Tag: compliance

Categories
Great Women in Compliance

Great Women in Compliance – Karolina Aleksandrova on Compliance in Eastern Europe and Ukraine

We know Great Women in Compliance are usually superheroes, but this woman takes it to another level. Karolina Aleksandrova is the founder of ProMoney, a consultancy based in Ukraine. Before delving into her career path and how she is building an E&C community in Eastern Europe, she gives us a peek into her day-to-day life. She talks about the people’s resilience and how they continue to live their day-to-day lives, whether taking children to school, working, or hearing warnings of bombings.

Lisa and Karolina spoke about how she got into compliance and building the Eastern European community with her conferences. She talks about the region’s unique needs and how the Eastern European community has united at the events and in their networks. They also discuss how #GWICs can support the E&C community, especially women, who can support our peers in Eastern Europe.

We are grateful for Karolina’s insights. This was her first podcast, and she did it in English. Just wow!

We hope you are enjoying the Great Women in Compliance podcast. If you do, please provide a rating or review and feedback regarding what you would like us to do next.

Categories
Blog

What Are Agentic AI Systems, Part 1

We live in an era where artificial intelligence (AI) is no longer just a tool for answering questions or providing recommendations; it has strengthened into a partner capable of acting on our behalf. In a recent article in Bloomberg entitled Using AI Agents Requires a Balance of Trust, Privacy, Compliance, Sabastian Niles, President and Chief Legal Officer of Salesforce, discussed the role of AI agents. Today, we, therefore, enter the world of agentic AI systems. Understanding this new breed of AI is essential for compliance professionals to harness its power responsibly while safeguarding trust, privacy, and compliance. Over this three-part blog series, I will explore what Agentic AI systems are, how they can be used in compliance, and how to use Agentic AI going forward.

Defining Agentic AI Systems

In simple terms, Agentic AI does not simply inform; it acts. For compliance professionals, this opens up many possibilities for automating tasks, improving efficiency, and enhancing decision-making. However, with greater autonomy comes greater responsibility, particularly in ensuring these systems operate ethically and within regulatory boundaries.

Agentic AI systems differ significantly from traditional AI tools like chatbots or standalone large language models. While the latter is primarily reactive, responding to queries or prompts, Agentic AI systems operate with a higher degree of autonomy. These systems can analyze data, adapt to new information, and act within pre-defined parameters without requiring constant human oversight. Some of the key differences include the following.

  1. Autonomy. Unlike traditional AI, which often requires human input to execute tasks, agentic AI can take the initiative within established guidelines.
  2. Adaptability. Agentic AI learns and develops based on new data or changing conditions, making it highly dynamic.
  3. Action-Oriented. These systems can analyze data and decide and execute tasks in real time.

For example, imagine a compliance chatbot that answers employees’ questions about corporate policies. While useful, this chatbot cannot take further steps, such as generating a personalized policy report or flagging potential compliance risks. On the other hand, an Agentic AI system could handle these additional tasks autonomously, freeing compliance teams to focus on more strategic priorities.

Agentic AI in Action for Compliance

What does agentic AI mean for the compliance function? Essentially, it represents an opportunity to reimagine how compliance teams operate, enabling them to do more with less. Here are a few ways agentic AI systems can be used effectively in corporate compliance.

  1. Automating Repetitive Tasks. Compliance professionals often find themselves bogged down by routine, resource-intensive tasks. Agentic AI can take over many of these responsibilities, such as in policy management automation, by reviewing and updating compliance policies based on regulatory changes. You can provide employee support by responding to frequently asked compliance questions and escalating complex issues to the appropriate team members. You can move it outside your organization by continuously assessing third-party risks and analyzing real-time data, such as media reports or transaction histories.
  2. Enhancing Risk Assessment. Agentic AI systems can analyze vast amounts of data quickly and accurately, making them invaluable for identifying and mitigating risks. They can assist in transaction monitoring by detecting anomalies in financial transactions that may show potential fraud or corruption. You can move to more proactive risk screening by monitoring news and regulatory updates to identify emerging risks that could impact the organization. Most excitingly, they can provide predictive analytics. They could allow you to expect compliance challenges based on historical trends and current data.
  3. Supporting Decision-Making. With their ability to analyze complex data and generate actionable insights, agentic AI systems can help compliance teams make better-informed decisions. This can include scenario planning and forecasting by modeling the impact of potential regulatory changes on the organization. As the Department of Justice reminded us in the 2024 Update to the Evaluation of Corporate Compliance Programs (2024 Update), you can move to true data-driven recommendations to provide documented guidance on addressing identified risks or improving compliance processes. Finally, in the never-ending battle for resource allocation, Agentic AI can identify areas where compliance efforts should be prioritized for maximum impact.

The Risks and Responsibilities of Agentic AI

While the benefits of agentic AI are clear, compliance professionals must approach its adoption cautiously. The autonomy of these systems introduces new risks. First and foremost is data integrity and Garbage In, Garbage Out (GIGO), which tells us that AI systems are only as good as the data they process. The system’s outputs could be flawed if the data is incomplete, biased, or outdated. Accountability and transparency are critical, as the question will be asked, “When AI systems make decisions or take actions, who is ultimately responsible?” Compliance teams must establish clear guidelines to ensure accountability and transparency. Finally, there are the ethical concerns involved. The ability of agentic AI to act autonomously raises questions about transparency, fairness, and privacy. These concerns must be addressed through robust governance and ethical guidelines.

Why Compliance Professionals Should Care

Agentic AI systems are not just another tech innovation—they are a significant change that will shape the future of compliance. By understanding these systems, compliance professionals can position themselves as strategic enablers, helping their organizations harness the power of AI responsibly. Compliance teams are uniquely positioned to ensure that AI systems operate transparently and ethically, fostering stakeholder trust.

As AI-specific regulations emerge, compliance professionals will play a critical role in ensuring adherence to new legal standards, as echoed in the 2024 Update.

By integrating agentic AI into their workflows, compliance teams can improve efficiency, reduce costs, and drive profitability in the company. It will certainly demonstrate an increased ROI for compliance.

The Path Forward

The rise of agentic AI systems represents a transformative opportunity for compliance professionals, but only if implemented thoughtfully and responsibly. By embracing this technology, compliance teams can move from being seen as cost centers to becoming innovation partners, driving compliance and business success.

The key is striking the right balance: leveraging the autonomy of agentic AI to achieve efficiencies while maintaining the trust, privacy, and ethical standards foundational to compliance. As compliance professionals, we can lead this transformation, ensuring that agentic AI serves as a tool for good, not a source of risk. The bottom line is that the future of compliance is not simply about saying no to innovation; it is about guiding it responsibly. Let Agentic AI be your ally in this journey.

Join us tomorrow in Part 2, to discuss how to use Agentic AI systems.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 28 – The Importance of Data Governance

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 28, we look into the crucial importance of data governance in compliance and cybersecurity. As data generation increases, businesses must enhance their efforts in managing, organizing, and preserving data to meet regulatory obligations and ensure accuracy, accessibility, and adherence to legal standards. We discuss the growing trend of converging compliance, data governance, and cyber security and the necessity of breaking down organizational silos for effective collaboration. Business and legal teams rely on well-managed data to make informed decisions, analyze trends, and measure key performance indicators.

The episode also covers the challenges in gaining buy-in from the ELT and the vital process of transforming corporate culture to prioritize data governance and cybersecurity. We touch on the complexities of regional data privacy laws inspired by GDPR and emphasize the importance of understanding specific regulations for compliance. With key takeaways, including the significance of data preservation, the intertwined nature of compliance, data governance, and cybersecurity, and the urgency for organizations to prioritize data governance, this episode is packed with essential insights for compliance professionals.

Key highlights:

  • The Role of Data Governance in Compliance and Cybersecurity
  • Data Governance and ESG
  • Understanding Data Privacy Laws

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Blog

AI and Compliance Training

AI-driven training tools are transforming how organizations deliver compliance programs. By offering personalized, interactive, and role-specific training at scale, AI eliminates many cost and logistical barriers that have historically made tailored training challenging. This evolution improves engagement and reduces compliance risks by equipping employees with relevant, actionable knowledge. Today, I want to explore how AI reshapes compliance training, supplemented with real-world examples of companies leading the charge.

Personalization at Scale

AI analyzes vast amounts of data, an employee’s role, learning history, and performance metrics to create tailored training experiences. This ensures that the content is directly relevant to each employee’s responsibilities. For example, a sales team focusing on international transactions might focus on anti-bribery and corruption rules under the FCPA. A procurement team could receive training on vendor due diligence, export control and sanctions, and conflict-of-interest disclosures. Conversely, a finance staff member might dive into anti-money laundering (AML) and financial controls.

You can integrate AI into your global compliance training programs to tailor content to employees’ roles. Through machine learning, your system can deliver specific modules to individuals, ensuring that high-risk roles receive advanced training while others get streamlined, relevant content. The result will be better alignment between training content and operational realities, boosting engagement and effectiveness.

Just-in-Time Learning

AI enables “just-in-time” learning, delivering content at the precise moment it’s needed. For example, an employee preparing to interact with a foreign government official might receive a refresher module on anti-corruption policies before the meeting. Similarly, an employee about to onboard a vendor might receive training on due diligence best practices. This approach effectively ensures that employees apply their knowledge in real-world scenarios when it matters most. It also minimizes the “forgetting curve” by delivering training in digestible chunks that reinforce memory retention.

This means you can use AI to deliver microlearning modules through your internal compliance training platform. Employees receive targeted reminders about data privacy regulations when working on projects involving personal data, ensuring compliance is seamlessly integrated into daily workflows.

Enhanced Engagement Through Gamification 

AI makes compliance training engaging by incorporating gamified elements like quizzes, leaderboards, and decision-making simulations. These interactive features transform mundane lessons into enjoyable experiences, boosting motivation and retention. Imagine employees participating in a simulated bribery scenario, navigating ethical dilemmas in real time. Such immersive experiences teach policies and foster critical thinking and decision-making skills.

For example, PwC’s Game of Threats™ is a digital game that simulates the speed and complexity of a real-world cyber breach. It is designed to help executives “understand the steps they can take to protect their companies. The game environment creates a realistic experience where both sides, the company and the attacker, are required to make quick, high-impact decisions with minimal information.” You can “coach players through realistic scenarios with different types of threat actors and their preferred methodologies and explain what they can do to better prevent, detect, and respond to an attack.”

Continuous Improvement

AI-powered platforms don’t just deliver training; they learn and adapt. These systems analyze performance metrics, such as quiz scores and engagement rates, to identify areas where employees struggle. Based on this data, the platform refines its content, ensuring that training evolves alongside organizational needs and regulatory changes.

One company implemented AI-driven tools for compliance training that adapt based on user feedback and performance data. If employees consistently fail a particular module, the AI identifies gaps and adjusts the content to address misunderstandings more effectively.

Cost-Effective Solutions for Large Organizations

Scaling traditional training methods across a large global workforce is challenging and expensive. AI simplifies this by automating the customization process, ensuring consistent quality across teams and geographies. It also reduces costs associated with in-person training sessions and printed materials—one large multinational leveraged AI to implement a scalable compliance training platform for its over 150,000 employees. By automating the delivery of role-specific training modules and offering multi-language support, Unilever significantly reduced training costs while maintaining high levels of engagement and effectiveness.

Overcoming Barriers to AI Adoption in Compliance Training

Unfortunately, despite its obvious benefits, some organizations hesitate to adopt AI-driven compliance training due to perceived challenges. Some of these challenges include one or more of the following concerns: The Cost Concern is where the initial investment in AI tools seems way too high. This is even where the long-term savings, through improved training efficiency and reduced compliance risks, far outweigh the upfront expenses. Another concern is around the Technological Complexity. Partnering with experienced vendors or consultants can simplify the implementation process, ensuring seamless integration with existing systems. Finally, there is the ever-present Cultural Resistance. Employees may resist AI-driven training for fear of surveillance or skepticism about its effectiveness. Clear communication about how AI enhances training rather than replacing human oversight can help alleviate these concerns.

The Future of Compliance Training: AI as a Strategic Advantage

AI-driven compliance training is more than just a technological upgrade; it is a strategic advantage that organizations can use in various ways. It can mitigate compliance risks by delivering tailored, engaging, and timely training. AI reduces the likelihood of compliance violations and associated penalties. It can build and foster trust between compliance and your customer base, which is corporate employees. Employees who feel supported with relevant, engaging training are more likely to embrace compliance as part of their workplace culture. Finally, it will allow you to stay ahead of the compliance curve in training and potentially the Department of Justice (DOJ). AI ensures training evolves alongside regulatory changes, keeping organizations proactive rather than reactive.

The message is clear: Investing in AI-driven compliance training is not just about ticking boxes; it is rather about building a resilient, ethical organization that thrives in today’s complex regulatory environment. If your company has not yet embraced the AI revolution in compliance training, now is the time to explore the possibilities. With the right tools and a commitment to meaningful employee engagement, you can transform compliance from a checkbox exercise into a powerful driver of business success.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 27 – The Compliance Function in an Organization

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 27, we explore the growing importance and responsibilities of the compliance function within corporations, emphasizing the need for adequate staffing, resources, and independence. The 2020 FCPA Resource Guide outlines key factors that the DOJ considers indicative of an effective compliance program, including the quality of personnel, authority, compensation, and reporting structure. We delve into the necessity of properly funding compliance initiatives and ensuring the organization empowers and sufficiently supports compliance professionals. The updated Corporate Enforcement Policy emphasizes the prevention of retaliation against compliance investigators and the need for a robust structure supporting the compliance program. We conclude with three key takeaways for enhancing compliance functions: evaluating their treatment in the budget process, ensuring management respects compliance decisions, and considering the implications of outsourced compliance services.

Key highlights:

  • DOJ’s Expectations for Compliance Programs
  • Funding and Resources for Compliance
  • Compliance Program Structure and Authority

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Adventures in Compliance

Adventures in Compliance – Compliance Lessons from ‘The Adventure of the Lion’s Mane’

In this new season of Adventures in Compliance, host Tom Fox takes a deep dive into Arthur Conan Doyle’s Sherlock Holmes collection, The Case-Book of Sherlock Holmes. It is the final set of twelve Sherlock Holmes short stories, first published in the Strand Magazine between October 1921 and April 1927. In this episode, we consider a story more from the Natural World, The Adventure of the Lion’s Mane.

In this episode, Tom dives into ‘The Adventure of the Lion’s Mane,’ a lesser-known Holmes tale set in Holmes’ retirement on Sussex Beach. The story includes a mysterious and agonizing death of a science master, initially suspected to be a murder but revealed to be caused by a lion’s mane jellyfish. This episode draws crucial compliance lessons from the narrative, such as the importance of root cause analysis, adaptability in new roles, vigilance on external risks, methodical investigations, and effective communication.

We show how Sherlockian deduction parallels the skills needed for compliance professionals to address unseen threats, adapt to dynamic environments, and ensure meticulous documentation. Tom encourages compliance officers to emulate Holmes’ analytical rigor to build robust programs tackling unexpected challenges.

Highlights include:

  • Unraveling the Mystery
  • Compliance Lessons from The Adventure of the Lion’s Mane
  • Holmes’ Investigative Techniques
  • Understanding External Risks
  • Effective Investigation Strategies
  • The Importance of Communication

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Unseen Threats and Deduction: Compliance Lessons from The Adventure of the Lion’s Mane

Sherlock Holmes, the master of deduction, seldom worked without Dr. Watson. Yet in The Adventure of the Lion’s Mane, Holmes takes center stage in a quiet coastal town, solving a case that presents no apparent suspects, no human culprit, and a mystery rooted in the natural world. For corporate compliance professionals, this unusual story offers rich lessons about vigilance, adaptability, and the importance of robust investigative techniques. The story is unusual for several reasons, including Holmes’s first-person narrative. Also, the case involves an antagonist from the natural world instead of the human world.

Equally interesting are the lessons the story can teach the 21st-century compliance professional. Today, I will examine five key compliance lessons from Holmes’s encounter with the lion’s mane jellyfish. For additional information on the story and commentary, check out the podcast Compliance Lessons from The Lion’s Mane on the Compliance Podcast Network.

Unraveling Unseen Threats: The Importance of Root Cause Analysis

In this story, the victim collapses after screaming the cryptic words “The lion’s mane!” while bearing strange, whip-like marks on his body. At first, suspicion falls on human suspects, but Holmes’s methodical approach reveals the true cause: a Cyanea capillata jellyfish, an elusive and deadly natural threat. The case highlights a critical point for compliance professionals: risks may not always appear obvious, and solutions often require digging beneath the surface.

In the compliance world, it is often tempting to stop at the first explanation for misconduct, such as blaming individual employees or focusing on the visible symptoms of an issue. However, failing to identify the root cause leaves your organization vulnerable to repeated compliance failures. Whether dealing with third-party bribery risks, internal fraud, or systemic policy gaps, the Department of Justice has made clear in the 2024 Update to the Evaluation of Corporate Compliance Programs, that a root cause analysis is a cornerstone of effective compliance programs, re-emphasizing the need for both performing a root cause analysis and equally importantly using it to remediate your compliance program. It stated, “A hallmark of a compliance program that works effectively in practice is the extent to which a company can conduct a thoughtful root cause analysis of misconduct and timely and appropriately remediate to address the root causes.”

It stated what additional steps the company has taken “that demonstrate recognition of the seriousness of the misconduct, acceptance of responsibility for it, and implementing measures to reduce the risk of repetition of such misconduct, including measures to identify future risk.” The following questions were then posed:

Root Cause Analysis—What is the company’s root cause analysis of the misconduct at issue? Were any systemic issues identified? Who in the company was involved in making the analysis?

Prior Weaknesses—What controls failed? If policies or procedures should have prohibited the misconduct, were they effectively implemented, and have functions that had ownership of these policies and procedures been held accountable?

Adaptability in Unfamiliar Environments

Holmes’s seaside investigation takes him far from his usual London setting. Without the bustle of Baker Street or Watson’s steady presence, Holmes must rely entirely on his deductive skills and adaptability. This scenario mirrors the modern compliance officer’s challenge of addressing new and unfamiliar risks.

For example, your organization may expand into a new market or pivot its business model, exposing it to unfamiliar regulatory requirements or operational risks. In these situations, compliance professionals must act as business partners, guiding the organization through uncharted waters while ensuring compliance remains a priority.

You should begin with the question of who should perform the remediation; should it be an investigator or an investigative team that was part of the root cause analysis? Jonathan Marks believes the key is both “independence and objectivity.” An investigator or investigative team may be a subject matter expert and “therefore more qualified to get that particular recourse.” Yet, to perform the remediation, the key is to integrate the information developed from the root cause analysis into the solution.

Accounting for External Risks

The lion’s mane jellyfish, a force of nature, represents the kind of external risk that organizations often overlook. External risks, whether from geopolitical shifts, third-party misconduct, or environmental factors, can devastate even the most robust compliance programs if not properly managed.

Consider the recent focus on supply chain risks. An organization may have strong internal controls, but a third-party supplier engaging in unethical practices can still expose it to liability. Therefore, due diligence and ongoing monitoring are essential to an effective compliance program. Some of the key actions you can take include the following:.

Conduct comprehensive third-party due diligence before onboarding suppliers, agents, or contractors; regularly review external risks as part of your enterprise risk management (ERM) program; and implement tools and technologies to monitor external developments in real-time, such as sanctions lists or geopolitical instability.

The Power of Patience and Observation 

Holmes’s resolution hinges on his meticulous observation of minor details, marks on the victim’s body, the jellyfish’s natural habitat, and the timeline of events. He doesn’t rush to conclusions or allow others’ assumptions to sway him. Instead, he systematically gathers evidence and applies his knowledge to reach the correct conclusion. This approach underscores the importance of methodical, data-driven investigations for compliance professionals. Whether handling an internal whistleblower complaint or responding to a regulatory inquiry, rushing the process can lead to missed details or flawed conclusions.

You may also have deficiencies in internal controls. Failing to remediate gaps in internal controls “allows additional errors or misconduct to occur and thus could damage the company’s credibility with regulators” by allowing the same or similar conduct to reoccur. Finally, with both the 2024 ECCP and FCPA Corporate Enforcement Policy, the DOJ has added its voice to prior SEC statements that regulators “will focus on what steps the company took upon learning of the misconduct, whether the company immediately stopped the misconduct, and what new and more effective internal controls or procedures the company has adopted or plans to adopt to prevent a recurrence.”

Communication as a Compliance Superpower

One of Holmes’s strengths lies in his ability to explain complex phenomena in a way others can understand. In this story, he demystifies the jellyfish’s deadly nature for the local community, helping them grasp their danger and take appropriate precautions. Communication is equally critical. Whether presenting findings to the board, conducting employee training, or preparing reports for regulators, you must convey complex information clearly and compellingly. The best compliance programs are not just comprehensive; they are understood and embraced by everyone in the organization.

For compliance professionals, there are several actions you can take. First, tailor your communication style to your audience, whether it’s frontline employees, senior leadership, or regulators. Next, use data visualization, case studies, and real-world examples to make your message relatable and memorable. Finally, foster a culture of transparency, ensuring employees feel empowered to ask questions and report concerns without fear of retaliation.

Final Thoughts 

The Adventure of the Lion’s Mane is a tale of hidden threats, careful investigation, and the power of critical thinking—qualities that resonate deeply with the compliance profession. Holmes’s success lies in adapting to unfamiliar circumstances, uncovering an unseen danger, and effectively communicating his findings. Compliance officers need these skills to navigate the complex and ever-changing corporate risk landscape.

As you reflect on Holmes’s seaside investigation, consider how his methods can inspire your compliance practices. Are you conducting root-cause analyses with the same rigor? Have you adapted your program to account for external risks? And most importantly, are you equipping your organization with the tools and knowledge to prevent compliance failures before they occur?

By channeling Sherlock Holmes’s spirit of deduction and vigilance, you can strengthen your compliance program and ensure it is prepared to face even the most unexpected challenges. When the next hidden risk emerges, you will be ready to solve the mystery with precision and confidence, just like Sherlock Holmes.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 26 – CCO Authority and Independence

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 26, we ponder the evolving stature and authority of the CCO within organizations, as highlighted by recent guidelines and regulations. The 2020 FCPA Resource Guide emphasizes the importance of the CCO’s direct reporting line to the board and senior management status. The DOJ’s updated Corporate Enforcement Policy has further enhanced the prestige and role of the CCO, introducing key factors like the quality, experience, authority, independence, compensation, and reporting structure of the CCO. The episode also touches on the significance of the Delaware Court of Chancery’s decision in the McDonald’s case, which formalized the oversight duties of corporate officers, positioning the CCO as the second-most important role in an organization. Key takeaways include demonstrating real authority for the CCO, evaluating their professional qualifications, and assessing their actual status within your company.

Key highlights:

  • Key Inquiries Around the CCO and Compliance Function
  • Importance of CCO Certification and Court Decisions
  • Critical Takeaways for Compliance Professionals

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 25 – Responding to Investigative Findings

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 25, we consider the critical importance of addressing investigative findings within a corporate compliance framework. When a whistleblower report, DOJ subpoena, or SEC notice brings compliance violations to light, it commands the board’s and senior management’s attention. The initial outrage and ethical proclamations that follow are often a prelude to the need for a serious reality check regarding costs and time outlays for remediation. The key is maintaining transparency and solid communication between those investigating and those responsible for remediation, ensuring compliance gaps are effectively identified and addressed. Today’s takeaways emphasize using the heightened attention for compliance improvement, recognizing the interplay between investigation and remediation, and being ready to answer the ‘where else’ question effectively. Join us tomorrow as we explore the authority and independence of Chief Compliance Officers.

Key highlights:

  • The Impact of Investigations on Compliance
  • Communicating Costs and Risks
  • Ensuring Effective Communication

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
10 For 10

10 For 10: Top Compliance Stories for the Week Ending January 25, 2025

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Great risk for Germany to invest in China. (FT)
  • Vietnam dismantles AML ring. (Aljazeera)
  • Administration ramps up attacks on DEI . (NYT)
  • Ukraine chief psychiatrist arrested on corruption charges. (BBC)
  • Ex-Everton player and China coach jailed for bribery. (ESPN)
  • KPMG under FRC investigation yet again. (Bloomberg)
  • Tariff whiplash coming. (Bloomberg)
  • WFH not ‘real work’. (BBC)
  • More conflict mineral allegations against Apple from DRC. (FT)
  • Trash compliance-it’s a thing. (Gothamist)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

You can check out the Daily Compliance News for four curated compliance and ethics-related stories each day here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn