Tag: continuous monitoring

Categories
Blog

It’s The Great Pumpkin Charlie Brown – Lessons in Process Validation Through Continuous Monitoring

Halloween is almost upon us, and we celebrate the greatest Halloween cartoon in the world’s history, “It’s the Great Pumpkin, Charlie Brown,” which premiered in 1966. As usual, the story revolves around the Peanuts gang, who are preparing for Halloween; Linus writes his annual letter to the Great Pumpkin, despite Charlie Brown’s disbelief, Snoopy’s laughter, Patty’s assurance that the Great Pumpkin is a fake, and even his sister Lucy’s violent threat to make her brother stop.

On Halloween night, the gang goes trick-or-treating. On the way, they stop at the pumpkin patch to ridicule Linus, missing the festivities as he has done every year. Undeterred, Linus is convinced that the Great Pumpkin will come, and he even persuades Charlie Brown’s little sister, Sally, to remain with him and wait. At 4:00 AM the following day, Lucy notices Linus is not in his bed. She finds her brother asleep in the pumpkin patch, shivering. She brings him home and puts him to bed. Later, Charlie Brown and Linus are at a rock wall, commiserating about the previous night’s disappointments. Although Charlie Brown attempts to console his friend, admitting he has also done stupid things, Linus angrily vows that the Great Pumpkin will come to the Pumpkin Patch next year.

In corporate compliance, much like in the world of It’s the Great Pumpkin, Charlie Brown, expectations must meet reality. In the compliance world, Linus’s actions might be likened to a company that sets up its processes without validating or monitoring them continuously. Year after year, Linus is let down because he needs to adjust his process or monitor his outcomes in real time. This is where the critical lesson in process validation through continuous monitoring becomes clear: Hope without validation is not a strategy. Let’s dive deeper into the compliance lessons from this Halloween favorite.

The Importance of Process Validation

Linus believes that his sincere faith in the Great Pumpkin will yield results. However, more than faith is needed to cut it in compliance. In the same way, companies may implement policies and procedures they believe will lead to effective compliance, but they need to validate these processes to be sure. Process validation is essential for ensuring that your compliance program operates as intended. From anti-bribery controls to third-party risk management, validating that processes work under real-world conditions ensures you aren’t waiting in a metaphorical pumpkin patch, hoping for good results.

As a compliance professional, you must validate that a process works after designing it, whether it is a transaction monitoring system or a third-party due diligence program. You must validate through testing, audits, and benchmarks to see if it’s achieving your desired outcomes.

The Role of Continuous Monitoring

Linus returns to the same pumpkin patch every year, never adjusting his approach and hoping that next time will be different. This is akin to organizations that implement processes without continuous monitoring—hoping things will change but never keeping a close eye on what’s happening in real-time. In the compliance space, continuous monitoring means maintaining oversight of key processes and using data-driven metrics to spot potential problems before they grow into major risks. Whether monitoring third-party interactions, employee transactions, or internal controls, compliance officers must ensure that data is continuously fed into the system. When a process is off-course, continuous monitoring allows you to catch it early and correct it before it becomes a regulatory issue.

Every compliance professional should understand that continuous monitoring is essential for refining compliance processes. Regularly assess your systems, keep track of anomalies, and make necessary adjustments. It’s about being proactive, not reactive.

Adjusting to Changing Realities

One of the more poignant lessons from It’s the Great Pumpkin, Charlie Brown, is that Linus doesn’t adjust his expectations despite repeated failures. He continues to sit in the pumpkin patch year after year. In compliance, ignoring evidence and sticking to outdated processes can lead to serious issues. Regulations change, risks evolve, and market conditions shift. A process that was valid last year may no longer be effective under new regulations or circumstances. The only way to ensure your compliance program stays relevant is through ongoing adjustments based on continuous feedback.

As the corporate compliance expert, you must ensure that your compliance processes evolve with changing regulatory landscapes. Use the data from continuous monitoring to validate that your program remains robust in real-time conditions.

Clear Communication and Buy-In

Throughout It’s the Great Pumpkin, Charlie Brown, Linus is adamant about the arrival of the Great Pumpkin, but he fails to bring others along with him. His friends and even his sister don’t believe in his mission, leaving him alone in the pumpkin patch.

This illustrates the importance of communication and getting buy-in from your stakeholders in the compliance world. If compliance officers or departments communicate the value of continuous monitoring and validation, the rest of the organization will be engaged and supportive. Building an ethical culture requires alignment across all levels, from senior management to line employees. With it, your compliance efforts may be more cohesive than Linus’s pumpkin patch vigil.

Effective compliance depends on clear communication and organizational buy-in for the compliance professional. Ensure everyone understands the importance of continuous monitoring and how it safeguards the organization.

Linus’s faith in the Great Pumpkin may not pay off in It’s the Great Pumpkin, Charlie Brown, but for compliance professionals, validation and continuous monitoring can deliver real results. Compliance is about something other than waiting in the pumpkin patch, hoping things work out. It’s about ensuring your processes are tested, validated, and continuously monitored to catch risks early and compliance remains proactive rather than reactive.

Moreover, by watching the TV show, reading this blog, and, most importantly, applying these lessons, compliance officers can avoid the fate of Linus, ensuring their processes are strong, dynamic, and capable of delivering the results they need to meet today’s regulatory demands. I hope you can watch It’s the Great Pumpkin, Charlie Brown again this year. I did. When you watch, think about the compliance implications. Will anyone ever set a ‘second set of eyes’ on the Great Pumpkin? If not, will it ever be validated? I hope you will be safe and dry if you are trick-or-treating tonight.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a pumpkin patch that is really sincere! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll SEE the Great Pumpkin!

You wait, Tom Fox.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a real sincere pumpkin patch! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll see the Great Pumpkin!

Just wait, Tom Fox.

Categories
Sunday Book Review

Sunday Book Review: September 1, 2024, Books on Continuous Monitoring Edition

In the Sunday Book Review, Tom Fox considers books that would interest the compliance professional, the business executive, or anyone who might be curious. It could be books about business, compliance, history, leadership, current events, or anything else that might interest me.

In today’s edition of the Sunday Book Review, we look at four books on continuous monitoring for the compliance professional.

  • Continuous Monitoring A Complete Guide – 2024 Edition by Geradus Blokdyk
  • Monitoring Continuous Phenomena: Background, Methods and Solutions by Peter Lorkowski
  • Implement Continuous Monitoring a Complete Guide by Geradus Blokdyk
  • DevOps Continuous Monitoring by Bart de Best (Author), Louis van Hemmen (Editor)

Grab the Middle Managers Tool Kit, available free from Ethico by clicking here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Continuous Monitoring of AI

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In today’s episode, we begin a weeklong look at some of the ways Generative AI is changing compliance and risk management. Today we consider some of the key challenges that organizations need to navigate to accomplish continuous monitoring of AI.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

Transforming Culture: Part 5 – Ongoing Monitoring and Continuous Improvement of Culture

Boeing is not the first company to find itself amid a massive scandal. You can think of Siemens’ bribery and corruption scandal, the VW emissions-testing scandal, the Wells Fargo fraudulent accounts scandal, or any other myriad of corporate scandals where culture failed and created a toxic culture. The question for any organization in such a situation is how to transform its culture. Currently running on the Culture Crafters podcast on the Compliance Podcast Network is a 5–part of podcast series with myself and Sam Silverstein, the most trusted voice in America on accountability. (The Culture Audit™ is the sponsor of this blog post series.)

In this companion, 5-part blog post series, we have looked at how a company in the depths of such a toxic culture can begin to make a comeback by planning and taking concrete steps to turn around and rebuild its culture. In this concluding Part 5, we show why you must not simply stop after implementation but must monitor your culture continuously and work to improve it continuously. It is an ongoing work in progress, and you can always continue working on your corporate culture.

Ongoing monitoring is not something compliance professionals are unaware of or have never heard about. This concept must be used in your culture management strategy as well. You must assess how your culture management strategy is doing continuously. This is one of the power outcomes of The Culture Audit™ (the sponsor of this blog post series). Not only have you created a baseline of where your culture is at any point in time, but through ongoing use of the Culture Audit, you can measure your specific indices of culture on a go-forward or ongoing basis. You can then continually work to update as appropriate. If your organization needs greater trust, you can put further work into this through your speak-up culture.

Creating an organization’s speak-up culture is essential for fostering open communication, transparency, and employee trust. Such a culture encourages individuals to raise concerns, flag potential issues, and contribute to a safer and more accountable work environment. By prioritizing a speak-up culture, companies can proactively address challenges, prevent safety risks, and promote a culture of continuous improvement.

The significance of a speak-up culture must be balanced as a critical factor in ensuring organizational success and psychological safety. Silverstein emphasized the need for employees to feel safe, valued, and empowered to voice their opinions without fear of reprisal. He highlighted the role of trust and psychological safety in enabling individuals to speak up, noting that a culture that supports open communication leads to better decision-making processes and overall performance. The insights shared underscored the pivotal role of a speak-up culture in shaping a positive and proactive organizational environment.

Accountability in leadership is fundamental in setting the tone for organizational culture and fostering a sense of responsibility and integrity among team members. Leaders who demonstrate accountability model desired behaviors and create a culture where individuals take ownership of their actions and outcomes. By holding themselves and others accountable for their commitments and decisions, leaders cultivate a culture of trust, respect, and ethical conduct.

Leadership will always have a transformative impact on organizational dynamics. Emphasizing that accountability is a way of life rather than a mere task demonstrates leaders’ profound influence in shaping the values and norms within their teams. There must be consistency and fairness in holding individuals accountable. Leaders play a pivotal role in setting expectations and driving cultural change. The discussion underscores the critical role of leadership accountability in fostering a culture of integrity and excellence within organizations.

Changing organizational culture is a complex and multifaceted endeavor that requires a deliberate and strategic approach. Organizations seeking to shift their culture must assess the existing norms, values, and behaviors that shape their environment. By identifying areas for improvement and aligning cultural practices with desired outcomes, companies can embark on a journey of cultural transformation that enhances employee engagement, performance, and overall organizational success.

Companies can initiate meaningful change by defining and measuring the current culture, investing in training and education, and holding individuals accountable for upholding cultural values. You must align cultural initiatives with business objectives and ensure that cultural transformation efforts are embedded in every aspect of the organization. Organizations face challenges and opportunities when navigating cultural change, highlighting the critical role of leadership in driving lasting transformation.

The crucial role of leadership in shaping organizational culture provided valuable insights into the steps leaders can take to create a positive and thriving workplace environment. By prioritizing values, fostering open discussions about culture, and making data-driven decisions, organizations can pave the way for long-term success and employee well-being.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 9 – Continuous Monitoring and Continuous Improvement

Continuous monitoring and continuous improvement are two of the most important phrases for any compliance program. These twin concepts were further enshrined in the 2023 Update to the Evaluation of Corporate Compliance Programs (2023 ECCP). In 2023, all companies’ risks changed as we moved from Working From Home to Return To Office and, now, a hybrid model. In addition to this straight-forward change in risk due to working locations, new risks in the form of geopolitical, supply chain, and export control, as well as increased risk due to social media, continue to impact compliance programs.  Your compliance program must be ready to respond to whatever those risks might be going forward.

Continuous improvement runs the gamut in a best practices compliance program, from risk assessments to policies and procedures to periodic testing and review.

Three key takeaways:

1. How have your company’s risks changed over the past year, and how will they change in 2024?

2. What is your process for continuous monitoring and improvement?

3. What sources of information do you use that come from outside your organization?

Categories
31 Days to More Effective Compliance Programs

Day 2 – Continuous Monitoring and Continuous Improvement

Continuous monitoring and improvement are two of the most important phrases for any compliance program. These twin concepts were perhaps the biggest modifications in the 2020 Update to the Evaluation of Corporate Compliance Programs. In 2021 and 2022, all companies’ risks changed as we moved from Working From Home to Return To Office and now a hybrid work model. Of course the great resignation has also played a part.These changes in our basic work location drove home perhaps the most prescient comment I heard during the pandemic, which was by Jed Gardner, who said, “We have moved from disaster recovery to business continuity to business as usual.” This means that risks will change in ways you may not see at speeds you do not anticipate. Your compliance program must be ready to respond to whatever those risks might be going forward.

In the 2020 Update, the DOJ began to address this from the compliance program perspective with several questions. “Is the risk assessment current and subject to periodic review? Is the periodic review limited to a “snapshot” in time or based upon continuous access to operational data and information across functions? Has the periodic review led to updates in policies, procedures, and controls? Do these updates account for risks discovered through misconduct or other problems with the compliance program?”

The next area for continuous monitoring and improvement was an area of compliance that is not normally associated with those concepts, Policies, and Procedures. Here questions included “When was the last time your policies and procedures were updated? Perhaps more importantly, under the 2020 Update, what was your process for doing so? Was there any rigor around your process? Did that rigor include incorporating information and data collected through continuous monitoring, real-time monitoring, or continuous access to operational data and information across functions?”

The final area in the 2020 Update for consideration is called Continuous Improvement, Periodic Testing, and Review. The question included the following, “How often has the company updated its risk assessments and reviewed its compliance policies, procedures, and practices? Has the company undertaken a gap analysis to determine if particular risk areas are not sufficiently addressed in its policies, controls, or training? What steps has the company taken to determine whether policies/procedures/practices make sense for particular business segments/subsidiaries? Does the company review and adapt its compliance program based on lessons learned from its misconduct and/or other companies facing similar risks?”

Three key takeaways:

1. How has your company’s risks changed over the past year?
2. What is your process for continuous monitoring and improvement?
3. What sources of information do you use that come from outside your organization?

Categories
Innovation in Compliance

Corporate Case Management in the Era of the DoJ’s Monaco Memo: Episode 5 – Data Drives Prevention

Welcome to a special podcast series, Corporate Case Management in the Era of the DoJ’s Monaco Memo, sponsored by i-Sight Software Solutions. Over this five-part podcast series, I visit with Jakub Ficner, Director of Partnership Development at i-SIght. This series considers how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. In this concluding Part 5, we consider how data and data analytics are even more critical after the Monaco Memo and how using data can drive prevention and detection.

Highlights include:

  • How does ongoing monitoring lead to continuous improvement, and how does it relate to investigations?
  • How your investigative protocol can supplement ongoing monitoring.
  • How the outlays for your investigative process are a critical step going forward.
  •  Employing root cause analysis, corrective actions, and preventative action recommendations can provide valuable data from a holistic perspective.

For more information, check out i-Sight here.

Categories
Greetings and Felicitations

Great Structures Week V: The Tacoma Narrows Bridge Failure and Preventing Failure in Your Compliance Program

Welcome to the Greetings and Felicitations, a podcast where I explore topics that might not seem directly related to compliance but influence our profession. In this special series, I consider many structural engineering concepts are apt descriptors for an anti-corruption compliance program. In this concluding episode 5, I consider the Tacoma Narrows Bridge failure and preventing failure in your compliance program. Highlights include:

  • Why and how did the Tacoma Narrows Bridge fail?
  • What are the key lessons it provides to compliance professionals?
  • Why are 3rd parties still the greatest risk to any compliance program?
  • What steps can you take to manage third parties most effectively?
  • Why is continuous monitoring key to managing risk?

Resources

 “Understanding the World’s Greatest Structures: Science and Innovation from Antiquity to Modernity”, taught by Professor Stephen Ressler from The Teaching Company.

Categories
Blog

Note Navy Seals Way: Moving from Continuous Monitoring to Continuous Improvement

Decision making is a critical skill for any Chief Compliance Officer (CCO) or compliance professional. Continuous monitoring and continuous improvement are now accepted as standard components of any table stakes compliance program. The Department of Justice (DOJ), in the 2020 Update to the Evaluation of Corporate Compliance Programs, made clear the need for continuous improvement in any compliance program. It stated quite succinctly, “One hallmark of an effective compliance program is its capacity to improve and evolve. The actual implementation of controls in practice will necessarily reveal areas of risk and potential adjustment. A company’s business changes over time, as do the environments in which it operates, the nature of its customers, the laws that govern its actions, and the applicable industry standards. Accordingly, prosecutors should consider whether the company has engaged in meaningful efforts to review its compliance program and ensure that it is not stale.”

Indeed, the 2020 Update posed the following questions that the DOJ might ask a company under a Foreign Corrupt Practices Act (FCPA) investigation, “How often has the company updated its risk assessments and reviewed its compliance policies, procedures, and practices? Has the company undertaken a gap analysis to determine if particular areas of risk are not sufficiently addressed in its policies, controls, or training? What steps has the company taken to determine whether policies/procedures/practices make sense for particular business segments/subsidiaries? Does the company review and adapt its compliance program based upon lessons learned from its own misconduct and/or that of other companies facing similar risks?”But one question not posed is around your decision-making process in when to move from continuous monitoring to continuous improvement. I was therefore interested in a recent FastCompany.com article, entitled “3 Steps Navy SEALs Use to Make Decisions”, by Stephanie Vozza. Vozza quotes former Navy SEAL and Chief Executive Officer (CEO) of ADS, Inc., Ryan Angold who said, “With so much information out there, a lot of people get analysis paralysis. You want to do your research and you want to access all the resources you have so you can make the right decision. But you can’t sit in analysis paralysis forever. Ultimately, there’s no 100% perfect decision.”

For her piece she also interviewed former Navy and current VMWare Chief Digital Transformation Officer Mike Hayes and author of the book, Never Enough: A Navy SEAL Commander on Living a Life of Excellence, Agility, and Meaning, who laid out a framework he used as an active SEAL for decision making.

  1. Gather Input

When you are a CCO or compliance professional in a corporate compliance function, you most probably have created experiences from which you can draw. Angold noted, “The requirement in SEAL teams is that you have you’ve gone through multiple different scenarios, you’ve trained for the most extreme environment, the most challenging environment, the worst-case scenarios. These reference points are helpful. You can say, ‘Okay, we’ve seen something like this before.’ Maybe this isn’t the exact scenario—it never is. But you’ve learned how the team works and can make quick decisions.”

Both Jonathan’s from the award-winning Everything Compliance gang, Jonathan Armstrong and Jonathan Marks, talk about not simply crisis and scenario planning but practice as well. Such practice not only gives you the muscle memory of what to do when a true crisis appears but also provide the types of experiences that Angold references that the SEALs then use in missions.

Hayes added that you should listen to difference voices or inputs, noting, “Too often, we tend to seek out like-minded input. Artists tend to hire artists and engineers hire engineers. By getting input from people who don’t think like us and by having a culture that celebrates differences and raising other ideas, you help people be comfortable saying things like, ‘Hey, sir, I don’t think that’s a great idea. Here’s how I would do it.’ That framework enables the best possible decisions.” Note that Hayes’ remarks also illuminate the importance and benefits of a true “Speak-Up Culture”.

  1. Decide When to Decide

 Most interestingly, the first thing you have to determine is when to make your decision. Hayes said, “The first decision is when to make your decision. That’s the thing that most people get wrong.” Obviously in combat your decision-making window can be quite short, but the same principle applies in the corporate world. Here Hayes noted, “At some point, the value of those extra inputs in your input streams costs more than the time associated with getting more inputs. At that inflection point is when you want to make your decision. You start losing value by waiting longer.”

But this point is where experience can become more paramount. In the corporate compliance world, you will likely get information, which is both quantitative and qualitative, particularly through continuous monitoring. Do not become paralyzed at this point, and you can rely on your gut or, as Hayes said, “there are other times where you need to operate in instinct. Instinct is really a set of experiences that you can’t quite crystallize, but that you extract logic from.”

  1. Be Willing (and ready) to Course Correct

Here a key CCO and compliance professional soft skill, that of humility, both “intellectual and real will help you get to the right decision.” Do not let your ego get in the way or start considering your sunk costs. You may garner new information which gives new input. Even John Maynard Keynes said, “When my information changes, I alter my conclusions. What do you do, sir?

Hayes said this is “the ultimate sign of leadership because it’s a sign of comfort in your own skin and not needing to look good in front of an organization. Instead, you’re putting the organization before self and doing the right thing.” Angold phrased it as “It takes a lot of humility for someone to be able to recognize it was the wrong call,” he says. “That’s where the communication is important and having that transparency with your team. You can gain a lot of additional trust from your team, when you acknowledge a wrong decision.”

Continuous improvement through continuous monitoring or other similar techniques will help keep your compliance program abreast of any changes in your business model’s compliance risks and allow growth based upon new and updated best practices specified by regulators. A compliance program is in many ways a continuously evolving organism, just as your company is. You need to build in a way to keep pace with both market and regulatory changes to have a truly effective anti-corruption compliance program. By using this three-step approach, you can best determine how to move from the monitoring to the improvement phase.

Categories
Everything Compliance

Episode 94, the National Archives Edition


Welcome to the only roundtable podcast in compliance. The entire gang was also recently honored by W3 as a top talk show in podcasting. In this episode, we have the full gang of Jonathan Marks, Karen Woody, Jonathan Armstrong, Tom Fox, Matt Kelly and Jay Rosen. We discuss a potpourri of issues. We conclude with our fan favorite Shout Outs and Rants.

  1. Karen Woody reviews the recent HeadSpin SEC enforcement action, explaining how the SEC has jurisdiction over a private company, the significance of an enforcement action with no fine or penalty and the corporate governance issues involved. Karen shouts out to the Super Bowl Halftime show for throwing love on 90s music and musical stars.
  1. Jay Rosen discusses the recently released Commission on Combatting Synthetic Opioid Trafficking Report. Rosen shouts out to celebrity chef Jose Andreas for creating the Gazpacho Police in the 1990s long before Marjorie Green Taylor accused Nancy Pelosi of doing so and for inviting Rep. Taylor to join, provided she is vaccinated and wears a mask to the restaurant.
  1. Matt Kelly looks at the Joe Rogan and Spotify imbroglio, focusing the attempts of Spotify CEO Daniel Ek to focus the spotlight on Rogan and not Spotify. Kelly shouts out to that unknown US criminal enforcement agency, the National Archives which raided Mar-A-Lago where the former President had purloined some 15 boxes of Presidential papers and materials. He also gives a minor shout out to New York Times columnist Maggie Haberman who in an upcoming book reported the former President flushed documents down the toilets at the White House.
  1. Jonathan Marks discusses continuous controls monitoring and continuous auditing as best practices for compliance, risk management and fraud prevention programs. Marks shouts out to the Philadelphia 76ers for getting rid of Ben Simmons who refused to play for them. He implores Simmons to get a new agent for his disastrous handling of the entire situation.
  1. Jonathan Armstrong discusses the civil verdict for HP in its case against Autonomy and the Extradition Order delivered by the Home Secretary for Mike Lynch to go to America to stand for a US criminal trial. Armstrong shouts out to Queen Elizabeth II for her 70-year reign on the English throne.
  1. Tom Fox has a melancholy shout out to the University of Michigan School of Law and greater legal education profession, which lost two stalwart professors recently; Yale Kamisar, Father of Miranda and Terrance Sandalow, former Dean of the Law School. 

The members of the Everything Compliance are:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
  • Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com
  • Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at marks@bakertilly.com

The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.