Tag: compliance

Categories
Innovation in Compliance

Innovation in Compliance – Paul Trulove on The Future of Authentication: Password Less and Secure

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Paul Trulove, CEO at SecureAuth.

Paul Trulove is a seasoned cybersecurity expert with a strong background in identity management, currently serving as the CEO of Secure Auth. With 15 years of experience in the field, Trulove is a strong advocate for the evolution towards password-less authentication in cybersecurity. He sees a shift away from traditional username and password authentication towards more secure and user-friendly methods that leverage device-level capabilities and biometrics. Trulove emphasizes the importance of organizations embracing and funding these changes and the need for collaboration across different industries to ensure a comprehensive and secure authentication framework. Join Tom Fox and Paul Trulove on this episode of the Innovation in Compliance podcast to delve deeper into this fascinating topic

Key Highlights:

  • Secure Auth: Making Authentication Secure and User-Friendly
  • The Evolution Towards Password-Less Authentication
  • Identity-Driven Zero-Trust Cybersecurity Approach
  • The Rise of Password-Less Authentication Technology
  • The Evolution of Authentication and Access Management

 Resources:

Paul Trulove on LinkedIn

SecureAuth

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance and AI

Compliance and AI: Jag Lamba – Certa’s AI Tools for Streamlining Procurement and Compliance Processes

What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These questions are but three of the many questions we will explore in this exciting new podcast series, Compliance and AI. Hosted by Tom Fox, the award-winning Voice of Compliance, this podcast will look at how AI will impact compliance programs into the next decade and beyond. If you want to find out why the future is now, join Tom Fox on this journey to the frontiers of AI. Today, Tom hosts Jag Lamba, founder and CEO of Certa, on their new AI-based tool, Design AI.

In today’s rapidly evolving business landscape, organizations are constantly seeking ways to enhance efficiency and agility in their procurement and compliance processes. The emergence of artificial intelligence (AI) has provided new opportunities to streamline these operations and respond effectively to supply chain disruptions and compliance requirements. Certa, a leading provider of AI-powered solutions, has developed innovative tools that aim to address these challenges and revolutionize the way organizations manage their procurement and compliance functions.

One of Certa’s flagship AI tools is Design AI, which allows customers to design and edit workflows and integrations using natural language. This eliminates the need for technical expertise, making it easier for organizations to create and digitize new workflows or modify existing ones. With Design AI, customers can simply express their requirements in plain English, and Certa’s AI technology will generate the necessary questionnaires, workflows, and integrations based on their specific needs. This empowers organizations to quickly adapt and optimize their processes, ensuring they remain agile in the face of dynamic procurement and compliance landscapes.

Resources:

Jag Lamba on LinkedIn

Certa

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program Through Data Analytics: Day 14 – Continuous Converged Compliance

How can you integrate compliance, risk management, and your security framework? Igor Volovich, Vice President, Compliance Strategy at Qmulos, introduced the innovative concept to this discussion: Converged Continuous Compliance. This approach aims to reunite compliance, security, and risk management, which have historically operated independently.

One of the key requirements impacting this new approach is the need to bridge the gap between these functions from both a data and human perspective. These concepts serve as a translator, helping organizations navigate the complex landscape of compliance, security, and risk management. By speaking the language of these three functions, Converged Continuous Compliance brings them together and facilitates collaboration.

Corporate compliance needs to promote new approaches to compliance and risk management by challenging misconceptions, reuniting compliance, security, and risk management, emphasizing data governance oversight, and advocating for automation. These approaches aim to enhance efficiency, increase trust in compliance reports, and ultimately drive a greater return on investment. As organizations navigate the ever-evolving landscape of compliance, it is crucial to consider the impact of new approaches and strike a balance between different factors to achieve effective compliance and risk management.

Three key takeaways:

  1. The DOJ has stated that a chief compliance officer and a corporate compliance function must have visibility across all data sets in an organization. Converged Continuous Compliance aligns with this message.
  2. The bottom line is that we have accepted certain models of how compliance is done, what compliance means, what it delivers to the enterprise, and what it fails to deliver to the enterprise.
  3. It is crucial to consider the impact of new approaches and strike a balance between different factors to achieve effective compliance and risk management.

For more information on KonaAI, click here.

Categories
Compliance Into the Weeds

Compliance Into The Weeds: Congress Fills a Gap – FEPA

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt take a deep dive into the Foreign Extortion Prevention Act (FEPA), a groundbreaking law that aims to combat corruption by criminalizing foreign government officials who solicit or accept bribes from US entities.

This law complements the Foreign Corrupt Practices Act (FCPA), which penalizes companies for offering bribes, and introduces new challenges and implications for anti-corruption measures. Tom views FEPA as a long-overdue measure that fills a gap in anti-corruption efforts. He agrees with Matt emphasizes that FEPA addresses a long-standing concern of anti-corruption advocates. Both Fox and Kelly anticipate further guidance from the Department of Justice on how this new law will interact with existing measures under the FCPA. Join Tom Fox and Matt Kelly as they delve deeper into this topic in the latest episode of the Compliance into the Weeds podcast.

 

Key Highlights:

  • Combating Foreign Corruption: FIFA’s Powerful Impact
  • Implications of FIFA Cooperation on FCPA Prosecution
  • Extradition Challenges in FIFA Corruption Cases
  • The Impact of the Name and Shame List

Resources:

Matt Kelly on LinkedIn

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Congress Fills a Corruption Hole: The Foreign Extortion Prevention Act (FEPA)

The compliance community has long recognized the gaping hole in the Foreign Corrupt Practices Act (FCPA). As a supply side law, it criminalizes the payment of bribes, not the demand to pay a bribe or extortion. The gap was recently filled by the Foreign Extortion Prevention Act (FEPA) which extended crucial protections to Americans working abroad and provides the Department of Justice (DOJ) with a potent new tool. By criminalizing both the giving and demanding of foreign bribes, FEPA seeks to level the playing field for American workers while fostering ethical business practices globally. FEPA represents a promising solution to protect Americans working overseas, promote fair business competition, and combat corruption on a global scale. With its potential to bring about meaningful change, FEPA is a vital step in safeguarding American values and interests in the international arena. Sam Rubenfeld, cited to Scott Greytak, the director of advocacy for Transparency International US, for the following, “FEPA is a landmark, bipartisan law that holds the potential to help root out foreign corruption at its source. It is arguably the most sweeping and consequential foreign bribery law in nearly half a century.”

This legislation fills a significant gap in anti-corruption measures and raises important questions about its implications for the enforcement of the Foreign Corrupt Practices Act (FCPA) and the cooperation expected from companies involved in bribery schemes. FEPA, part of the National Defense Authorization Act (NDAA), addresses a long-standing concern among anti-corruption advocates. While the FCPA has been effective in penalizing US companies for offering bribes to foreign officials, there has been a lack of legal mechanisms to hold foreign government officials accountable for accepting these bribes. FEPA now provides prosecutors with the means to pursue such officials.

One of the key aspects of FEPA is that it criminalizes the solicitation or acceptance of bribes by foreign government officials from US entities. This complements the FCPA, which focuses on the offering of bribes by US companies. By targeting both sides of the bribery equation, FEPA aims to create a more comprehensive and effective framework for combating corruption.

However, the implementation of FEPA is not without its challenges. One of the main challenges is the extradition of foreign officials for prosecution, particularly from countries like Russia or China. Extradition processes can be complex and time-consuming, and cooperation from foreign governments may not always be forthcoming. This poses a significant hurdle in holding foreign officials accountable under FEPA.

Another notable feature of FEPA is the introduction of a “name and shame” list. This list is intended to publicly identify, and shame foreign government officials involved in bribery schemes. While this may serve as a deterrent, it could also have unintended consequences. For instance, it may impact Transparency International’s corruption perception indexes, potentially affecting the rankings of countries and their relations with the US. Additionally, it could have implications for US companies operating in those countries, potentially straining foreign relations.

The passage of FEPA raises important considerations for compliance officers and companies. They need to assess how this new law may impact their existing controls and policies. The arrival of FEPA as a tool to combat corruption is undoubtedly a positive development. However, it is crucial to carefully evaluate the potential implications for FCPA prosecutions and the cooperation expected from companies involved in bribery cases.

Compliance officers should also consider the potential changes in the calculus for prosecutors. With FEPA in place, prosecutors may now have the legal means to pursue foreign government officials complicit in bribery schemes. This raises questions about the extent to which companies will be required to assist the DOJ in pursuing FEPA cases alongside FCPA cases. Companies may need to provide testimony and cooperate in the prosecution of foreign officials, potentially impacting the resolution of FCPA violations.

Looking ahead, it is essential for the DOJ to provide clarity on how FEPA will be utilized and what expectations companies should have when caught up in FEPA-related investigations. Transparency and guidance from the Department of Justice will help companies navigate the potential challenges and ensure compliance with the law.

The bottom line is that FEPA represents a significant step in the fight against corruption. By criminalizing the solicitation or acceptance of bribes by foreign government officials from US entities, FEPA fills a crucial gap in anti-corruption measures. However, challenges remain in extraditing foreign officials for prosecution and managing the potential consequences of the “name and shame” list. Compliance officers and companies must carefully consider the implications of FEPA on their operations and update their controls and policies accordingly. With proper guidance and cooperation, FEPA can be a powerful tool in combating corruption and promoting ethical business practices.

Penalties under FEPA include (from Transparency International)

  1. Expanding Legal Protections: FEPA amendment U.S. bribery law (18 U.S.C. § 201) to make it illegal for foreign officials to corruptly demand, seek, receive, or accept bribes under two crucial circumstances:
  • From U.S. individuals or companies.
  • From any person while within the United States, in connection with obtaining or retaining business.
  1. Stringent Penalties: Those found guilty of violating FEPA could face severe consequences, including:
  • Criminal fines of up to $250,000 or three times the value of the bribe, whichever is greater.
  • Prison sentences of up to 15 years.
  1. Transparency and Accountability: FEPA introduces a vital accountability mechanism by requiring the DOJ to publish an annual report. It will include the following:
  • It examines the scale and nature of foreign bribe demands against American companies, shedding light on the extent of the issue.
  • It evaluates the effectiveness of U.S. diplomatic efforts aimed at safeguarding American businesses from foreign bribe demands.
  • It assesses the efforts of foreign governments to prosecute individuals involved in corrupt practices against American interests.

Matt Kelly and I take a deep dive into FEPA on this week’s Compliance into the Weeds. To listen, click here.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program Through Data Analytics: Day 13 – Data Management Automation

Data automation not only streamlines the compliance process but also provides transparency and visibility into the decision-making process. There is a clear importance to connecting people, data, process systems, and tools in one place. This eliminates the need for compliance officers to navigate multiple systems and tools, allowing them to focus on risk-based due diligence. By having a clear understanding of the decision tree and the ability to adjust the automation process, organizations can trust the automation while maintaining control and oversight.

The importance of automation for data analysis in compliance programs cannot be overstated. Organizations need to have visibility into their data at their fingertips to ensure regulatory compliance and mitigate risks. Automation streamlines the compliance process, provides transparency, and allows for adaptability in the face of evolving regulations and risks. By leveraging data analysis, organizations can identify deviations, improve cycle times, enhance training effectiveness, and make informed decisions. Board-level involvement is crucial in overseeing the automation and data analysis process, recognizing its strategic value, and ensuring its effective implementation. With the advent of AI and intelligent approaches, organizations that do not embrace automation and data analysis may suffer in the long run. Trust but verify, and always prioritize visibility and transparency in compliance programs.

Three key takeaways:

  1. Automation not only streamlines the compliance process but also provides transparency and visibility into the decision-making process.
  2. There is a need for board-level involvement in overseeing the automation and data analysis processes.
  3. Through analyzing deviations from the expected path, compliance officers can identify areas that require additional process controls or adjustments.

Check out KonaAI here.

Categories
Innovation in Compliance

Innovation in Compliance – Mohamed Lazzouni on The Role of Biometrics in Data Management and Compliance

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. My guest in this episode is Mohamed Lazzouni, Chief Technology Officer at AWARE.

Mohamed Lazzouni, a distinguished individual with a robust background in physics and solid-state physics, currently serves as the Chief Technology Officer at Aware. Lazzouni firmly believes in the potential of behavioral biometrics to enhance security and compliance, particularly in the financial services industry. He asserts that biometrics can be used to verify customer identities during online transactions, thereby eliminating the need for physical visits to a branch. Furthermore, he sees the analysis of biometric data such as face recognition, voice prints, and fingerprints to ensure the registered identity of a customer is trustworthy. Lazzouni also highlights the role of biometrics in data management and compliance, ensuring that personally identifiable information is collected, stored, and managed securely and in compliance with relevant laws and regulations. He is particularly excited about the potential of behavioral biometrics, such as unique gestures and interactions with devices, to further enhance security and provide new opportunities for businesses and individuals. Join Tom Fox and Mohamed Lazzouni on this episode of Innovation in Compliance to delve deeper into this fascinating topic.

Key Highlights:

  • Exploring Nature at a Unique Scale
  • Leveraging Unique User Interactions for Security
  • Enhancing Identity Verification with Biometric Technology
  • Biometric Security Solutions for System Integrators
  • Biometric Security Revolution: Face and Voice Recognition

Resources:

Mohamed Lazzouni on LinkedIn

AWARE

 

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Innovation in Compliance

Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond: Part 4 – Yee Chow on Navigating the Current ESG Landscape

Welcome to a special series sponsored by Diligent, where we look down the road at key issues in 2024 and beyond. In this series, I will visit with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. In Part 4, we navigate the current ESG landscape with Yee Chow.

Yee Chow is a seasoned professional in the sustainability space, currently serving as the Director of Solution Engineering and Consulting at Diligent. With over 16 years of experience, Yee has witnessed the evolution of the chief compliance officer’s role in ESG compliance. Yee’s perspective on this evolution is that it has become a significant and integral part of corporate agendas. Previously, ESG was seen as a side topic for companies to gain more credentials and marketing, but in recent years, it has become a significant focus for most corporations globally. This shift has led to changes in the roles of chief compliance officers and internal management, with ESG now being elevated to their level of responsibility and accountability. Yee believes that this shift is necessary and beneficial for companies in the future. Join Tom Fox and Yee Chow on this episode of the Diligent Podcast to delve deeper into this topic.

Key Highlights:

  • Elevated ESG Compliance Leadership: CCO’s Evolving Role
  • Mandatory Reporting on ESG Factors
  • Integrating ESG into Board Meetings and Discussions

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com

Join us tomorrow, where we conclude our series with a review of professional development and mentoring for compliance professionals.

Categories
Innovation in Compliance

Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond: Part 3 – Jessica Czeczuga on the Role of a Board of Directors in Training and Communications

Welcome to a special series sponsored by Diligent, where we look down the road at key issues in 2024 and beyond. In this series, I will visit with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. In Part 3, we review the role of a Board of Directors in compliance training and communications with Jessica Czeczuga.

Jessica Czeczuga is a seasoned corporate training and compliance professional, currently serving as the Principal Instructional Designer at Diligent. Jessica’s perspective on the importance of Board oversight in corporate training and compliance is shaped by her extensive experience and deep understanding of compliance programs. She emphasizes the crucial role of the Board in setting the tone for the organization’s culture, advocating for active communication from the Board about the importance of training to all employees. Jessica also suggests that the Board should be more significant in discussions about your organization’s compliance efforts, ensuring it meets its stated commitments. She views the Board as another group within the organization that requires tailored training and active involvement in promoting a culture of compliance. Join Tom Fox and Jessica Czeczuga as they delve deeper into this topic.

Key Highlights:

  • Driving Compliance and Training Messaging
  • Fostering Alignment Through Board Involvement
  • Assessing the Impact of Multinational Training

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com

Join us tomorrow as we consider navigating the current ESG landscape.

Categories
Great Women in Compliance

Great Women in Compliance – Lisa Beth Lentini Walker on Compliance Career Connections

Welcome to the Great Women in Compliance Podcast. Today Lisa Fine visits with Lisa Beth Lentini Walker on her career in compliance and how compliance career connections can help one’s journey in compliance.

Lisa Beth Lentini Walker is a renowned figure in the ethics and compliance field, currently serving as the Associate General Counsel, Corporate Legal and Assistant Secretary at Marqeta, and the CEO and founder of Lumen Worldwide Endeavors. With a rich background as a securities lawyer and a Chief Compliance Officer, Lisa Beth has a unique perspective on ethics and compliance. She believes in the power of values and intentions in shaping one’s professional journey and emphasizes the importance of networking and connections in the compliance industry. Her philosophy revolves around putting values into action and helping organizations align their actions with their ethical principles. She has made a significant impact in the field through her work and the Compliance Career Connection, a platform she started to support and connect professionals in the field. Join Lisa Fine and Lisa Beth Lentini Walker on this episode of the Great Women in Compliance podcast to learn more about her insights and experiences.

Key Highlights:

  • Lisa Beth’s Impact on Ethics and Compliance
  • Lisa Beth’s Journey in Ethics and Compliance
  • Embracing Pauses for Personal Growth and Success
  • Aligning Choices with Core Values and Goals
  • Designing a Fulfilling Life Through Reflection

Resources:

Join the Great Women in Compliance community on LinkedIn here.