Categories
Data Driven Compliance

Data Driven Compliance: eCom Surveillance and Cybersecurity Data Management

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, which is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode The intersection of law, compliance, and data is becoming increasingly important in the world of cross-border transactions and mergers and acquisitions.

Data has become much more ubiquitous and needs to be incorporated into business processes. AI data cleansing helps to reduce false positives and provides context to alerts generated by the system. AI capabilities are divided into three categories: removing duplicative content, detecting risk, and providing context. AI-powered data cleansing strips out non-human generated content and focuses on what was sent by an individual. This helps to lower false positives in alerts generated by the system.

The need for eCom surveillance is increasing as communication sources become more varied. Slack, Zoom, Teams, Bloomberg chat, and Ice chat are all becoming commonplace, and companies need to be able to capture data from these sources. Artificial intelligence and machine learning models are being deployed to empower a compliance officer to focus on what’s important and be risk-based. Companies that have been hesitant about the cloud are now moving their data to the cloud.

The amount of voice business that is happening over Zoom and teams and other voice channels has skyrocketed. Regulators have been very clear that you need to capture and record that voice data. Customers have asked for more and more data sources to capture, including audio. Compliance teams need systems to manage collaboration, case management tools, and review tools. Technology allows compliance teams to no longer use Excel or SharePoint to manage their own internal processes.

The combination of technology and compliance is transforming the industry. Artificial intelligence capabilities have come a long way in the past few years and are already good enough to provide a lot of value to customers. The innovation over the next few years will be on the defensibility front, proving defensibly why something was alerted on and why something else was not. Technology is available to capture every data source that’s out there, and it is essential for compliance teams to leverage this technology to remain compliant and competitive.

 Key Highlights

·      Ecom Surveillance

·      Cybersecurity Data Management

·      AI and Compliance

Resources:

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

Data Driven Compliance – AI Tech for Data Compliance, Part 1

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode The intersection of law, compliance, and data is becoming increasingly important in the world of cross-border transactions and mergers and acquisitions.

Data compliance risks are a major concern for organizations of all sizes as data collection and storage grows. A key is to prevent these risks by detecting misconduct before it occurs. AI technology is used to pinpoint risk and misconduct, providing context to alerts. Searching unstructured data is a critical process for organizations to identify and mitigate hidden risks, and the right technology is necessary to incorporate multiple file types and data sources. By equipping with the right processes and technology, organizations can proactively look for hidden risks and take preventative steps to ensure compliance.

Data has become much more ubiquitous and needs to be incorporated into business processes. AI data cleansing helps to reduce false positives and provides context to alerts generated by the system. AI capabilities are divided into three categories: removing duplicative content, detecting risk, and providing context. AI-powered data cleansing strips out non-human generated content and focuses on what was sent by an individual. This helps to lower false positives in alerts generated by the system.

Regulators are now focusing on prevention as part of best practices compliance programs. A key is to prevent misconduct before it occurs by setting expectations that this behavior is not tolerated in the organization. Compliance teams can quickly take action and remediate activity when an incident is found. Consistent approach by compliance teams in quickly remediating bad behavior creates a culture where misconduct is not tolerated.

Unstructured data is data that doesn’t have a hierarchy associated with it, such as Word documents, emails, and text messages. Your app built on unstructured data analytics problems, such as responding to government requests, cyber breach response, and compliance monitoring. Organizations should have processes in place to proactively look for hidden risks. Technology is needed to search through unstructured data to find hidden risks.

 Key Highlights

·      Data Compliance Risks

·      Data Cleansing Importance

·      Preventing Misconduct

·      Detecting Risk with AI

·      Searching Unstructured Data

 Resources: 

Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

Data Driven Compliance: Jakub Ficner on Unlocking Data with Investigative Monitoring

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, featuring an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode. The intersection of law, compliance, and data is becoming increasingly important in cross-border transactions, mergers, and acquisitions.

In this episode, Tom welcomes Jakub Ficner, Director of Partnership Development at Case IQ. We discuss how to unlock data through investigations and monitoring. With the Department of Justice’s 2023 Evaluation of Corporate Compliance Programs emphasizing the importance of assessing and monitoring risks, Investigative Monitoring is an invaluable protocol for companies to demonstrate their commitment to compliance. This protocol involves collecting data from an investigation to identify anomalies and assess risks, allowing companies to create a culture of compliance and meet the Department of Justice’s requirements.

This structured process allows data analysis and root cause analysis to understand a topic better. Continuous improvement is essential for any compliance program, and Investigative Monitoring provides a way to collect data and ensure fair and consistent outcomes, as well as focus on time and resources. Conversations between two parties are important for gaining insight into a topic, making Investigative Monitoring an essential tool for any company.

Key Highlights:

  • Investigative Monitoring
  • Investigating Anomalies
  • Continuous Improvement
  • The Process

 Resources:

Jakub Ficner on LinkedIn 

Case IQ

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

Categories
Uncovering Hidden Risks

Ep 10 – How eDiscovery Can Help You Reduce Data and Risks in Three Steps

Description:

As data volumes continue to balloon, it’s becoming clear that the quickest path to victory does not involve the fewest steps. This month’s episode of Uncovering Hudden Risks explores ways to defensibly move data minimization decisions upstream to collaboratively expedite the eDiscovery process. EJ Bastien, Director of Discovery Programs at Microsoft, joins Erica Toelle and guest host Caitlin Fitzgerald for the discussion. EJ leads the eDiscovery and Litigation Support team at Microsoft. EJ shares his experience using technology to address the challenges of eDiscovery in the modern cloud world and shares some strategies and best practices to help mitigate risk.

In This Episode You Will Learn:

  • Advice for organizations trying to handle the growing amount of new data types
  • Best practices for implementing an effective eDiscovery strategy
  • Why you should be excited about the future of eDiscovery

Some Questions We Ask:

  • What trends are you seeing that are affecting the eDiscovery space?
  • How you are approaching some of the new technology innovations?
  • What benefits are there to using Purview eDiscovery Premium internally at Microsoft?

Resources:

View EJ Bastien on LinkedIn

View Caitlin Fitzgerald on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:          

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Categories
Data Driven Compliance

Data Driven Compliance: Igor Volovich – Compliance Therapy

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs.

Tom welcomes Igor Volovich, the Compliance Therapy doctor from Qmulos, to discuss how to bridge gaps between compliance, security, and risk management. Volovich emphasizes the need for education and evangelism to unlock the value that compliance could offer businesses. He introduces their compliance therapy branding and highlights the importance of evidence-based compliance management through automation to improve trustworthiness. As we move towards real-time risk governance, automation is key for continuous attestation. Compliance processes have been highly manual and outdated, but regulatory bodies recognize the importance of automation in managing risks.

In the podcast, Tom dives into the need for convergence in compliance and discussing risk in real-time and translating technical terms into risk frameworks. If you’re interested in the convergence of compliance, security, and risk, check out Qmulos’ published guide and resources on their website and social media profiles. Don’t miss out on the chance to learn from the experts and continue the conversation with Igor Volovich and Tom Fox. Listen today! 

Key Highlights

·      Introduction of Compliance Therapy Expert

·      Objective Compliance Management: From Opinion to Evidence

·      Importance of trust and governance in data

·      Revolutionizing Compliance Processes with Automation

·      Effective Risk Management for Businesses 

KEY QUOTES

“Most of the folks have these really weird misconceptions about what compliance is We need to reframe the mindset to rejoin the conjoined twins of compliance and security and risk and get them back together.”

“How do we evolve from this opinion-based compliance management, to objective evidence based compliance management. That’s the question that we asked. It’s more robust. It’s more trustworthy. it’s more real. Right? We’re moving from fiction to fact.”

“Within the sphere of influence that we actually do have, how much control can you exert? How much control can you demonstrate reliably, incredibly? To me, that’s the metric. How much can you prove about what you know? Is it belief or is it true? That’s the thing that we try to focus on.”

“The ultimate answer is, of course, automation, you can’t throw more people at the problem.”

Resources:

Igor Volovich on LinkedIn 

Qmulos

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

Data Driven Compliance: Dave Crozier – Everything Lies Within the Data

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast hosted by Tom Fox. This podcast features an in-depth conversation about the uses of data and data analytics in compliance programs.

The Data Driven Compliance features an insightful discussion between host Tom Fox and guest Dave Crozier from Certa. Dave explains how Certa’s workflow automation platform eliminates swivel chairs, data silos, and process blind spots to make the due diligence process more efficient and trustworthy. They discuss the importance of validating and fact-checking data using validation techniques and exception-based triggers. The conversation also touches on supply chain risk management and the advantages of data-driven controls. Dave emphasizes the need to tailor solutions to an organization’s requirements and resources and benchmark against industry standards. This podcast is a must-listen for compliance officers, board members, and anyone interested in improving their risk management framework. So, tune in to the Data Driven Compliance and learn from industry experts like Tom Fox and Dave Crozier!

 Key Highlights:

·      Digital Transformation and Workflow Automation for Risk Mitigation

·      Importance of Validating Information

·      Supply chain risk management and automation

·      Customized Risk Management Strategies

·      Automation and Transparency for Efficient Compliance

·      Continuous Learning and Workflow Automation in Organizations

 KEY QUOTES:

“I can tell you that, you know, from my own personal experience and our clients’ experiences, that not all data coming from all places is created equal.”

“Having different techniques that could be deployed along the way that don’t add friction to the process. It’s a breadcrumb trailer of authentications that happen for all of these data sources along the way to make sure that, you know, you’re going in the right direction.”

“Think of validating the tax ID that is valid and authentic in the eyes of the registry directly.”

“To be able to capture content and serve it, you know, fit for purpose wise to the user is a critical aspect from our perspective.”

Resources:

Dave Crozier on LinkedIn 

Certa

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

Data Driven Compliance: Mollie Nichols on Law and Data

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, featuring an in-depth conversation around the uses of data and data analytics in compliance programs.

In this episode, Tom welcomes the Co-Founder, CEO of Redgrave Data, Mollie Nichols, for an insightful discussion on the importance of data in legal matters and the use of AI in legal representation. Mollie shares her extensive experience in digital evidence, e-discovery, privacy, and client data and her time as an assistant US attorney in Texas. Redgrave Data’s clients are mainly tech companies facing complex big data legal issues and specialize in providing high-quality services. Mollie discusses how Redgrave Data automates data processes for clients, saving them thousands of dollars a day. They also examine the importance of data governance in corporate governance and analytics tools’ critical role, particularly in the legal industry. To learn more about Redgrave Data’s services, head to their website. Don’t miss this engaging and informative episode of Data Driven Compliance.

Key Highlights

· Preserving Data Compliance

· The Power of Technology in Law

· Data visualizations for legal strategy development

· Redgrave’s Data Governance Services and ESG

· The Importance of Data and Corporate Governance

· Data Governance and Analytics in the Cloud

 KEY QUOTES

“It’s really important to understand what data is in play, what data is relevant to a particular matter so that you can take reasonable steps to preserve it.”

“Most of our clients at this point are tech companies that expect from their legal representation that their lawyers will be dealing with their issues using the same type of technology that they would expect to use in their business.”

“I had a team of developers that would quickly put together some sort of utility… And we had tools that we built that we saved clients millions of dollars in a very short fashion.”

“It’s taking that type of information and being able to present it meaningfully. But we do that through using these tools.”

Resources:

Mollie Nichols on LinkedIn 

Redgrave Data

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Principled Podcast

Principled Podcast – S9 E13 – Is Your Hotline Running Cold? How To Get Meaningful Data from Internal Reporting.

What you’ll learn on this podcast episode

Do hotlines really work? According to the 2019 Global Business Survey conducted by the Ethics and Compliance Initiative, only 6% of E&C complaints went to hotlines, compared to 51% to direct supervisors and the remainder to higher management or human resources. So why are so many E&C programs—not to mention boards of directors—relying principally on hotline data to assess company culture and compliance? In this episode of LRN’s Principled Podcast, Susan Divers talks about reimagining hotlines with Scott Sullivan, the chief integrity and compliance officer at Newmont Corporation. Listen in as Scott shares how his team reinvented Newmont’s hotline channel and reporting process to separate the wheat from the chaff and gain meaningful information.

Guest: Scott Sullivan

Headshot_Scott_S7E18

Scott Sullivan is the Chief Integrity & Compliance Officer of Newmont Corporation, the world’s leading gold company. Newmont has approximately 15,000 employees and 15,000 contractors and has 12 operating mines and 2 non-operated JVs in 9 countries. Mr. Sullivan oversees, develops, implements, and manages Newmont’s integrity and compliance program including ethics, anti-bribery, corporate investigations, and global trade compliance. Previously, Mr. Sullivan was the Chief Ethics & Compliance Officer of a global manufacturer of fluid motion and control products with approximately 17,000 employees operating in 55 countries. Mr. Sullivan has written and contributed numerous articles on compliance programs, anti-bribery/FCPA, export controls, economic sanctions, and other ethics and compliance topics to a variety of publications. Mr. Sullivan is also a frequent local, national, and international speaker, moderator, and conference organizer on compliance, anti-bribery/FCPA, export controls, and economic sanctions.

Host: Susan Divers

Headshot_Susan_Divers_S7E18_Principled_Podcast

Susan Divers is a senior advisor with LRN Corporation. In that capacity, Ms. Divers brings her 30+ years’ accomplishments and experience in the ethics and compliance area to LRN partners and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance and substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Mrs. Divers’ background includes more than thirty years’ experience practicing law in these areas. Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative.

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008.

She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. Mrs. Divers’ most recent publication is “Balancing Best Practices and Reality in Compliance,” published by Compliance Week in February 2015. In her spare time, she mentors veteran and university students and enjoys outdoor activities.

Categories
Data Driven Compliance Innovation in Compliance

Daniel Villani on the Using the Right Data

Data Driven Compliance, hosted by Tom Fox, is a podcast featuring an in-depth conversation about the uses of data and data analytics in compliance programs. In this episode, host Tom Fox visits Daniel Villani from Villani Analytics. Daniel has an extensive 15-year background in technology, specifically working with medium to large businesses. They discuss Enterprise Resource Planning (ERP) and Enterprise Performance Management (EPM) software, vendor selection, audibility, and ESG reporting. Daniel emphasizes the importance of data utilization and integration, offering solutions and advice on the best solutions to stay competitive. Listeners can learn more from Daniel’s YouTube channel, Villani Analytics, and LinkedIn profile.

Key Highlights

·      ERP & EPM Explained

·      Data Privacy and Security in Financial Technology Solutions

·      Ensuring Data Accuracy and Quality Assurance Through Governance

·      The Importance of Documentation in Vendor Selection

·      Utilizing Data Analytics to Get Insights

·      Benefits of Implementing Environmental, Social, and Governance Programs

·      Building Data Streams: Connecting Siloed Data for Success

Notable Quotes

1.     ” I laugh because it sounds completely imaginative, but you’d be surprised how many organizations and some of the leading organizations and fortune 500 ones are relying on somebody’s word that their numbers are okay.”

2.     “I take the, you know, the full unbiased approach where I’m happy to recommend the system that I don’t implement just because I don’t do it for the money that comes out of it. I do it to make sure that you get the right solution for your business.”

3.     “It’s also equally important to ensure that you have the documentation around your governance in place.”

4.     “The companies that are going to bring it together in the most meaningful way are the ones that are going to better compete in their industry.”

 Resources

Daniel Villani on LinkedIn

Villani Analytics

Categories
Innovation in Compliance

The Data Confident Internal Auditor with Yusuf Moolla


 
Tom Fox welcomes Yusuf Moolla on this episode of the Innovation in Compliance Podcast. Yusuf is a Director at Risk Insights, co-cost of The Assurance Show Podcast, and co-author of The Data Confident Internal Auditor. He joins Tom to talk about how compliance professionals can utilize data analytics, data governance, and internal auditing.
 

 
Best Approaches To Data
The easiest way to approach data, Yusuf suggests, is to think about it as another form of evidence. “Over the years we’ve collected lots of manual documents as evidence…Data is just another piece of evidence,” he tells Tom. Data can be used by anybody, and it is very simple to do so. Currently, there has been an emergence of open-source tools to process data which has made it easier and cheaper for individuals. These open source tools have made it safer as well, as there are options to look into the source code for digital traps. Visualization is another approach to data that individuals can utilize. While relatively new, being able to visualize techniques both in terms of exploring and explaining data is becoming something that is gaining traction in the data analytics world. 
 
Internal Auditing Approaches
Yusuf explains to Tom that there are four main data approaches to consider when doing internal audits:

  • Data being used purely for reporting
  • The data-driven approach where the data does the talking
  • The process-focused approach
  • The hypothesis-focused approach

There are similarities between the process and hypothesis approaches. The process-focused approach has been the traditional way of doing audits. Over the years, however, it’s become less about how the process is done to achieve the intended result; it’s now about what the auditing result is. “So it’s not about looking at whether a process actually works the way that it’s been designed, it’s about looking at whether the process is working in the way in which it’s intended to be able to achieve its outcome,” Yusuf adds. 
 
Data Governance in Auditing
Making sure that data doesn’t fall into the wrong hands as an auditor is one of the main facets of data governance. It is a very basic and traditional approach, but over the years professionals have been implementing it in an overzealous way. This can hinder the ability to create value through data. Yusuf suggests a slight reverse approach where everyone has access to data unless there is a specific reason for them not to. “We want to keep a range of data elements secure, but others we want to open up,” Yusuf tells Tom. 
 
A Look Ahead
Tom asks Yusuf what the future of data analytics, data governance, and internal auditing will look like in the coming years. Yusuf explains that there will be a greater use of data science, and a greater use of data within internal audit without the need for data scientists and specialists. More practitioners will be getting into, and understanding IT, and more people will be using data for themselves. This will free the data scientists from the more mundane tasks, so they will have time to dedicate to the more advanced techniques. The same would apply for compliance as well. 
 
Resources
Yusuf Moolla | LinkedIn
Risk Insights
The Assurance Show
The Data Confident Internal Auditor