Tag: data driven compliance

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 1 – Data-Driven Compliance

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over this 31-day series in January 2026, Tom Fox will post a key component of a best-practice compliance program each day. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will join each day in January for this exploration of best practices in compliance. On Day 1, we consider the need for data-driven compliance.

Key highlights:

  • Importance of Data Analytics in Compliance
  • Implementing Data-Driven Compliance
  • Challenges and Solutions in Data-Driven Compliance

Resources:

Listeners to this podcast can receive a 20% discount on The Compliance Handbook, 6th edition, by clicking here.

Categories
Data Driven Compliance

Data Driven Compliance – Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden

Welcome to Season 2 of the award-winning Data Driven Compliance. In this new season, we will look at the new Failure to Prevent Fraud offense. Join host Tom Fox as we explore this new law and how to comply with it through the lens of data driven compliance. This podcast is sponsored by konaAI. In this episode of Season 2, Tom Fox is joined by Vince Walden, CEO of konaAI.

In this episode, they take a deep dive into the details of the UK Economic Corporate Crime Transparency Act, specifically the ‘Failure to Prevent Fraud’ offense. Walden, bringing the perspective of a fraud examiner and CPA, discusses the types of fraud covered under the new law and its broad scope, affecting not just UK companies but also US subsidiaries of UK companies. Walden emphasizes the importance of fraud prevention compliance programs and outlines how effective data analytics and risk assessments can help companies prevent fraud. He also explores the integration of advanced technologies like AI in building robust fraud detection mechanisms. The conversation highlights that effective compliance leads to better business processes and profitability.

Key highlights:

  • Understanding Fraud Offenses Under the Act
  • The Broad Scope of the Act
  • Importance of Compliance Programs
  • Data Analytics in Fraud Risk Management
  • Future of Fraud Detection with AI

Resources:

Vince Walden on LinkedIn

konaAI, a Covasant company

Click here for konaAI White Paper Rethinking Compliance: Practical Steps for Adapting to the UK’s New Fraud Legislation

Connect with Tom Fox on LinkedIn

Categories
FCPA Compliance Report

FCPA Compliance Report – The Role of Culture and Data in Fraud Risk Management: A Conversation with Vincent Walden

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. This is a very special episode. Today, Tom Fox cross-posts an episode from the BCG Podcast. In it, host Hanjo Siebert visits with konaAI CEO Vince Walden. They discuss the critical role of data and culture in achieving effective compliance, exploring the importance of interdepartmental collaboration, the evolving compliance landscape, and real-world examples of fraud detection. Walden emphasizes that while strategy is important, a strong organizational culture is essential for successful execution. He explains how data serves as a transparency agent and outlines the need for a collective approach to managing fraud risk. Listen in to gain insights into the challenges and best practices in modern compliance.

Key highlights:

  • The Importance of Transaction Monitoring
  • Challenges in Fraud Risk Management
  • Collaborative Approaches to Compliance
  • konaAI Role in Modern Compliance
  • Real-World Fraud Cases and Lessons Learned
  • The Impact of Business Culture on Fraud Prevention
  • Fostering a Culture of Transparency

Resources:

Vince Walden on LinkedIn

konaAI

Original Podcast Recording

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the use of AI in Compliance programs, see my new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Building a Data-Driven Culture

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we review how compliance can drive a data-driven culture in the compliance function and throughout the organization.

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Blog

Building a Data-Driven Culture: A Compliance Imperative in the Age of AI

I recently read an article in the Sloan Management Review entitled “Building a Data-Driven Culture: Four Key Elements” by Ganes Kasari, founder and CEO at Tensor Planet. He posits that a data-driven culture is vital to success with AI projects, but shaping one involves many challenges. He suggests that learning how to build one from organizations that have made the journey engaging for employees is one approach to take. For compliance professionals, this is a critical issue. Compliance, risk management, and governance efforts may be ineffective if a company’s workforce does not instinctively turn to data when making decisions.

The Department of Justice’s (DOJ) 2024 Update on the Evaluation of Corporate Compliance Programs (2024 ECCP) has made it clear that compliance programs must be data-driven, proactive, and continuously monitored. But if an organization has not built a culture of data-driven decision-making, compliance will always be playing catch-up.

So, how do companies foster a data-driven compliance culture? Kasari says the answer lies in four key areas:

  1. Leadership Intervention
  2. Data Empowerment
  3. Collaboration
  4. Value Realization

Leadership Intervention: Setting the Tone from the Top

For a compliance program to be truly effective, proactive, and data-driven, leadership must take an active role in championing the importance of data in decision-making. Too often, executives fund compliance initiatives but delegate execution entirely to compliance and IT teams. The result? Employees still see compliance as someone else’s job rather than an integral part of business operations.

The DOJ has emphasized that compliance programs must have engaged leadership. That means:

  • Executives must communicate why data and AI are essential for compliance.
  • Leaders must use data themselves, modeling the behavior they expect from their employees.
  • Regular check-ins and accountability measures should ensure compliance is not just an IT issue but an enterprise-wide priority.

Concept in Action: Rewarding Compliance Innovation at DBS Bank

When DBS Bank launched its digital transformation initiative, CEO Piyush Gupta prioritized creating a culture that rewarded data-driven decision-making and innovation. In one case, an employee made a data-driven compliance decision, ultimately leading to a failed experiment. There was regulatory pressure to penalize the employee, but Gupta stepped in and awarded them instead—for trying, learning, and embracing the new compliance culture.

This kind of visible leadership support sends a powerful message: compliance isn’t just about avoiding penalties but also about building a smarter, more resilient organization.

Data Empowerment: Making Compliance Everyone’s Job

For compliance to be truly embedded in company culture, every employee, not just compliance officers, must be able to access, understand, and act on data.

This means focusing on three levels of readiness:

  1. Data Readiness – Ensuring high-quality data is available at the right time to the right people.
  2. Analytical Readiness – Training employees to interpret compliance data and make informed decisions.
  3. Infrastructure Readiness – Investing in AI-driven compliance tools, automation, and real-time risk monitoring systems.

Concept in Action: JPMorgan Chase and the DeepRacer Challenge

JPMorgan Chase wanted to upskill employees in AI and data analytics. Instead of boring compliance training sessions, the company introduced a global challenge using AWS DeepRacer, a competitive coding event where employees programmed autonomous vehicles to race.

Employees learned data analytics, AI programming, and machine learning principles while having fun. The result? Thousands of employees became data-literate, able to apply AI-driven insights to compliance, risk management, and fraud detection.

Collaboration: Breaking Down Compliance Silos

Too often, compliance sits in its bubble, siloed from business operations. However, in an AI-driven world, compliance must be embedded in every department, from finance and HR to product development and supply chain management.

A major barrier to compliance collaboration is language. Compliance teams often use technical jargon, while business teams use operational language. The result? Miscommunication, resistance, and confusion.

To fix this, compliance functions must invest in:

  • Cross-functional compliance training so business leaders understand compliance risks.
  • Compliance “translators”—employees who bridge the gap between compliance and business operations.
  • AI-powered compliance dashboards that translate risk into actionable business insights.

Concept in Action: Gulf Bank’s Data Ambassador Program

Gulf Bank wanted to embed data-driven compliance across its 1,800 employees. Instead of relying solely on compliance officers, the bank created a network of data ambassadors—employees across departments trained to champion compliance best practices.

The results were impressive: employees felt more ownership over compliance decisions, and the company saw a significant reduction in compliance violations.

Value Realization: Measuring and Celebrating Compliance Success

One of the companies’ biggest mistakes is treating compliance as a cost center rather than a value driver. Compliance isn’t just about avoiding fines—it’s about driving better business decisions.

To ensure compliance is seen as a competitive advantage, companies must:

  • Define clear KPIs to measure compliance impact.
  • Track and communicate compliance success stories internally and externally.
  • Tie compliance initiatives to tangible business outcomes (e.g., revenue growth, cost savings, enhanced brand reputation).

Concept in Action: AI-Powered Warehouse Compliance at a Logistics Firm

A cold chain logistics company struggled with inefficient warehouse scheduling, leading to regulatory fines and supply chain bottlenecks. The compliance team introduced an AI-driven scheduling system, analyzing weather data, shipment history, and supplier reliability to optimize deliveries.

The results?

  • 16% reduction in turnaround time
  • $1.2 million saved annually in avoided fines
  • Increased customer satisfaction

To celebrate this success, the company shared the story through internal newsletters, town halls, and webinars, ensuring that employees saw compliance as a strategic enabler rather than just a legal requirement.

Compliance in the Age of AI

The DOJ’s 2024 guidance has made it clear that compliance programs must be data-driven, proactive, and continuously monitored. But simply investing in AI tools isn’t enough. Companies must build a truly data-driven culture where compliance is instinctive, embedded, and embraced across all levels of the organization.

The key takeaways?

  1. Leadership must champion compliance—not just fund it.
  2. Compliance must be accessible, understandable, and actionable for all employees.
  3. Cross-functional collaboration is essential to break down compliance silos.
  4. Compliance success must be measured, celebrated, and tied to business impact.

In 2025 and beyond, companies that embed AI-driven compliance into their culture will not only avoid regulatory fines and penalties or even FCPA violations, but they will also gain a competitive edge in an increasingly complex business world.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 1-Data Driven Compliance

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In the first episode of ‘One Month to a More Effective Compliance Program’, host Tom Fox, the Compliance Evangelist, emphasizes the increasing importance of data analytics and monitoring in the realm of compliance. Highlighting insights from the DOJ, this episode illustrates how data-driven compliance can significantly improve decision-making, business efficiency, and risk management. By leveraging technology and effective data analysis, companies can uncover hidden issues such as improper payments and improve overall corporate transparency. Tom Fox discusses the necessity for compliance programs to have quick and easy access to data to ensure informed decision-making and proactive compliance management.

Key Highlights

  • Importance of Data Analytics in Compliance
  • Implementing Data-Driven Compliance
  • Challenges and Solutions in Data-Driven Compliance

Resources

Listeners to this podcast can receive a 20% discount to The Compliance Handbook, 5th edition by clicking here.

Categories
Blog

Why the 2024 ECCP Update is a Game-Changer for Compliance

In the DOJ’s 2024 update to the Evaluation of Corporate Compliance Programs (2024 ECCP), compliance professionals face new expectations that could reshape how we approach compliance programs. In this latest update, the DOJ strongly emphasizes data-driven insights, focusing on compliance culture, employee engagement, and organizational trust. This means that compliance programs must now focus on policies and procedures and prove that these practices are embedded into the company culture and yield measurable outcomes.

The implications of these new standards extend across every aspect of compliance, from audits to employee training and risk assessments. In this post, we’ll explore the key areas of the 2024 ECCP, discussing why the DOJ’s new focus on data and culture is significant and how compliance professionals can adjust their strategies to align with these expectations.

A New Focus on Data: The Backbone of Modern Compliance

One of the most critical shifts in the 2024 ECCP is the DOJ’s call for data-backed evidence of a company’s compliance culture. The DOJ now expects organizations to establish a culture of compliance and document and track its effectiveness over time. Compliance professionals are no longer tasked with simply implementing policies; they must now demonstrate that these policies have a real impact.

For example, it is no longer enough to state that employees are encouraged to report misconduct. Now, organizations must gather data to prove employees feel safe and supported when they report issues. This could include metrics such as hotline usage rates, anonymous survey responses, and feedback on trust in leadership. By collecting data on these and other elements, compliance teams clearly understand how well the compliance culture is functioning.

The DOJ’s new data-driven approach means compliance professionals must focus on metrics that reflect the health of their programs. This might include engagement levels, response times for reports of misconduct, and employee feedback on how accessible and transparent compliance processes are. Tracking these metrics not only helps compliance teams spot trends and identify areas of improvement but also provides concrete evidence of a commitment to compliance that can be shared with regulators.

The Role of Culture Audits: A Window into Organizational Health

With the DOJ’s increased focus on culture, culture audits have become an indispensable tool for compliance professionals. A culture audit goes beyond policy checks and evaluates the organizational attitudes and behaviors that define the company’s ethical framework. This includes measuring employee engagement, trust in leadership, and perceptions around compliance practices. By regularly conducting culture audits, compliance teams can identify weaknesses, reinforce strengths, and monitor shifts in compliance culture over time.

A robust culture audit can answer the DOJ’s fundamental questions: Are employees engaged in compliance efforts? Do they feel comfortable reporting concerns? Do they trust that their leaders are committed to ethical behavior? For instance, if a culture audit reveals that only 60% of employees feel confident using the company’s whistleblower hotline, it clearly indicates that improvements are needed to make employees feel safe in reporting issues.

The data gathered from culture audits provides compliance officers with actionable insights that can be used to enhance training programs, increase communication around compliance expectations, and address gaps in trust or engagement. Additionally, regular culture audits help to create a benchmark, enabling organizations to track changes over time and prove to the DOJ that their compliance culture is consistently improving.

Practical Steps for Compliance Professionals

The 2024 ECCP serves as a roadmap for compliance professionals, outlining practical ways to elevate their compliance programs to meet new expectations. Here are some key steps that can help compliance teams align with these enhanced standards:

  1. Implement Regular Culture Audits. Regular culture audits provide a structured way to assess compliance culture and identify trends in employee engagement, trust, and ethical behavior. Compliance teams can establish a baseline and track improvements over time by conducting these audits at least annually. Regular audits also help identify areas where further training or communication may be necessary, ensuring that compliance culture remains dynamic and responsive.
  2. Prioritize Data Collection and Analysis. In the era of data-driven compliance, tracking and analyzing metrics is essential. Compliance teams should focus on data points that reveal insights into the effectiveness of their programs. This could include metrics on employee trust in reporting mechanisms, hotline usage rates, participation in compliance training, and overall engagement in compliance initiatives. By collecting and analyzing this data, compliance professionals can comprehensively view their program’s impact.
  3. Enhance Transparency and Communication. One of the DOJ’s central themes in the 2024 ECCP is transparency. Compliance professionals should ensure that employees at all levels understand the company’s commitment to ethical behavior and know how to access compliance resources. Regular communication on compliance issues, successes, and updates from leadership reinforces the importance of compliance culture and can help build trust among employees.
  4. Integrate Compliance with Performance and Incentives. Companies should align performance reviews and incentive structures with compliance goals to truly embed compliance into the organizational culture. For instance, recognizing and rewarding employees who demonstrate a commitment to compliance reinforces the message that ethical behavior is valued. This alignment also signals to employees that compliance is part of the path to career advancement and success within the organization.
  5. Document, Document, Document. If there’s one takeaway from the DOJ’s update, it’s the importance of documentation. In the DOJ’s eyes, if it’s not documented, it didn’t happen. Compliance teams should maintain thorough records of all culture audits, data findings, responses to feedback, and improvements over time. This documentation provides a clear data trail demonstrating ongoing efforts to strengthen compliance culture, which can be invaluable in a regulatory review or investigation.

Data Is a Game-Changer for Compliance Programs

The 2024 ECCP update is a milestone for compliance programs, marking a shift toward a more holistic, data-focused approach. By placing emphasis on data, the DOJ effectively requires companies to provide concrete proof of their compliance efforts, making it clear that ethical behavior is no longer just a set of policies—it’s a measurable, evolving part of the corporate culture. This represents a major change for compliance professionals, as they must now develop skills in data analysis, culture assessment, and strategic planning.

The DOJ’s increased focus on compliance culture and data-backed metrics aligns with the broader trend toward accountability and transparency in corporate governance. Compliance professionals who embrace this shift will be able to strengthen their programs, foster a more ethical workplace, and reduce their organization’s risk of regulatory scrutiny. By taking proactive steps to meet these new standards, compliance teams can also build trust with employees, investors, and regulators, creating a foundation of integrity that benefits the entire organization.

Turning Compliance into a Competitive Advantage

The DOJ’s 2024 ECCP update is not simply a set of new requirements but an opportunity for compliance professionals to elevate their programs, demonstrate value, and create a culture where ethical behavior is embedded into the organizational DNA. By focusing on data, conducting regular culture audits, and aligning compliance with incentives, compliance professionals can turn these new standards into a competitive advantage.

For compliance professionals, the ECCP update provides a clear framework for fostering a dynamic, responsive compliance culture that meets and exceeds regulatory expectations. By staying ahead of these changes, compliance professionals protect their organizations and position themselves as strategic leaders who understand the evolving nature of compliance. In an era where regulators demand proof of ethical culture, data is no longer just a tool; it is the future of compliance, and those who embrace it are setting their organizations up for long-term success.

Categories
FCPA Compliance Report

FCPA Compliance Report – The 2024 ECCP on Data-Driven Culture and Engagement

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this edition, Tom Fox visits with Sam Silverstein on how compliance professionals should view the new DOJ mandate on using data to assess, manage, and improve corporate culture through data-driven compliance. The Culture Audit sponsors this podcast.

In this comprehensive discussion, Tom Fox and Sam Silverstein delve into the 2024 Update to the Evaluation of Corporate Compliance Programs (ECCP) by the DOJ. Released in September, this latest update emphasizes the importance of data analytics, culture, engagement, and trust in compliance programs. With a detailed breakdown of over 250 questions posed by the ECCP, Tom and Sam provide valuable insights on how companies can benchmark their compliance programs and prepare for potential investigations. They highlight the role of a culture audit in addressing the DOJ’s requirements, offering a detailed look into how organizations can measure and improve their compliance culture. This webinar educates compliance professionals on the latest DOJ expectations and provides practical tools and methodologies to enhance corporate compliance efforts.

Highlights in this episode:

  • Importance of Culture and Data Analytics
  • Leveraging Data for Compliance
  • Measuring and Improving Culture
  • Data-Driven Culture of Compliance
  • Understanding and Utilizing Culture Audit Data
  • Forward Steps for a Stronger Culture

Resources:

Culture Audit

Set up a call to discuss the Culture Audit, click here

Sam Silverstein and the Accountability Institute

Sam Silverstein on LinkedIn 

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Why Data Access is Key to Compliance Effectiveness

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we explore why the DOJ will now evaluate whether compliance teams have adequate access to the necessary data to assess the effectiveness of their programs.

Categories
FCPA Survival Guide

FCPA Survival Guide: Step 5 – Data Analytics

How can you survive an FCPA enforcement action? In this special podcast series, Tom Fox and Nick Gallo lay out the Top 10 things you can do to reduce your overall fine and penalty, perhaps down to a full declination. All of the actions you can take come from recent DOJ prosecutions under the FCPA and speeches from DOJ representatives. This podcast, sponsored by Ethico, is the companion series to the book The FCPA Survival Guide: Surviving and Thriving a Foreign Corrupt Practices Act Enforcement Action. Today, we discuss the importance of data analytics as a key part of any remediation and in today’s compliance regimes.

Tom Fox and Nick Gallo are back to discuss the evolving role of data analytics in compliance, highlighting its transition from a cutting-edge tool to a best practice and soon-to-be table-stakes requirement. They review the SAP and Albemarle FCPA  enforcement actions to illustrate points where data analytics played a pivotal role in remediation efforts. They look at the foundational aspects of data analytics, paralleling personal finance management to underline its fundamental importance in both personal and professional contexts. Some of the key uses of data analytics are risk identification, response, compliance program testing, and reporting, as outlined by Andrew McBride, a recently retired chief ethics and compliance officer. They conclude by stressing the importance of data analytics in demonstrating program effectiveness and underscore the DOJ’s interest in data-driven evidence of compliance program remediation.

Key Highlights and Issues

  • The Evolution and Importance of Data Analytics
  • Understanding Data Analytics Through Everyday Examples
  • Practical Approaches to Implementing Data Analytics
  • The Role of Data Analytics in Compliance Program Testing and Reporting
  • Personalizing Data Analytics for Program Effectiveness

Resources:

Nick Gallo on LinkedIn

Ethico

The FCPA Survival Guide: Surviving and Thriving a Foreign Corrupt Practices Act Enforcement Action

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn