Tag: Hemma Lomax

Categories
Blog

The Culture Builder’s Trilogy: Part 2 – The Art of Implementation: Where Compliance Culture Lives or Dies

Ed. Note: We are in the midst of a three-part blog post series on three recent books by Hemma Lomax and Ashley Dubriwny. There are The Art of Ideation, The Art of Celebration, and The Art of Implementation.

If The Art of Ideation is about imagining better compliance, The Art of Implementation is about making it real. Hemma Lomax and Ashley Dubriwny write that implementation is where culture lives or dies. That single sentence could serve as a mission statement for every Chief Compliance Officer.

Compliance professionals know this problem well. A program can include a strong code of conduct, a comprehensive policy inventory, a well-designed training calendar, a hotline, third-party procedures, and investigation protocols. Yet the DOJ does not ask whether a company has merely created compliance artifacts. It asks whether the program works in practice. It goes directly to the DOJ’s Evaluation of Corporate Compliance Programs (ECCP). The ECCP continues to ask whether a program is well-designed, adequately resourced, empowered to function effectively, and working in practice. That is why The Art of Implementation matters. It moves from aspiration to action. It asks how values become systems, how ideas become habits, and how culture becomes durable.

Lesson One: Mindset Before Method

The book begins with a critical insight: implementation begins with how you think. Lomax and Dubriwny identify four commitments of the culture builder’s mindset: empathy before enforcement, curiosity over control, influence rather than insistence, and legacy as a lens. For compliance professionals, this is not a rejection of enforcement. It is a recognition that enforcement without trust creates fear, not culture. A CCO must enforce standards, discipline misconduct, and protect the company. But a CCO must also understand why employees resist, where controls create friction, and how people make decisions under pressure.

This is the difference between a compliance function that says “no” and one that helps the business get to “yes, with controls.” The former may be respected in moments of crisis. The latter is trusted before the crisis arrives.

Lesson Two: Think, Build, Ship, Adopt, Tweak

One of the strongest frameworks in the book is the five forces of implementation: think, build, ship, see it adopted, and tweak. The model is practical and deeply consistent with the ECCP. “Think” means design the change with empathy. “Build” means operationalize the intention. A ship means starting before every detail is perfect. Adoption means embedding the practice into the culture. “Tweak” means to learn, adjust, and improve.

This is what compliance program effectiveness should look like. A CCO should not wait three years to discover that annual training did not change behavior. A third-party control should not remain unchanged after repeated red flags. An AI acceptable use policy should not sit static while employees quietly adopt new tools. A speak-up program should not wait for a scandal before testing whether employees trust it. The compliance application is straightforward. Build compliance like a product. Test. Measure. Listen. Improve.

Lesson Three: Alignment Accelerates Implementation

The book’s discussion of alignment is essential for compliance. Lomax and Dubriwny use Ocean’s Eleven as a cultural reference point. The plan works not because one person is brilliant, but because purpose, people, and process are aligned. Implementation fails when a good idea lacks the right coalition, operational fit, or timing.

This is a core challenge for the CCO. Compliance cannot implement an effective third-party program without the support of procurement, finance, legal, sales, audit, and business leadership. Compliance cannot govern AI without IT, data science, privacy, cybersecurity, HR, legal, and business users. Compliance cannot build a speak-up culture without managers. Stakeholder mapping is therefore not an administrative exercise. It is a governance control. It identifies who can accelerate the initiative, who can block it, who must own it, and who must maintain it after launch.

Lesson Four: Find Failure First

The pre-mortem section of The Art of Implementation is one of the most useful tools for compliance professionals. The authors ask teams to imagine that an initiative has failed and then work backward to identify why. This is precisely how CCOs should approach major program changes. Before launching a new hotline platform, ask why employees might still avoid reporting. Before deploying AI-assisted monitoring, ask about potential privacy, bias, transparency, and explainability concerns. Before rolling out a third-party due diligence platform, ask why business teams might work around it. Before redesigning incentives, ask what unintended behaviors the new metrics could create.

Pre-mortems are internal controls in action. They force the organization to identify failure modes before the market, the regulator, the whistleblower, or the plaintiff does. They can be and are a powerful tool at your disposal as a CCO or compliance professional.

Lesson Five: Movements Beat Mandates

A particularly powerful theme in the book is the distinction between mandates and movements. Mandates may produce obedience. Movements produce ownership. For compliance professionals, this is a critical distinction.

The Wells Fargo fake sale scandal remains a cautionary tale about mandates, metrics, and fear-based performance pressure. Employees may comply with the apparent demand for results while violating the organization’s deeper values. That is why incentives matter. The DOJ has emphasized that companies should use both incentives and consequences to promote compliance. Its compensation and clawback pilot report states that affirmative metrics and benchmarks can reward compliance-promoting behavior and that financial penalties can deter risky behavior.

This is where compliance culture becomes real. Employees need to see that ethical leadership, controlled discipline, speaking up, and responsible business performance are recognized, promoted, and rewarded. They also need to see that misconduct, retaliation, and willful blindness have consequences.

Compliance Application

The CCO’s implementation challenge is to convert program design into operational evidence. That evidence includes adoption data, control testing, investigation metrics, remediation tracking, third-party monitoring, AI use inventories, exception reporting, and incentive alignment. Implementation also requires courage. A CCO must be willing to ship pilots, gather feedback, and make changes. The compliance function must stop equating launch with success. Launch is the beginning. Adoption, evidence, and improvement are the proof.

CCO Questions

  • Which compliance initiatives have been launched but not adopted?
  • Do we have stakeholder maps for our most important compliance priorities?
  • Are we running pre-mortems before major program changes, including AI governance, third-party risk, speak-up enhancements, and incentive redesign?
  • Do our incentives reward ethical behavior, promote control over ownership, and ensure transparency?
  • What compliance practices would continue if the current CCO left tomorrow?

Practical Takeaways

  1. Identify one compliance initiative that stalled and run a pre-mortem on why it failed.
  2. Build a stakeholder map for AI governance or third-party risk.
  3. Convert one compliance aspiration into a measurable operating practice.
  4. Review incentives and promotion criteria for compliance signals.
  5. Treat implementation as the evidence layer of the compliance program. Regulators do not reward intentions. They evaluate what works.

Implementation is where compliance culture is tested. It is where the organization discovers whether its ideas can survive business pressure, competing priorities, operational friction, and human resistance. Yet even the best-implemented program must still be sustained. Controls must be reinforced. Speak-ups must be protected. Ethical behavior must be recognized. Employees should see that integrity, not just performance, is valued by the organization. That is the work of the third book in the trilogy, The Art of Celebration.

Join us tomorrow for Part 3, where we will turn to celebration as a compliance discipline and explore how recognition, incentives, rituals, morale metrics, and cultural memory shape what employees believe the company truly values.

Categories
Blog

The Culture Builder’s Trilogy: Part 1 – The Art of Ideation: Compliance Begins with Better Questions

Ed. Note: over the next three blog posts, I will be running a short series on three recent books by Hemma Lomax and Ashley Dubriwny. There are The Art of Ideation, The Art of Celebration, and The Art of Implementation.

Hemma Lomax and Ashley Dubriwny’s The Art of Ideation is, on one level, a practical guide for culture builders. On another level, it is a challenge to compliance professionals: stop treating compliance as a function that merely publishes rules, delivers training, and waits for reports. Start treating compliance as a discipline of curiosity, engagement, design, and shared intelligence.

The book begins with a simple but powerful premise. Culture builders need ideas, but more importantly, they need the skill to generate better ideas through peer ideation, storytelling, and crowdsourcing intelligence. Lomax and Dubriwny describe the spark that came from compliance professionals exchanging creative approaches at a conference table and then ask why that energy should be limited to a once-a-year event. Their answer is to make ideation intentional, repeatable, and community-based.

For compliance professionals, this is not a soft concept. It goes directly to the DOJ’s Evaluation of Corporate Compliance Programs (ECCP). The ECCP continues to ask whether a program is well-designed, adequately resourced, empowered to function effectively, and working in practice. The compliance lesson from The Art of Ideation is clear: a program that does not ask better questions will not get better answers.

Lesson One: Know Your Audience Before You Design the Control

One of the book’s strongest lessons comes from the São Paulo story. Hemma arrives in Brazil to speak to more than 200 sales executives. Rather than deliver a generic compliance presentation, she uses images and experiences from the city itself to connect with the local audience. The lesson is not simply that visuals work. The deeper lesson is that compliance must demonstrate cultural awareness before it asks for behavioral change.

Too many compliance programs are still designed from the top down. Policies are written in legal language. Training is translated late, if at all. Hotline posters are posted in areas where employees do not work. Codes of Conduct speak to an imagined employee rather than the actual workforce.

The ECCP lens is unforgiving here. A risk-based program must be tailored to the company’s risk profile, business model, workforce, geography, and operations. If field employees, sales teams, or third-party-facing personnel cannot access guidance in the moment of need, the control may exist on paper but fail in practice.

Lesson Two: Storytelling Is a Control Enhancement

Dubriwny’s discussion of training emphasizes that facts alone rarely change behavior. Stories create context, emotion, and recall. In compliance, that matters because most misconduct does not arise from someone misunderstanding a policy title. It arises in moments of pressure, ambiguity, fear, loyalty, or perceived business necessity. A good compliance story can show what a conflict of interest feels like. It can show why a facilitation payment creates risk. It can show how retaliation begins quietly. It can show a manager what it means to receive a concern well.

This is especially important for a culture of speaking up. Employees do not speak up because a poster says they can. They speak up because they believe the organization will listen, protect them, and act. The Art of Ideation repeatedly returns to the need to meet people where they are, involve them, and design engagement pathways that feel safe. That maps directly onto the ECCP’s focus on confidential reporting, anti-retaliation, and investigation processes, as well as employees’ trust in those systems.

Lesson Three: The Code of Conduct Should Be Designed to Work

The book’s chapter on Codes of Conduct is especially useful for CCOs. It asks whether the Code is an external artifact, a regulatory box-checking document, or a decision-making tool for employees. The answer should be all the above, but the priority must be the employee user. That is a powerful compliance point. A code should not merely state values. It should operationalize them. It should be accessible, visually clear, mobile-friendly, translated appropriately, and supported by examples that reflect real roles, geographies, and pressures. The authors argue that a Code should be co-created, tested, and designed so people can see themselves in it.

This has implications for internal controls. A policy no one reads is not a meaningful control. A code no one uses is not a cultural anchor. A decision tree that helps an employee escalate a third-party red flag is more valuable than a beautifully written paragraph no one remembers.

Lesson Four: Crowdsourcing Risk Intelligence Is Compliance Modernization

Perhaps the most compliance-relevant section of the book is the discussion of crowdsourcing intelligence. Lomax and Dubriwny argue that leadership does not have a monopoly on the perspectives needed to identify risk. Employees across functions, geographies, and levels see vulnerabilities long before they appear in formal reporting channels. This is exactly where modern compliance must go. Annual risk assessments remain useful, but they are not enough on their own. A CCO needs real-time, near-real-time, and frontline input. This includes surveys, focus groups, collaboration tools, investigation themes, hotline trends, third-party feedback, and data analytics.

AI governance fits here as well. The book encourages responsible experimentation with AI, including using AI to make policies more accessible, generate first drafts, synthesize information, and provide decision-useful guidance. In compliance terms, AI should not be a gimmick. It should be governed, risk-assessed, monitored, and used to improve the employee experience.

Compliance Application

For the compliance professional, ideation is not brainstorming for its own sake. It is how the CCO identifies gaps, improves controls, tests training, strengthens speak-up systems, modernizes the Code, and uses AI responsibly. It is how compliance moves from headquarters’ assumptions to operational intelligence.

The lesson is also relevant to investigations. The book’s discussion of investigations emphasizes empathy, transparency, gratitude toward participants, and learning from the process. That is an important reminder that investigations are not simply fact-finding exercises. There are moments when employees decide whether the compliance function is credible.

CCO Questions

  • Does our compliance function know how employees actually experience our Code, training, reporting channels, investigation process, and third-party controls?
  • Are we using peer ideation, frontline feedback, and cross-functional input to improve the program?
  • Where are we still relying on headquarters assumptions rather than operational evidence?
  • How are we using AI to improve accessibility, consistency, risk sensing, and employee guidance without weakening confidentiality, privacy, or human judgment?

Practical Takeaways

  1. Redesign one compliance communication from the user’s perspective. Make it shorter, clearer, more accessible, and easier to act on.
  2. Create an ideation circle around one major compliance risk, such as third-party due diligence, gifts and entertainment, speaking up, or AI use.
  3. Test your Code of Conduct with employees from different geographies and functions before the next refresh.
  4. Add crowdsourced risk intelligence to your risk assessment process.
  5. Treat ideation as a compliance control. Better questions produce better evidence, and better evidence produces a more effective program.

Ideation is where the compliance professional begins to see what is possible. It gives the CCO better questions, stronger engagement, richer risk intelligence, and a more human understanding of how employees experience the program. But ideas alone do not create culture. A redesigned code, a better speak-up message, a sharper AI policy, or a new third-party risk insight only matters if it moves from concept to practice. That is where the second book in the trilogy, The Art of Implementation, takes us next.

Join us tomorrow in Part 2, where we will examine how compliance professionals turn good ideas into operating discipline through alignment, stakeholder ownership, pre-mortems, adoption, incentives, and the hard work of making values real inside the business.

Categories
Blog

Celebrating 300 Episodes of Great Women in Compliance: A Movement, Not Just a Podcast

Reaching 300 episodes is no small feat in the world of podcasting. It takes vision. It takes discipline. It takes community. Most of all, it takes purpose. The Great Women in Compliance (GWIC) podcast has reached that remarkable milestone, and it is worth pausing to celebrate what this achievement truly represents. This is not simply the longevity of a show. It is the sustained elevation of voices that has reshaped the compliance profession.

From its founding by Lisa Fine and Mary Shirley to its current hosting team of Lisa Fine, Hemma Lomax, Sarah Hadden, and Ellen Hunt, GWIC has become far more than a podcast. It has become a platform, a mentoring network, and a cornerstone of the compliance community. As part of the Compliance Podcast Network, I am proud to say it stands as one of the most impactful and influential voices in our profession.

The Vision of the Founders

When Lisa Fine and Mary Shirley launched GWIC, they did so with a simple but powerful idea: compliance needed more visible female leadership, more shared stories, and more authentic conversations. Compliance has long been a profession filled with talented, capable, and principled women. Yet historically, their voices were not always amplified equally. The founders recognized that gap and moved to close it.

They did not create a show focused narrowly on technical guidance. They created a forum for professional development, ethical leadership, resilience, career navigation, and community building. They humanized compliance. That matters because compliance is often framed in terms of policies, controls, investigations, and enforcement actions. Great Women in Compliance reframed the conversation around leadership journeys, decision-making under pressure, cultural intelligence, and personal growth. Three hundred episodes later, that founding vision continues to define the show.

The Evolution of Leadership

As the podcast matured, leadership transitioned in a way that mirrors the very principles the show promotes: succession, collaboration, and shared stewardship. Today, the podcast is hosted by Lisa Fine, joined by Hemma Lomax, Sarah Hadden, and Ellen Hunt. Each brings a distinct voice and perspective to the table.

Hemma Lomax contributes a global compliance lens, grounded in regulatory rigor and practical implementation. Sarah Hadden brings strategic governance insight and a board-facing perspective that resonates deeply with senior leaders. Ellen Hunt offers a powerful blend of ethics, integrity, and operational expertise that connects culture to controls. Lisa Fine is well, Lisa Fine, a woman who, along with Mary Shirley, changed the world of compliance.

This team dynamic demonstrates an important aspect of modern compliance leadership: it is not hierarchical. It is collaborative. The podcast models what strong compliance programs aspire to achieve internally: diverse voices, respectful dialogue, and shared accountability.

Why GWIC Matters

The question is not simply why the podcast has endured. The question is: why has it become essential listening for compliance professionals worldwide? There are several reasons.

1. It Elevates Role Models

You cannot be what you cannot see. Great Women in Compliance has consistently highlighted leaders at every stage of their careers, from emerging professionals to chief compliance officers. It has provided visibility to talent that might otherwise remain unseen outside corporate walls. That visibility matters for the next generation. Young professionals entering compliance hear real stories of career pivots, setbacks, ethical dilemmas, and leadership breakthroughs. They hear authenticity instead of perfection. That is empowering.

2. It Bridges Technical and Personal Development

Many compliance resources focus exclusively on regulations and enforcement trends. Those are important, but they are not sufficient. GWIC addresses the human dimension of compliance leadership. It tackles topics such as navigating difficult reporting lines, advocating for resources, handling burnout, negotiating compensation, and managing crises. In other words, it addresses the real-world challenges compliance professionals face daily. The result is a podcast that supports both competence and confidence.

3. It Strengthens Community

One of the most underappreciated aspects of compliance is its isolation. Many compliance officers operate in small teams or even as a “team of one.” They often carry heavy responsibility with limited internal allies. GWIC builds connections. Listeners hear their own experiences reflected to them. They gain practical advice. They gain reassurance that their challenges are shared. They gain community. In a profession defined by independence and integrity, community is a powerful counterbalance.

4. It Normalizes Ambition

There was a time when ambition in compliance, particularly among women, was often underplayed. GWIC normalizes aspiration. Guests openly discuss career advancement, executive presence, board interaction, and strategic leadership. They speak candidly about how to position compliance as a value driver rather than a cost center. That message aligns directly with where the profession is headed. Compliance is no longer confined to checking boxes. It is integrated into corporate strategy, enterprise risk management, and ESG initiatives. The podcast reflects that evolution.

A Platform Within the Compliance Podcast Network

GWIC is a proud part of the Compliance Podcast Network, and its success reflects the broader strength of that platform. The Compliance Podcast Network was built on the idea that compliance conversations should be accessible, practical, and forward-looking. GWIC exemplifies that mission. Within the network, the show occupies a unique space. It is simultaneously technical and personal, strategic and relatable. It broadens the conversation while deepening it. Three hundred episodes within a professional niche is not simply a number. It is evidence of sustained engagement, loyalty, and impact.

The Broader Impact on the Profession

Over 300 episodes, GWIC has done more than spotlight individual careers. It has shaped the culture of the compliance profession itself.

It has reinforced that:

  • Ethical leadership is not optional.
  • Diversity of perspective strengthens governance.
  • Mentorship is a professional obligation.
  • Authenticity enhances credibility.
  • Collaboration drives resilience.

These themes echo across boardrooms, regulatory agencies, and multinational corporations. The podcast has helped elevate compliance from a technical specialty to a leadership discipline.

The Power of Continuity

Longevity in podcasting requires consistency. It requires preparation, thoughtful interviewing, and disciplined production. It requires hosts who are willing to invest time week after week. Three hundred episodes represent years of commitment. The founders, Lisa Fine and Mary Shirley, established the tone and purpose. The current hosts, Lisa Fine, Hemma Lomax, Sarah Hadden, and Ellen Hunt, have carried that purpose forward with energy and professionalism. That continuity is itself a lesson for compliance programs. Strong initiatives endure when they are rooted in shared values and supported by collaborative leadership.

Looking Ahead

If the first 300 episodes were about visibility, empowerment, and connection, the next 300 will likely focus on influence. The compliance profession is evolving rapidly. Artificial intelligence, geopolitical instability, sanctions regimes, ESG reporting, and data privacy are reshaping risk landscapes. Compliance leaders must adapt while preserving integrity. GWIC is well-positioned to guide that conversation. The show will continue to highlight leaders who are not only responding to regulatory change but shaping organizational culture.

A Moment Worth Celebrating

Three hundred episodes is a milestone that deserves recognition.

It represents courage in launching something new.

It represents dedication to sustaining it.

It represents leadership in expanding it.

Most importantly, it represents community. GWIC has become essential listening because it speaks to the whole compliance professional, not just the regulator-facing expert, but the mentor, the strategist, the advocate, and the leader.

Congratulations to Lisa Fine and Mary Shirley for their vision. Congratulations to Lisa Fine, Hemma Lomax, Sarah Hadden, and Ellen Hunt for their stewardship. And congratulations to the broader compliance community for embracing a platform that has strengthened us all. Three hundred episodes in, the impact is clear. Great Women in Compliance is not simply a podcast. It is a movement.

Categories
Great Women in Compliance

Great Women in Compliance: Don’t Freak Out: Compliance from a Prosecutor-Defense Lens

Dive into the world of compliance and high-stakes investigations!

In this episode of #GWIC, Hemma Lomax talks with Jamie Hoxie Solano, Partner at Dynamis LLP and former federal prosecutor, about how compliance and legal teams can lead with precision when incidents become investigations—especially where cyber risk and digital assets raise the stakes and the speed.

We cover:

  • What prosecutors look for when assessing credibility and cooperation
  • The “first 72 hours” of an internal investigation: triage, scope, evidence, and governance
  • Why cyber and digital assets matter in changing the evidence trail and the decision timeline
  • How to protect privilege while still moving fast
  • Practical guidance for cross-functional leadership under pressure

Jamie’s Bio

Jamie Hoxie Solano is a Partner at Dynamis LLP and a former federal prosecutor. She represents individuals and companies in high-stakes matters spanning government and internal investigationswhite-collar and regulatory defense, and cybercrime and digital asset disputes.

Before returning to private practice, Jamie served as an Assistant U.S. Attorney in both the Northern District of Texas and the District of New Jersey, working in units including cybercrime and national security, and serving (among other leadership roles) as the Digital Asset Coordinator for the District of New Jersey

She is also an adjunct professor at Seton Hall Law School, where she teaches Persuasion and Advocacy.

Categories
Compliance and AI

Compliance and AI: Navigating the Challenges and Opportunities of Agentic AI in Compliance

What is the intersection of AI and compliance? What about Machine Learning? Are you using ChatGPT? These questions are just three of the many we will explore in this cutting-edge podcast series, Compliance and AI, hosted by Tom Fox, the award-winning Voice of Compliance. Today, the Everything Compliance gang, led by Dr. Hemma Lomax, is considering how to navigate the challenges and opportunities of agentic AI in compliance.

In this episode, we explore the rapidly evolving landscape of Agentic AI and its implications for compliance professionals. Agentic AI, defined as AI that acts autonomously rather than just responding to prompts, presents both significant opportunities and challenges. The technology can optimize risk management and compliance workflows, but it also introduces complexities around accountability, transparency, and oversight. We discuss recent real-world examples of Agentic AI in use, such as in banks and tax agencies, and highlight potential risks, including autonomous collusion and AI agents making unethical decisions. The episode emphasizes the need for compliance teams to shift from monitoring human activities to overseeing intelligent systems, ensuring the establishment of proper guardrails. We also delve into new roles emerging in this landscape, such as AI ethics coaches and agent supervisors, and the importance of human intervention to verify AI decisions. Join the discussion to understand how to navigate this transformative technology responsibly and effectively.

Key highlights:

  • Defining Agent AI
  • Implications for Compliance and Ethics
  • Challenges and Risks of Agent AI
  • Real-Time Compliance and Risk Management
  • Human Oversight and AI Governance

Resources:

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Great Women in Compliance

Great Women in Compliance – Insights from ACI FCPA and Global Anti-Corruption Conference

In this episode of Great Women in Compliance, co-hosts Lisa Fine and Hemma Lomax get a special preview of the 42nd Annual ACI Conference on the FCPA and Global Anti-Corruption. They are joined by two of the conference’s distinguished speakers: Sandra Moser, Partner at Morgan, Lewis & Bockius and former Chief of the DOJ’s Fraud Section, and Kimberly Parker, Partner and Co-Chair of the White-Collar Defense & Investigations practice at WilmerHale.

Sandra and Kimberly share their personal journeys into the white-collar and compliance space, discuss why this conference is a “must-attend” event in the anti-corruption world, and dive deep into their upcoming session topics. Kimberly explores how companies are re-evaluating resource allocation as global priorities evolve, while Sandra tackles the critical compliance challenges of operating in China amid geopolitical tensions.

This episode is a must-listen for practical insights on shifting DOJ expectations, the future of compliance, and tips for any first-time attendees.

 Highlights include:

* Sandra and Kimberly’s Journeys to Compliance

* Spotlight on the ACI FCPA Conference:

* Evolving Priorities & Resource Allocation

* Navigating Compliance in China

* The Future of Compliance

Resources:  

ACI’s 42nd Annual Conference on the FCPA and Global Anti-Corruption (December, Washington, DC – https://www.americanconference.com/fcpa-dc/

* Morgan, Lewis & Bockius: https://www.morganlewis.com/bios/sandramoser

* WilmerHale: https://www.wilmerhale.com/en/people/kimberly-parker

Biographies

Sandra Moser is a corporate investigations authority and trial lawyer who co-leads the firm’s global white collar and investigations practice. She is former chief of the US Department of Justice’s (DOJ’s) Criminal Division, Fraud Section in Washington, DC, and a former Assistant US Attorney (AUSA) for the District of New Jersey. She defends companies, boards, and executives in a wide range of matters—including healthcare and federal program fraud, the False Claims Act (FCA), the Foreign Corrupt Practices Act (FCPA), securities, commodities, and anti-money laundering—involving the DOJ, state attorneys general offices, US Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC), US Congress, and other domestic and international enforcement agencies.

Kimberly A. Parker’s practice focuses on white-collar criminal matters, internal corporate investigations, and compliance counseling. Ms. Parker is vice chair of the firm’s Litigation/Controversy Department, co-chair of the White Collar Defense and Investigations Practice, and co-leads the Foreign Corrupt Practices Act (FCPA) and Anti-Corruption Practice. Ms. Parker is also co-chair of the firm’s Pro Bono and Community Service Committee.

Ms. Parker represents clients in a range of criminal and enforcement matters and also provides compliance and governance advice. She has conducted internal investigations in the United States, Asia, Africa, Europe, and Latin America. She has represented companies and individuals in a variety of FCPA enforcement matters. She also regularly counsels clients facing difficult FCPA issues in a variety of business contexts, and assists clients in developing and implementing FCPA compliance programs and conducting FCPA training. She is a regular speaker at FCPA events.

Categories
Innovation in Compliance

Innovation in Compliance: Dare to Dream: Leveraging AI and Innovation

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox welcomes Dr. Hemma Lomax from DocuSign, Chris Crowder from Airbus, and Vince Walden from konaAI to explore the future of compliance with AI and AgenticAI. This podcast was edited from a konaAI-sponsored webinar. For a link to the full webinar replay, see below.

Our discussion centers around the integration of AI, innovation, and compliance within corporate environments. Chris and Hemma share insights about their current data analytics efforts and the transformative role of AI in enhancing compliance processes. They discuss the importance of human judgment, exploring new technologies, and creating a forward-thinking compliance culture. Audience members are encouraged to think creatively about leveraging technology to address compliance challenges and prepare for a rapidly evolving business landscape.

Key highlights:

  • Current State of AI and Data Analytics in Compliance
  • Challenges and Opportunities in AI Implementation
  • The Role of AI in Risk Management
  • Human Judgment and AI: A Balanced Approach
  • Future of AI in Compliance and Business
  • Future of AI Agents in Compliance

Resources:

For a full replay of the Webinar, click here.

For the konaAI white paper on AgenticAI, click here.

To listen to the award-winning podcast Upping Your Game on the use of AI in a compliance program, click here.

Check out my latest book, Upping Your Game-How Compliance and Risk Management Move to 2023 and Beyond, available from Amazon.com.

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Categories
Everything Compliance

Everything Compliance: Episode 157, The Q2 – 2025, Great Women in Compliance Edition

A few months ago, we hosted a Special Edition of Everything Compliance, featuring the two primary hosts of the Great Women in Compliance, Lisa Fine and Hemma Lomax, along with our female panelists from Everything Compliance, Karen Woody and Karen Moore, all moderated by Kristy Grant-Hart. The episode was so popular (and the host and guests had so much fun) that everyone involved decided to make it a quarterly event. Today’s episode is hosted by Kristy Grant-Hart, with panelists Karen Moore, Lisa Fine, and Hemma Lomax.

Highlights include:

  • Lisa Discusses UK Fraud Prevention Law
  • Hema on the False Claims Act
  • Karen on Compliance, Rewards, and Incentives
  • Exploring Behavioral Science in Business
  • Ethics and Compliance Incentives
  • AI, Blackmail, and Whistleblowing
  • Sentient AI and Ethical Dilemmas
  • Rants and Raves: Compliance and Beyond

The members of this special episode of Everything Compliance (GWIC edition) are:

  • Karen Moore is an Adjunct Law professor at the Fordham School of Law.
  • Lisa Fine – is a co-host of the award-winning Great Women in Compliance.
  • Hemma Lomax– is a co-host of the award-winning Great Women in Compliance.

The host of this special episode of Everything Compliance is Kristy Grant-Hart, VP, Head of Advisory Services at Diligent and co-host of the award-winning podcast 2 Gurus Talk Compliance.

Categories
Upping Your Game

Upping Your Game: Crowd-Sourcing Risk Management Intelligence with AI

In February, the Trump Administration suspended investigations under and enforcement of the FCPA. Many compliance professionals have since wondered what this will mean for corporate compliance programs going forward. Hui Chen challenged compliance professionals with the statement, “It’s time to up your game.”

This podcast series, sponsored by Ethico and co-hosted with Ethico co-CEO Nick Gallo, hopes to meet Hui Chen’s challenge. We will discuss how compliance professionals can ‘Up Their Game’ by utilizing currently existing Generative AI (GenAI) tools to significantly enhance their compliance programs. As compliance professionals, it is critical to recognize that this moment is not merely about incremental improvements but about elevating our profession to an entirely new level of effectiveness, efficiency, and organizational value.

In this episode, hosts Tom Fox and Nick Gallo explore the revolutionary potential of AI for Speak Up Cultures by introducing risk intelligence directly into business operations. They discuss the intricacies of whistleblowing, speak-up culture, and the integral role of AI and machine learning in enhancing compliance programs. They highlight deficiencies in current systems and propose how AI can crowdsource risk intelligence at scale, improve case triage, and facilitate a collaborative environment. Key points include the importance of anonymity, efficient triage, and how AI facilitates communication with employees in their preferred settings. The discussion also explores transforming the culture of compliance into proactive risk management, ultimately driving efficiency, effectiveness, and a better corporate culture.

Key highlights:

  • Deficiencies in Whistleblowing Processes
  • Crowdsourcing Risk Intelligence
  • The Importance of Anonymity and AI in Reporting
  • Engagement and Communication Strategies
  • AI in Triage and Investigation

Resources:

Upping Your Game-How Compliance and Risk Management Move to 2030 and Beyond on Amazon.com

Nick Gallo on LinkedIn

Ethico

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
FCPA Compliance Report

FCPA Compliance Report – Upping Your Game in Compliance

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. This is a very special episode. This podcast comes from a webinar hosted by KonaAI on Tom Fox’s latest book, Ûpping Your Game. On this webinar, Tom is joined by Vince Walden, CEO of konaAI; Hemma Lomax, Deputy General Counsel, Vice President, Global Head of Ethics and Compliance at Docusign; and Carl Hahn and Matt Galvin, both from Gentic Global Advisors PLLC.

The discussion revolves around compliance, with thought leaders delving into how organizations can enhance their performance by utilizing emerging technologies and compliance strategies. The conversation begins with a focus on the transformative role of AI in compliance, highlighting its ability to support continuous monitoring, predictive analytics, and embedding compliance into day-to-day business operations. The panel emphasizes the rise of “compliance as a service” and the growing need to prioritize user experience, particularly in third-party risk management and digital transformations. The panel addresses key challenges, such as overcoming resistance from business process owners, and emphasizes the importance of using data strategically to drive better compliance outcomes. The panel introduces the concept of the “Office of Unlock” as a collaborative model to break down silos and promote agility. They also discuss change management, AI governance, and tailoring compliance communications to specific audiences. The episode concludes with practical advice for compliance officers and a forward-looking discussion on aligning compliance programs with evolving organizational and regulatory landscapes.

Key highlights:

  • Upping Your Game
  • Embedded Compliance
  • What’s the business value?
  • What steps should you take right now

Resources:

Hemma Lomax on LinkedIn

Vince Walden on LinkedIn

Matt Galvin on LinkedIn

Carl Hahn on LinkedIn

KonaAI

Gentic Global Advisors

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the use of AI in compliance programs, see Tom Fox’s new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.