, because leadership prioritized results over integrity.
  • The Wells Fargo scandal: Unrealistic sales goals, driven by executives insulated from consequence, encouraged widespread fraud at the branch level.
  • Theranos: A founder’s belief in her infallibility silenced dissent, distorted reporting, and destroyed trust both internally and externally.

Each of these stories began like Tantalus’ dinner with one decision to deceive, rationalized as necessary, even brilliant. Each became a legend of ethical collapse.

The compliance lesson is simple: arrogance without accountability creates catastrophe.

Rebuilding What is Broken: Lessons from Tantalus’ Fall

So how do we avoid the curse of Tantalus in modern organizations? Three principles stand out:

1. Make Ethics the Core of Leadership Identity

Ethical leadership isn’t a function of compliance checklists. It’s the lived demonstration of integrity. Leaders must see compliance not as a constraint but as an enabler of trust and sustainability. When executives model ethical decision-making, it cascades downward.

Compliance Lesson: Integrate ethical leadership into performance reviews and succession planning. Reward transparency as much as performance.

2. Institutionalize Accountability

Accountability must be structured, not situational. That means ensuring robust internal investigations, consistent discipline, and a compliance function with real independence. The moment compliance must “ask permission” to act, the organization has lost its compass.

Compliance Lesson: Empower compliance officers with direct access to the board and audit committee. Build transparency into reporting lines.

3. Preserve Psychological Safety

Tantalus’ court, like many modern workplaces, thrived on fear. When employees can’t question leaders or raise concerns, misconduct flourishes. Psychological safety is the soil in which ethical cultures grow.

Compliance Lesson: Implement anonymous reporting, protect whistleblowers, and make public examples of non-retaliation.

Breaking the Curse: The Compliance Evangelist’s View

The curse of Tantalus was not divine punishment; instead, it was a predictable outcome of leadership failure. Every compliance professional knows that culture is destiny. If leaders are deceitful, employees will be cynical. If leaders are accountable, employees will be engaged.

Tantalus’ name survives as a warning to those who confuse privilege with power, and authority with exemption. His eternal hunger reflects what happens when organizations try to feed success on a diet of deception; they are never satisfied because trust, once lost, cannot nourish growth.

The modern compliance officer stands at the intersection of myth and management, tasked with ensuring that our organizations don’t repeat Tantalus’ mistake. We cannot test the gods of regulation or ethics without consequence. Instead, we must build cultures where doing right isn’t exceptional; it is expected.

Because in the end, every compliance program has a mythic choice: become Olympus or become Tantalus.

Join us tomorrow for Part 2 — Pelops and Myrtilus: Corruption in the Bidding Process. We will explore how bribery, betrayal, and broken promises tainted Pelops’ victory and what it teaches us about third-party risk and ethical procurement.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – AI Powered Internal Controls

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we consider issues around internal controls in a best practices compliance program. Today, we consider how you can leverage AI to enhance your AI control framework.

For more on this topic, check out The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Popcorn and Compliance

Popcorn and Compliance: Episode 3 – Compliance in the Full Moonlight: Lessons from The Wolf Man

Welcome to a special series of Popcorn and Compliance. In this series, we will be looking at the Classic Universal Monster Movies from the 30s and 40s and mining them for compliance lessons. (Yes, it really is an excuse to rewatch them all.) In this series, we will look at Frankenstein, Dracula, The Wolf Man, The Mummy, and end with The Invisible Man. In this episode, Tom explores critical compliance insights drawn from Lon Chaney Jr.’s portrayal of The Wolf Man.

In this episode, we take a deep dive into my favorite Classic Universal Monster, The Wolf Man, to unpack five critical lessons, including the danger of ignoring warnings, the importance of timely intervention, and the challenges of recognizing risks in ordinary people under extraordinary circumstances. Listeners are encouraged to consider how these timeless themes apply to modern corporate compliance, emphasizing proactive measures to prevent potential catastrophes. Join Tom, along with AI hosts Fiona and Timothy, for a surprisingly relevant exploration of compliance through the eerie lens of Hollywood’s iconic monster movies.

Key highlights:

The Relevance of the Wolf Man to Modern Compliance

  • Lesson 1: Ordinary People Can Become Compliance Risks
  • Lesson 2: Warnings Ignored Become Disasters Realized
  • Lesson 3: The Curse of Silence and Stigma
  • Lesson 4: Risk is Cyclical and Predictable
  • Lesson 5: Tragedy Comes from a Lack of Intervention

Resources:

Compliance Lessons from Lon Chaney Jr.’s The Wolf Man on the FCPA Compliance and Ethics Blog

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Compliance Lessons from the Lon Chaney Jr.’s The Wolf Man

As many of my readers know, I am a huge fan of the Classic Universal Picture Movie Monsters, focusing on the period from 1931 to the mid-1950s. In October, I traditionally use our Halloween-ending month to explore the Classic Universal Movie Monsters, along with other films from the Hammer Studio, those produced by Val Lewton, and those starring Vincent Price.  This year, I wanted to go back to basics by looking at the Classic Universal Movie Monsters, starting with Dracula and Frankenstein in 1931, followed by The Invisible Man in 1933, The Mummy in 1936, and ending with The Wolf Man in 1940.

Over the five Fridays in October, I will examine each of these movies through the lens of compliance and extract compliance lessons from each one. Today, I continue with perhaps the most psychologically complicated of the top 5: the Classic Universal Movie Monster Lon Chaney Jr.’s version of The Wolf Man. If you want to take a deeper dive into this movie in the podcast format, check out the special series on Popcorn and Compliance, hosted by my friends Fiona and Timothy. These podcasts will be posted alongside the blog post each Friday during October.

When Lon Chaney Jr. first appeared on screen as Larry Talbot in The Wolf Man (1941), audiences were introduced to one of the most enduring monsters in cinema. Unlike Frankenstein’s creation or Lugosi’s Dracula, Chaney’s Wolf Man was not entirely “other.” He was human, a son returning home, trying to reconnect with family, and falling victim to forces beyond his control. His torment was that he transformed into a monster against his will, unable to control the destruction he unleashed.

For compliance professionals, The Wolf Man offers some striking lessons. Chaney’s performance shows how good people can end up in bad situations, how organizations ignore warning signs at their peril, and how systems must be designed not only to catch intentional wrongdoing but also to address risks that emerge when ordinary individuals are put under pressure.

We continue our exploration of Classic Universal Monster Movies by considering five compliance lessons from Lon Chaney Jr.’s The Wolf Man.

1. Ordinary People Can Become Compliance Risks

Larry Talbot begins as an essentially decent man. He returns to his family estate, reconciles with his father, and awkwardly woos the local shopkeeper’s daughter. There is nothing inherently villainous about him. But after being bitten, he becomes something he cannot control. By moonlight, he turns into the Wolf Man and wreaks havoc. This duality mirrors what compliance professionals often see. Not every compliance violation comes from a “bad actor.” Sometimes it comes from ordinary employees under extraordinary circumstances: pressure, opportunity, or rationalization (the famous “fraud triangle”). Even good employees can become risks if they are put in the wrong situation without proper safeguards.

Compliance takeaway: Programs must be designed to account for human weakness. Training should emphasize not only rules but also ethical decision-making. Monitoring should not assume intent but look for patterns of behavior that may indicate an employee is slipping into risk. Like Larry Talbot, sometimes risk comes from within.

2. Warnings Ignored Become Disasters Realized

Throughout the film, there are clear warnings. Locals whisper about werewolves. An old Romani woman (played by great character actor Maria Ouspenskaya) gives a direct warning: “Even a man who is pure in heart and says his prayers by night, may become a wolf when the wolfsbane blooms and the autumn moon is bright.” But these warnings are dismissed as folklore, superstition, or exaggeration.

This is a common compliance failure: ignoring red flags. Whether it is a whistleblower report, suspicious payments, or unusual accounting entries, companies often rationalize risks away until they become unavoidable crises. Regulators such as the DOJ have repeatedly emphasized that ignoring warning signs is tantamount to negligence.

Compliance takeaway: Listen to the warnings. Investigate whistleblower reports promptly, document your findings, and act on them. A culture that treats red flags as noise will end up in crisis. As in The Wolf Man, the warnings were there. The failure was in dismissing them.

3. The Curse of Silence and Stigma

One of the most tragic elements of The Wolf Man is Larry Talbot’s isolation. He tries to tell others about what is happening to him, but he is met with disbelief, ridicule, or silence. The stigma of his transformation keeps him from getting the help he needs.

This resonates powerfully with the experience of corporate whistleblowers. Too often, employees who raise concerns are ignored, marginalized, or retaliated against. The result is silence, and silence allows misconduct to thrive. In its 2024 Evaluation of Corporate Compliance Programs (2024 ECCP), the DOJ emphasized the need to encourage reporting, keep whistleblowers informed, and protect them from retaliation.

Compliance takeaway: Break the curse of silence. Companies must foster cultures where employees feel safe raising concerns. Reporting channels must be confidential, retaliation must be prohibited, and whistleblowers should be treated as allies, not threats. Without breaking the stigma, organizations risk letting problems grow in the shadows.

4. Risk Is Cyclical and Predictable

Larry Talbot’s transformations follow a cycle; the full moon triggers his change into the Wolf Man. The risk is not random; it is predictable. Once you understand the pattern, you can anticipate the danger. This is precisely how compliance professionals must view risk. Corruption, fraud, and misconduct often follow cycles such as end-of-quarter pressure, market entry into high-risk jurisdictions, merger and acquisition activity, or supply chain disruptions. These moments are “full moons” in corporate life, where risks spike and vulnerabilities appear.

Compliance takeaway: Compliance must not only react but anticipate. Use data analytics and risk assessments to map the cycles of risk within your organization. Build monitoring around predictable pressure points. Just as villagers could expect when the Wolf Man would appear, compliance officers must anticipate when and where misconduct risks are most likely to emerge.

5. Tragedy Comes from Lack of Intervention

The story of The Wolf Man is, at its heart, a tragedy. Larry Talbot’s father refuses to believe him. Authorities dismiss his pleas. Friends ignore his warnings. No one intervenes until it is too late. By the end, Larry is destroyed, both man and monster, undone by neglect. The same pattern appears in many corporate scandals. Think of Wells Fargo’s sales practices scandal, Volkswagen’s emissions testing fraud, or recent FCPA enforcement actions. In nearly every case, someone knew. Red flags were visible. But intervention never came, whether out of fear, complacency, or willful blindness.

Compliance takeaway: Timely intervention is the difference between a near miss and a full-blown scandal. Compliance officers must have authority, resources, and independence to intervene early. Boards and executives must empower compliance not only to identify risk but also to act upon it. Without intervention, tragedy is inevitable.

Conclusion: The Wolf Man as a Compliance Parable

What makes Lon Chaney Jr.’s The Wolf Man so enduring is his humanity. He is not a monster by choice, but by circumstance. He represents the vulnerability of all people—how, under the wrong pressures, even the best of us can cross into dangerous territory. For compliance professionals, the lesson is not to hunt down “bad apples” alone, but to design systems that recognize, support, and mitigate human weakness before it becomes destructive.

As compliance officers, our role is to act before the full moon rises. We must listen to warnings, protect whistleblowers, anticipate risk cycles, and intervene decisively. Lon Chaney Jr.’s The Wolf Man is more than a gothic tragedy; rather, it is a case study in compliance failure.

The DOJ and SEC may not speak in the language of werewolves and curses, but their message is the same: prevent risk before it transforms into something uncontrollable. Because once the transformation occurs, once the Wolf Man is loose, no compliance officer can undo the damage already done.

Join us next Friday as we consider The Mummy.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Design Centric Internal Controls

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

This week, we consider issues around internal controls in a best practices compliance program. Today, we consider how design-centric internal controls can lay the foundation for an effective compliance program.

For more on this topic, check out The Compliance Handbook: A Guide to Operationalizing Your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Blog

Compliance Under Pressure: Why Preventing Burnout Is a Governance Imperative

In a recent article in the MIT Sloan Management Review, author Brian Elliot says that we are living in what he calls The Burnout Age. Across industries and professions, exhaustion has become the new normal, and compliance is no exception. Recent studies show that over half of full-time U.S. employees report feeling burned out. In technology and professional services, that number climbs to over 80%. Even more telling: those who use AI tools most actively, the supposed productivity saviors, report the highest burnout levels of all.

For compliance officers, the parallels are unmistakable. You are being asked to “do more with less,” often without the resources, recognition, or rest needed to sustain that effort. You carry the responsibility of protecting your organization’s integrity, culture, and reputation, yet few roles face such unrelenting scrutiny and moral load. But here is the hard truth: burnout in compliance is not a problem solved by time off or a meditation app. It is a deeper challenge of structure, self-management, and purpose.

The author cites organizational psychologist Nick Petrie’s research, and I believe it applies directly to those of us in the compliance field. Drawing on his findings, I want to highlight three key ways compliance professionals can stop burnout before it stops them.

1. Balance “Perform Mode” and “Grow Mode”

Petrie’s research divides our work lives into two operating modes:

  • Perform mode — when we execute the skills we already know.
  • Grow mode — when we develop new capabilities and stretch into new territory.

Across thousands of professionals, he found the average split was 61% perform, 39% grow. But for high performers, including compliance officers, that ratio often becomes dangerously unbalanced. We overperform and undergrow. Compliance leaders tend to live in constant perform mode: reviewing investigations, updating policies, answering board queries, responding to regulators, or managing crises. Each task reinforces mastery, but rarely renewal. It is efficient, even satisfying, until it becomes a trap.

Here’s the danger: when you live too long in perform mode, you do not simply stagnate, you regress. Doctors, teachers, and yes, compliance professionals actually risk getting worse at their jobs over time because they stop learning, questioning, and refreshing their mental models.

To combat that, compliance professionals must build “grow mode” into their daily and strategic rhythm. That might mean:

  • Taking on projects that stretch your knowledge, such as AI governance, behavioral ethics, or cross-cultural compliance training.
  • Seeking rotation into a business unit to see risk and culture from the inside.
  • Joining a cross-functional ethics task force to collaborate differently.

Growth does not require leaving your role; it requires reframing it. Ask yourself regularly: What am I learning right now that will make me a better compliance leader a year from today?

Organizations that succeed in retaining compliance talent deliberately carve out “grow time” offering rotational opportunities, innovation labs, or even temporary secondments. If your company doesn’t provide them, advocate for them. Growth is not simply indulgence; it should be seen as sustainability.

2. Recognize Your Early Warning Signs

Compliance officers are masters of risk assessment, except, too often, when it comes to themselves. In Petrie’s work, high performers who experienced full burnout later said the signs had been “obvious in hindsight.” They just ignored them until it was too late. Compliance professionals are particularly vulnerable because of the role’s constant vigilance. You are expected to monitor everything from employee misconduct to third-party risk, but you cannot monitor your own well-being if you have normalized exhaustion.

Start with awareness. What are your personal leading indicators of burnout? For some, it is emotional: irritability, cynicism, or detachment. For others, it is behavioral: working weekends “just to catch up” or skipping lunch to squeeze in one more due diligence review. And for many, it is physical: poor sleep, headaches, fatigue that coffee cannot fix.

As Petrie put it, “I didn’t know what mine were, so I asked people close to me.” That’s a brilliant exercise for compliance leaders. Ask your peers, your partner, or even your team: What do you notice about me when I’m running on fumes?

Once you know your signs, the next step is to develop your recovery playbook. Call them your “if-thens”:

  • If I start working weekends, then I will block off an afternoon for reflection.
  • If I catch myself being short with colleagues, then I will step away from email for an hour.
  • If I’m consistently skipping exercise or hobbies, then I will schedule one small activity that re-energizes me.

For compliance officers, reflection is not a luxury. It is part of governance. You cannot sustain integrity in the organization if you are losing integrity with yourself. Recognizing and acting on those signals early is not selfish; rather, it is leadership.

3. Build Habits That Sustain, Not Deplete

Burnout does not happen overnight. It is the accumulation of small compromises: skipped meals, unchecked emails, endless meetings, and the belief that “just a little more effort” will fix everything. Compliance leaders know this pattern intimately because many of us built our reputations on it. We were the ones who said yes to every request, answered every hotline report, and took pride in responsiveness. That dedication made us successful, many of us in our 20s. But as Petrie notes, the habits that make you successful early in your career can burn you out later in it. To stop burnout, compliance professionals must build boundaries and rituals that protect their energy.

Here are three powerful habits to practice:

1. Reclaim Your Deep Work

Carve out time for deep focus; drafting a major policy overhaul, analyzing trends in internal reporting, or preparing a thoughtful presentation for the audit committee without interruptions. Turn off notifications. Close the compliance portal for a set block of time. Protecting your focus is protecting your value.

2. Create Transition Rituals

Between work and home, you need a deliberate “reattachment” moment, something that signals your brain that compliance mode is over. For some, it’s a walk, a podcast, or cooking dinner. For others, it’s journaling or a quiet drive. Do not dismiss it as small; transitions are the psychological bridge between productivity and peace.

3. Embrace Your “Opposite World”

Petrie calls this finding your “opposite world,” an activity that engages completely different parts of your mind and body. One tech executive told him, Argentinian tango saved my career.” For compliance officers, that could be cycling, painting, gardening, or volunteering. The goal is not distraction but rather renewal. When you activate different dimensions of your identity, you restore the emotional elasticity that burnout erodes. Finally, permit yourself to do less. That is not weakness, it is wisdom. As your career grows, the work will always outsize the hours. The key is to redefine success: it is not about getting everything done, but about doing what matters well.

Burnout Is a Governance Issue

It is tempting to see burnout as a personal issue, but for compliance leaders, it is also a governance risk. A burned-out compliance officer makes slower decisions, misses subtle patterns, and loses moral clarity. Fatigue is a threat to judgment, and in our field, judgment is everything. The Department of Justice’s 2024 Evaluation of Corporate Compliance Programs emphasizes continuous improvement and culture, but both rely on a compliance function that is psychologically and physically sustainable. The same applies to the board. When compliance fatigue spreads across leadership, the organization loses not just energy, but ethics.

That is why compliance leaders should view burnout prevention as part of their risk mitigation strategy. Incorporate it into team norms. Encourage “grow mode” through professional development. Recognize warning signs openly. And most importantly, lead by example, demonstrating that resilience and integrity are inseparable.

The Final Word: Bouncing Forward, Not Back

Nick Petrie calls the result of overcoming burnout “post-traumatic growth.” People who recover don’t return to where they were; they move beyond it. For compliance professionals, that’s the real opportunity of The Burnout Age. To emerge not as exhausted enforcers, but as energized leaders. To model balance, humanity, and perspective in a profession that often forgets to pause.

And always remember, the healthiest compliance programs begin with the healthiest compliance officers.