Tag: governance

Categories
Great Women in Compliance

Great Women in Compliance: The New Architecture of Legal and Compliance with AI

In this episode of Great Women in Compliance, Dr. Hemma R. Lomax speaks with Sam Flynn, co-founder of Josef, about the transformation of legal and compliance functions through technology. They discuss the importance of human-centered design, the role of AI in legal architecture, and the need for trust in AI tools. Sam shares his journey from creating Myki Fines to building self-service legal solutions that bridge the access-to-justice gap. The conversation emphasizes the importance of user experience, governance practices, and the need to rethink traditional professional roles in the legal field.

Takeaways:

  • Legal and compliance functions must evolve to be more human-centered.
  • AI can significantly enhance legal decision-making processes.
  • Trust in technology is crucial for successful implementation.
  • User experience should be prioritized in legal tech solutions.
  • Automation can free up valuable time for legal professionals.
  • Access to justice is a critical issue that can be addressed with technology.
  • Rethinking traditional roles in law can lead to better outcomes.
  • Data-driven insights can improve compliance practices.
  • Collaboration between experts and end-users is essential for success.
  • Legal technology should focus on delivering real value to users.

Sound Bites:

  • “AI should unleash human potential.”
  • “Trust is the key to unlocking value.”
  • “We need to build trust in our technology.”

Chapters:

00:00 Introduction to Legal Transformation

02:32 The Journey of Sam Flynn and Mickey Finds

05:30 Rethinking Legal Systems and Design

08:10 Substance Over Form in Legal Processes

10:56 The Role of AI in Legal Architecture

13:39 Building a Legal Front Door

16:24 User Experience in Compliance

18:54 Engagement and Data Utilization

21:56 The Future of Legal Workflows

24:29 Deciding Between Automation and Human Input

26:56 Navigating High-Risk Inquiries

27:50 Strategic Automation for Stakeholder Engagement

28:58 The Importance of Human Expertise in AI

30:57 Transforming Fear into Opportunity with AI

32:59 Building Trustworthy AI in Legal Settings

36:56 Governance Practices for AI Deployment

43:51 Access to Justice: Bridging Gaps with Technology

Guest Biography:

Sam Flynn is the Co-Founder and Chief Operating Officer of Josef, a legal automation platform that empowers legal and compliance teams to create reliable, self-serve tools — no coding required. In his role, Sam leads Josef’s business operations, governance, marketing, and customer success functions, scaling both product impact and organizational trust.

An ex-BigLaw litigator and experienced legal technologist, Sam has long been passionate about using technology to bridge the access-to-justice gap and elevate the delivery of legal services. In 2016, he built Myki Fines, a public-facing legal tech solution that attracted more than 60,000 users in its first month and helped catalyze reforms to unfair laws.

At Josef, Sam combines legal expertise with product and operational leadership to help teams rethink how legal and compliance work gets done — shifting from inbox-driven bottlenecks to strategic architectures that deliver decision-useful guidance at scale. He is a frequent speaker on generative AI in legal, a board member of the Center for Legal Innovation, and an advocate for human-centered legal design.

Categories
Great Women in Compliance

Great Women in Compliance: Why Decision Rubrics Matter in the Age of AI with Hemma Lomax and Shalini Rajoo

In this conversation, GWIC host Dr. Hemma R. Lomax and Shalini Rajoo explore the critical role of decision rubrics in governance, accountability, and trust, especially in the context of AI. Shalini shares her journey from law to compliance, emphasizing the importance of understanding systems and the impact of leadership on decision-making processes. They discuss how transparency and clarity in decision-making can build trust within organizations and the necessity of responsible AI governance. Practical tips for improving decision quality are also provided, highlighting the importance of self-awareness and critical thinking in leadership.

Takeaways:

  • The biggest risk in governance is unclear decisions.
  • AI amplifies existing clarity or confusion in decision-making.
  • Systems and rules reflect the identities of their architects.
  • Everyone has an impact on those around them every day.
  • Leadership is about improving the people around you.
  • It’s not just about rules; it’s about how people behave.
  • Decision rubrics provide consistency and predictability in outcomes.
  • Transparency in decision-making processes builds trust.
  • Slowing down to ask questions can lead to better decision-making.
  • Writing down the reasons for decisions brings clarity and accountability.

Sound bites:

“Systems and rules are not inherently neutral.”

“Transparency in decision making builds trust.”

“Slow is smooth, and smooth is fast.”

Chapters:

00:00 Introduction to Decision Rubrics and Governance

02:55 Shalini’s Journey: From Law to Governance

06:09 The Impact of Systems on Leadership and Accountability

09:09 Transitioning to Compliance and Ethics

11:49 Understanding Decision Rubrics in Compliance

15:06 The Role of Leadership in Decision Making

18:03 Designing Conditions for Effective Decision Making

20:47 The Importance of Transparency in Decision Processes

24:09 Decision Rubrics: Building Trust in Organizations

26:49 AI and Governance: Leadership Infrastructure Failures

29:47 Responsible AI: The Role of Ethics and Compliance

32:55 Practical Tips for Improving Decision Quality

36:00 Conclusion: The Future of Decision Making in AI

Guest Biography:

Shalini Rajoo is the Founder and Principal Consultant of Shalini Rajoo Advisory, LLC, where she partners with organizations to design governance, compliance, and decision-making systems that are resilient, trustworthy, and aligned to real operational pressures. Across more than two decades in law, compliance, HR, and organizational leadership, Shalini has helped companies and leaders move beyond check-the-box frameworks to build structures that embed accountability, clarity, and performance into everyday decisions.

She began her career in South Africa, first as a public prosecutor and then leading regulatory work with the Department of Trade and Industry, collaborating with legislative and executive stakeholders on corporate, competition, and consumer law. After relocating to the U.S., Shalini practiced commercial litigation. She later served as Director of Global Business Conduct for a Fortune 500 company, where she redesigned ethics and compliance systems, led global risk assessments, and championed psychological safety and integrity-based practices.

Today, Shalini’s work centers on helping leaders clarify decision rights, governance architectures, and accountability pathways — especially as organizations adopt AI and automation. She recently spoke at the Opal Group’s Corporate Governance & Ethics in the Age of AI conference, where she reframed AI governance as a leadership-infrastructure challenge rather than a purely technical or compliance one.

Categories
Blog

Greek Philosophers Week: Part 2 – Plato and Building Ethical Governance Systems

In Part 2, we continue our exploration of the origins of the modern corporate compliance organization, tracing them back to the ancient Greek philosophers, including Plato. Socrates teaches the compliance professional how to ask the right questions. But questions alone do not protect an organization. They must be translated into governance, structure, and systems that endure. That is where Plato becomes indispensable to the modern compliance conversation.

Plato’s great concern was not whether people could articulate values, but whether societies could be structured to sustain them. His work, particularly The Republic, focuses on justice, leadership, and the design of institutions that align individual behavior with the collective good. For corporate compliance professionals, this is familiar terrain. The DOJ Evaluation of Corporate Compliance Programs (ECCP) is fundamentally a governance document. It asks whether companies have built systems that make ethical behavior the default rather than the exception.

If Socrates is the conscience of the compliance function, Plato is its architect. Think Joe Murphy and his weekly compliance newsletter, Compliance & Ethics: Ideas and Answers.

From Ethical Inquiry to Institutional Design

Plato understood a core truth: that good intentions fail without structure. In the Allegory of the Cave, Plato describes people mistaking shadows for reality because the system around them reinforces illusion. In corporate compliance, the same dynamic occurs when incentives, reporting lines, and performance metrics reward behavior that quietly contradicts stated values.

The ECCP repeatedly asks whether a company’s compliance program is “well designed.” That phrase is not accidental. Prosecutors examine reporting structures, escalation pathways, authority, and resources because ethics without governance is aspirational theater. Plato would recognize this immediately. Justice, in his view, emerges when each part of a system performs its proper role in harmony with the whole.

Daily compliance operations live or die by this design. A hotline without investigation authority, training without consequence management, or policies without ownership all create shadows on the wall. Plato teaches that governance must align form and function.

Justice as Consistency, Not Sentiment

Plato’s conception of justice is not emotional. It is structural. Justice exists when rules are applied consistently, and roles are respected. That lesson maps directly onto compliance enforcement and discipline. The ECCP places heavy emphasis on consistent discipline across the organization, including senior management, and asks the following question: Have disciplinary actions and incentives been fairly and consistently applied across the organization? Does the compliance function monitor its investigations and resulting discipline to ensure consistency? Are there similar instances of misconduct that were treated disparately, and if so, why? What metrics does the company apply to ensure consistency of disciplinary measures across all geographies, operating units, and levels of the organization?

This is Organizational Justice. Regulators know that selective enforcement erodes credibility faster than almost any policy failure. Employees watch how decisions are made. They see who is protected and who is expendable. In daily operations, this requires compliance professionals to insist on fairness even when outcomes are uncomfortable. Investigations must follow evidence, not hierarchy. Remediation must address systemic failures, not just individual misconduct. Plato reminds us that justice perceived as arbitrary is, by another name, injustice.

Governance Structures Are Ethical Decisions

Plato believed that leadership structure determined ethical outcomes. His concept of philosopher-kings was not an elitist fantasy. It was an argument that power should rest with those who possess both knowledge and virtue. Modern compliance programs face a parallel challenge. Who owns compliance? To whom does it report? Does compliance have direct access to the board? Can it act independently of revenue pressure? These are not administrative questions. They are ethical ones.

The ECCP explicitly evaluates whether compliance has sufficient autonomy, stature, and authority. Does a corporate compliance function have (1) sufficient qualifications, seniority, and stature (both actual and perceived) within the organization; (2) sufficient resources, namely, staff to undertake the requisite auditing, documentation, and analysis effectively; and (3) sufficient autonomy from management, such as direct access to the board of directors or the board’s audit committee.

A compliance program buried several layers below decision-makers may exist on paper, but it cannot function effectively. Plato would argue that such a structure inevitably leads to injustice, regardless of intent. In practice, this means compliance leaders must engage in governance conversations, not just operational tasks. Reporting lines, committee charters, and escalation protocols shape behavior long before a policy is breached.

Education, Culture, and Ethical Formation

Plato placed enormous emphasis on education as the foundation of a just society. He understood that laws and punishments alone do not produce ethical citizens. Formation matters. The ECCP reflects this insight by focusing on training effectiveness, communication, and culture. The key is effectiveness. In training, the DOJ asks the following question: Has the training been offered in a format and language appropriate for the audience? Are the company’s training and communications tailored to the particular needs, interests, and values of relevant employees? Is the training provided online or in-person (or both), and what is the company’s rationale for its choice? This means prosecutors will ask whether training is tailored, interactive, and aligned with real-world risk. Checkbox training produces compliance in name only.

Daily compliance work must therefore treat education as formation rather than instruction. Training should reinforce ethical reasoning, not just rules. Communications should explain why standards exist, not merely what they prohibit. Plato teaches that culture is cultivated deliberately, not imposed.

The Cave and Ethical Blindness in Organizations

Perhaps Plato’s most powerful contribution to compliance thinking is the Allegory of the Cave. It explains how intelligent people can remain blind to obvious risk when systems reinforce false narratives.

In corporate settings, ethical blindness often arises from success. When revenue grows and deals close, warning signs are rationalized. Compliance concerns become shadows, dismissed as theoretical or pessimistic. The ECCP’s focus on continuous improvement and periodic testing is a direct response to this risk. Compliance professionals must act as those who have seen the light and returned to the cave, even when their message is unwelcome. Plato warns that truth-tellers are rarely celebrated. Yet without them, organizations mistake comfort for compliance.

5 Key Takeaways for the Compliance Professional

1. Ethical inquiry must be translated into governance.

Asking the right questions is essential, but compliance programs fail when inquiry does not result in structural change. Plato teaches that ethics must be embedded in systems, reporting lines, and decision-making authority. The ECCP reinforces this by evaluating program design, autonomy, and oversight. Compliance professionals must ensure that insights from risk assessments and investigations lead to governance adjustments. Without that translation, ethical awareness fades, and misconduct reemerges under familiar pressures.

2. Justice in compliance is consistency, not discretion.

Plato’s concept of justice demands consistent application of rules regardless of status or performance. The ECCP mirrors this expectation by scrutinizing discipline across seniority levels. Daily compliance operations must reinforce fairness through objective investigations, documented decisions, and transparent remediation. Selective enforcement undermines trust, weakens culture, and signals that ethics are negotiable. Justice must be structural, not situational.

3. Reporting lines and authority are ethical decisions.

Where compliance sits in the organization determines whether it can function effectively. Plato understood that leadership structure shapes outcomes. The ECCP evaluates compliance independence because authority enables ethical action. Compliance professionals must engage in governance discussions to ensure direct access to decision-makers and the board. Without structural authority, even well-intentioned programs become symbolic.

4. Training is ethical formation, not information delivery.

Plato emphasized education as the foundation of justice. Compliance training should shape ethical reasoning, not merely convey rules. The ECCP expects tailored, risk-based training connected to real-world scenarios. Daily operations should reinforce values through ongoing communication and leadership modeling. Culture forms through repetition and example, not annual courses.

5. Ethical blindness thrives in poorly designed systems.

The Allegory of the Cave explains how organizations normalize risk when systems reward illusion. Compliance professionals must challenge comfortable narratives and continuously test assumptions. The ECCP’s focus on monitoring and improvement reflects this need. Plato reminds us that ethical failure often begins with structural blindness, not bad intent.

From Plato to Aristotle: From Structure to Execution

Plato gives compliance professionals the blueprint. He shows how governance structures, justice systems, and educational frameworks translate ethical ideals into organizational reality. But even the best-designed systems fail if they are not used daily.

That is where Aristotle enters the conversation. Aristotle shifts the focus from ideal structures to practical execution, from governance to habit, judgment, and decision-making at the operational level. If Plato teaches us how to design ethical systems, Aristotle teaches us how people actually behave within them. That transition mirrors the next stage in compliance maturity, where structure meets reality and ethics become a matter of daily choice.

Join us tomorrow in Part 3 to find out how.

Categories
Sunday Book Review

Sunday Book Review: April 14, 2024 Compliance Books Edition

In the Sunday Book Review, I consider books that would interest the compliance professional, the business executive, or anyone who might be curious.

It could be books about business, compliance, history, leadership, current events, or anything else that might interest me.

In today’s edition of the Sunday Book Review, we look at some of the top books on compliance you should read in 2024.

  • The Business Guide to Effective Compliance and Ethics, by Tony Osborn and Andrew Hayward
  • How to be a Wildly Effective Compliance Officer by Kristy Grant-Hart
  • Fully Compliant by Travis Waugh
  • Governance, Risk Management and Compliance by Richard Steinburg

Resources:

The best compliance books for 2024

For more information on Ethico and a free White Paper on ROI for your compliance program, click here.

Categories
Innovation in Compliance

Integrity Matters: Exploring the NDAA – Part 4: Changes to Governance


Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which are found the recently passed National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 4, I am joined by Chip Poncy as we consider some of the new governance models under the NDAA.
Join us tomorrow as we conclude our podcast series by taking the long view with Gail Fuller.
For more information go to the K2 Integrity website.
For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.