Tag: Institutional Justice and Institutional Fairness

Categories
Blog

John Locke and the Legitimacy of Compliance Governance

We continue our exploration of Enlightenment Thinkers to see their influence on modern compliance programs. This week’s category is broader than philosophers, as many of these men excelled in numerous fields such as science, mathematics, calculus, and medicine. However, each contributed a key component that relates directly to our modern compliance regimes. In this post, we consider René Descartes and what he teaches as the next step beyond Bacon: evidence must be examined rigorously.

If Francis Bacon teaches us that compliance must be grounded in evidence, and René Descartes teaches us that evidence must be examined with rigor, John Locke brings us to the next great question: why should anyone trust the system itself? That question sits at the center of every modern compliance program. Employees are asked to report concerns, managers are expected to model ethical behavior, boards are charged with oversight, and companies routinely tell regulators that their compliance program is real, effective, and embedded in the business. But none of that works if the people inside the organization do not believe the system is fair, credible, and worthy of trust. That is why John Locke matters so much to the modern compliance professional.

Locke is often remembered as a philosopher of liberty, consent, rights, and accountable government. He argued that authority is legitimate only when it is exercised responsibly and for the benefit of those subject to it. Power, in Locke’s world, is not self-justifying. It must be bounded, accountable, and tied to obligations. That idea is highly relevant to corporate compliance. A compliance program is not legitimate simply because senior management approved it, or because the board receives quarterly updates, or because policies have been published on an intranet site. It is legitimate when employees experience it as fair, when reports are taken seriously, when retaliation is not tolerated, when discipline is consistent, and when leadership is seen to be accountable to the same standards as everyone else. That is not abstract philosophy. That is compliance governance.

Why Locke Matters to Compliance

Locke’s central insight is that authority derives its legitimacy from responsible exercise and reciprocal obligation. In a political context, that meant government existed to protect rights and serve the governed, not simply to command obedience. In the corporate context, the analogy is not exact, but the lesson is powerful. Employees will not trust a compliance program merely because it exists. They will trust it only if they believe it operates fairly, protects those who raise concerns, applies standards consistently, and treats power as accountable.

This is where Locke helps compliance professionals understand something many organizations still miss. Trust in a compliance system is not automatic. It has to be earned. An employee deciding whether to call a hotline is making a deeply practical judgment. Will anyone listen? Will the matter be reviewed fairly? Will the reporter be protected from retaliation? Will the senior executive who generated the concern be treated differently from everyone else? If the employee believes the answer to those questions is no, the reporting system has already failed, no matter how polished the company’s policy language may be.

The DOJ’s Compliance Expectations Are About Legitimacy

The Department of Justice does not use the language of social contract theory, but its Evaluation of Corporate Compliance Programs (ECCP) is filled with Locke’s concerns. The ECCP asks whether the program is well-designed, applied in good faith, and works in practice. It asks about tone at the top and tone in the middle. It asks whether reporting mechanisms are trusted, whether investigations are handled properly, whether discipline is applied consistently, and whether there is protection against retaliation. Those are all questions of legitimacy. A compliance program that employees do not trust cannot work in practice.

This point is critical because too many organizations still frame culture as something soft and secondary, a matter of messaging rather than system design. Locke would reject that categorically. In his framework, legitimacy is not a decoration added to authority. It is what makes authority durable and acceptable. In a company, that means culture and governance cannot be separated. Speak-up systems, fair treatment, board attention, transparent escalation, and consistent discipline are not peripheral to compliance. They are core structural elements of it.

Speak-Up Culture Is a Test of Governance

Few areas of compliance reveal Locke’s relevance more clearly than a speak-up culture. Every company says it wants employees to raise concerns. Every company says it prohibits retaliation. But the real issue is whether employees believe those statements are true in lived experience. That belief is shaped more by organizational behavior than by slogans.

If employees see complaints buried, if they watch high performers protected despite repeated concerns, if they hear that reporting a problem is career-limiting, or if they conclude that management is more interested in identifying the reporter than addressing the underlying issue, the company has lost legitimacy. In Lockean terms, authority has ceased to be trustworthy because it is no longer being exercised for the benefit of those subject to it.

This is why non-retaliation is so important. It is not simply an employment-law consideration or a human-resources aspiration. It is a governance imperative. Retaliation tells employees that the system serves power rather than principle. Once that lesson is absorbed, reporting declines, silent resignation grows, and risk moves underground. A company may still claim to have a hotline, but it no longer has a functioning speak-up culture.

Fairness Is Not Soft. It Is a Control.

Locke also helps us understand the role of fairness in a compliance program. In many organizations, fairness is discussed as a value. It should be discussed as a control. Why? Because fairness shapes behavior. When employees believe standards will be applied consistently, they are more likely to follow them, more likely to report deviations, and more likely to trust the company’s response when issues arise. When employees believe discipline is arbitrary, selective, or influenced by rank and revenue generation, the opposite occurs. Cynicism spreads quickly. Policies become performative. Reporting drops. Informal norms replace formal standards.

That is why the ECCP pays so much attention to disciplinary consistency. Regulators understand that a compliance program loses credibility when senior leaders are treated differently from line employees. Locke would have recognized the point immediately. In any system of authority, legitimacy is undermined when rules are used to bind the weak but not the powerful.

Board Oversight and Accountable Authority

Locke’s philosophy is equally useful when thinking about board oversight. He believed that those entrusted with authority must remain accountable for how they exercise it. That is a principle every board member should understand in the context of compliance.

Board oversight is not merely about receiving information. It is about ensuring that authority inside the company is properly bounded, monitored, and answerable. The board does not run day-to-day compliance, but it is responsible for ensuring that management has created a system worthy of trust. That means asking whether reporting channels work, whether investigations are independent, whether non-retaliation protections are real, whether major risks are escalated, and whether compliance has stature and access.

This is particularly important because boards sometimes fall into the trap of treating compliance as a downstream operational matter. Locke would have viewed that as a category mistake. Governance is not something separate from legitimacy. Governance is how legitimacy is maintained.

For the modern board, that means compliance oversight must be substantive. Directors should ask not only for dashboards, but for explanations. How does management know employees trust reporting channels? What evidence supports claims of a strong culture? How is middle management assessed? What happens when senior leaders are implicated? What trends in reporting, substantiation, retaliation, and discipline should concern the board? Those questions move oversight from ceremonial to real.

In that sense, Locke also speaks directly to Caremark-era expectations. Directors have obligations not simply to exist, but to oversee. A board that does not ensure the company has credible systems of information and response is not exercising accountable authority. It is abdicating it.

Culture and the Middle Management Problem

No discussion of compliance legitimacy would be complete without examining middle management. The DOJ, in both the ECCP and the FCPA Resource Guide, 2nd edition, has long emphasized that “tone at the top” is not enough. Tone in the middle matters enormously, because employees experience the company most directly through their immediate supervisors.

This is another place where Locke offers real insight. In any system of authority, legitimacy rises or falls through those who exercise power closest to the governed. If middle managers pressure employees to ignore controls, discourage escalation, roll their eyes at compliance training, or quietly punish bad news, the company’s formal commitments will collapse in practice.

This is why companies must treat middle management behavior as a governance issue. Are managers trained not just on rules, but on their duty to support reporting and ethical decision-making? Are they evaluated on how they build culture? Do promotion and bonus structures reinforce ethical leadership, or only financial performance? Are there consequences when managers create pressure that undermines compliance expectations?

These are not marginal considerations. They are central to whether the compliance program is experienced as legitimate in daily operations. Locke reminds us that people judge institutions less by official declarations than by how authority is exercised.

The Compliance Officer as Steward of Institutional Legitimacy

Locke casts the compliance officer as a steward of institutional legitimacy. That is an important and underappreciated role. The compliance officer helps the company earn trust, not through public relations, but through structure, fairness, and accountability. The compliance officer helps ensure that when people speak up, they are heard; when misconduct occurs, it is handled consistently; when leaders exercise authority, they do so under standards that bind them as well. In this sense, compliance is not just about preventing legal violations. It is about making the institution worthy of confidence.

That is why legitimacy matters so much. A company with high trust in its compliance system detects issues earlier, responds more effectively, learns more quickly, and sustains a stronger ethical culture over time. A company without that trust becomes opaque to itself. Risk goes silent. Problems surface late. Governance becomes reactive. The institution loses one of its most important defenses: its own people’s willingness to tell it the truth.

Five Lessons Learned for the Modern Compliance Professional

First, a compliance program must be legitimate to be effective. Employees must believe the system is fair, credible, and trustworthy.

Second, speak-up culture is a governance test. Reporting mechanisms only work when employees believe concerns will be taken seriously and retaliation will not follow.

Third, fairness is a control. Consistent discipline, equal treatment across levels of seniority, and transparent standards strengthen compliance credibility.

Fourth, boards must exercise accountable oversight. They should test management’s claims about culture, reporting, and non-retaliation with real evidence.

Fifth, middle management is where legitimacy lives or dies. A company must align manager incentives, expectations, and accountability with its compliance values.

Coming Next: Thomas Hobbes and Why Every Compliance Program Needs Order

If John Locke teaches us that compliance governance must be legitimate, Thomas Hobbes will remind us that legitimacy alone is not enough. A company also needs structure, clear rules, assigned authority, escalation pathways, and credible enforcement. In Part 4, I will explore how Hobbes helps explain the roles of policies, procedures, internal controls, and operational discipline in a best-practices compliance program. Trust matters, but so does order.

Categories
FCPA Compliance Report

FCPA Compliance Report: Navigating Corporate Ethics and Compliance Trends in 2026 with Mike Volkov

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this inaugural episode of 2026, Tom Fox welcomes back his good friend and colleague, Mike Volkov, to reflect on the tumultuous year of 2025 and discuss the new trends for the upcoming year. This is Part 1 of a two-part series.

Highlighting the resilience of corporate ethics amid the suspension of the FCPA, the conversation underscores the necessity for businesses to uphold ethical values, despite regulatory changes. Discussions delve into the importance of demonstrating ethical behavior as a fundamental business value and the growing significance of organizational justice and trust within corporations. Moreover, they address evolving enforcement in areas such as export controls, trade sanctions, and tariff regulations, suggesting a shift toward rigorous compliance in national security matters. This episode provides a comprehensive outlook on the compliance challenges and opportunities for 2026.

Key highlights:

  • Welcome to 2026: A New Beginning
  • The Importance of Ethics in Business
  • Organizational Justice and Trust
  • Generational Perspectives on Ethics
  • Emerging Trends in Trade and Compliance

Resources:

Mike Volkov on LinkedIn

Volkov Law Group

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 75 – Bridging the Gap: Compliance Lessons on Justice and Fairness from “The Cloud Minders”

Institutional justice and institutional fairness are not abstract ideals. They are operational requirements in a corporate compliance program. They define how policies are enforced, how decisions are made, and how employees perceive the integrity of their workplace. One of the most vivid illustrations of the dangers of systemic injustice and perceived unfairness comes from Star Trek: The Original Series in “The Cloud Minders.”

From this story, we can extract five compliance lessons on institutional justice and institutional fairness.

Lesson 1: Consistency in Standards Is Non-Negotiable

Illustrated by:  The leaders of Stratos apply rules differently depending on social status.

Compliance Lesson. The DOJ has repeatedly emphasized that policies and disciplinary measures must be applied consistently.

Lesson 2: Address Root Causes, Not Just Symptoms

Illustrated by: The Troglytes’ performance and health are impaired because mining zenite exposes them to toxic vapors. The elites interpret this as proof of inferiority, ignoring the environmental cause.

Compliance Lesson. Organizations sometimes treat compliance failures as isolated misconduct rather than symptoms of deeper issues, such as inadequate training, unrealistic sales targets, or flawed incentive structures.

Lesson 3: Perceived Fairness Matters as Much as Actual Fairness

Illustrated by: Even when Kirk offers protective gear to the Troglytes, they are slow to trust his intentions. Years of mistreatment have convinced them that promises from the elites are empty.

Compliance Parallel: Employees judge compliance programs not only by their design but by how fair they feel in practice. If people believe investigations are biased or that whistleblowers will be punished, they will avoid reporting, even if the official policy says otherwise.

Lesson 4: Leadership Must Model Ethical Behavior

Illustrated by: Stratos’s leaders speak about justice and stability, but are unwilling to live under the same risks or hardships as the Troglytes. Their detachment from the reality of mining life fuels the unrest.

Compliance Lesson. Leaders who preach ethics but cut corners for themselves undermine institutional fairness. Employees take cues from the top; if executives are exempt from rules, the rest of the organization will follow suit.

Lesson 5: Dialogue and Inclusion Are Tools for Justice

Illustrated by: Spock approaches the Troglytes with genuine respect, listening to their grievances and acknowledging their intelligence. His willingness to engage earns him credibility that Stratos leaders lack.

Compliance Parallel: Institutional fairness is strengthened when employees feel heard and included in shaping solutions.

Final ComplianceLog Reflections

The Cloud Minders is more than a parable about class division; it is a warning for any institution that neglects fairness and justice. In Ardana, injustice created resentment, distrust, and rebellion. In a corporation, those same dynamics can lead to silent disengagement, hidden misconduct, and public scandal.

The DOJ’s message is clear: fairness and justice are not optional add-ons to compliance; they are the foundation of a program that works. As compliance leaders, our role is to be the “Spock” in the room, listening, respecting, and bridging divides while ensuring that the rules are fair, transparent, and consistently applied.

When we do that, we do not just comply with the DOJ’s expectations; we build organizations where people trust the system enough to make it work.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Blog

Institutional Justice and Fairness in Compliance: Lessons from Star Trek’s ‘The Cloud Minders’

Institutional justice and institutional fairness are not abstract ideals; they are operational requirements in a corporate compliance program. They define how policies are enforced, how decisions are made, and how employees perceive the integrity of their workplace. One of the most vivid illustrations of the dangers of systemic injustice and perceived unfairness comes from Star Trek: The Original Series in “The Cloud Minders.”

The DOJ’s 2024 Evaluation of Corporate Compliance Programs (ECCP) reinforces this point: for a compliance program to be effective, it must not only exist on paper but also operate fairly in practice. The DOJ expects companies to show that their compliance processes are applied consistently across the organization, regardless of seniority, revenue generation, or personal connections.

Why the DOJ Cares About Justice and Fairness in Compliance

In the ECCP, the DOJ focused on institutional justice and institutional fairness as key mandates for the compliance function. Why? It was rooted in practicality: a compliance program that is seen as biased or inconsistent will fail. Employees will not report misconduct, will hide mistakes, and will disengage from ethics initiatives.

Prosecutors know that when misconduct occurs in such an environment, it’s often a symptom of deeper cultural problems. That’s why, during investigations, they ask:

  • Are policies applied equally to all levels of the organization?
  • Is discipline consistent and documented?
  • Do employees believe the process is fair?
  • Has the company addressed the underlying causes of misconduct?

If the answers to these questions are unsatisfactory, the DOJ is more likely to view the compliance program as ineffective, regardless of its written policies.

The Tale 

The Enterprise is sent to the planet Ardana to collect zenite, a mineral needed to stop a plague on another world. Captain Kirk and Mr. Spock beam down to Stratos, a floating city inhabited by the planet’s elite, only to discover a deep societal divide. The surface of Ardana is worked by “Troglytes,” a laborer class forced to mine zenite under hazardous conditions, denied access to the comforts and education of Stratos.

The elites justify this arrangement as necessary for stability, while the Troglytes see it as systemic exploitation. The episode becomes a study in the consequences of entrenched inequality, distrust, and the refusal to address legitimate grievances, exactly the kinds of dynamics that can erode trust in a corporate compliance program if not addressed.

From this story, we can extract five compliance lessons on institutional justice and institutional fairness.

Lesson 1: Consistency in Standards Is Non-Negotiable

Illustrated by:  The leaders of Stratos apply rules differently depending on social status. The elite enjoy cultural and political freedoms, while Troglytes face restrictions and harsher punishments for similar conduct.

Compliance Lesson. The DOJ has repeatedly emphasized that policies and disciplinary measures must be applied consistently. If employees perceive that “rainmakers” or executives receive lighter sanctions, or none at all, for policy violations, trust in the compliance function evaporates. In The Cloud Minders, the double standard deepens resentment and drives conflict, precisely what can happen inside a company when justice is selective.

Why It Matters to DOJ: Prosecutors evaluate whether discipline is enforced “consistently across the organization, regardless of position or power.” Inconsistency is a red flag that the program is a paper exercise rather than a living system.

What should you do?

  • Establish clear, documented disciplinary protocols.
  • Apply them uniformly, with oversight from the compliance function.
  • Communicate to the workforce that no one is above the rules.

Lesson 2: Address Root Causes, Not Just Symptoms

Illustrated by: The Troglytes’ performance and health are impaired because mining zenite exposes them to toxic vapors. The elites interpret this as proof of inferiority, ignoring the environmental cause.

Compliance Lesson. Organizations sometimes treat compliance failures as isolated misconduct rather than symptoms of deeper issues, such as inadequate training, unrealistic sales targets, or flawed incentive structures. In Ardana, fixing the air quality in the mines would have solved much of the productivity gap, just as fixing systemic drivers of noncompliance prevents repeat issues.

Why It Matters to DOJ: The DOJ looks for root cause analysis after misconduct. They want to see whether the company took corrective action to address systemic issues, not just discipline the individuals involved.

What should you do?

  • Investigate not only “who” did something wrong, but “why” it happened.
  • Use findings to improve processes, incentives, and controls.
  • Share non-confidential lessons learned with the workforce to demonstrate fairness and transparency.

Lesson 3: Perceived Fairness Matters as Much as Actual Fairness

Illustrated by: Even when Kirk offers protective gear to the Troglytes, they are slow to trust his intentions. Years of mistreatment have convinced them that promises from the elites are empty.

Compliance Parallel: Employees judge compliance programs not only by their design but by how fair they feel in practice. If people believe investigations are biased or that whistleblowers will be punished, they will avoid reporting, even if the official policy says otherwise. On Ardana, the absence of trust kept both sides from engaging in good-faith solutions—something corporate leaders must avoid at all costs.

Why It Matters to DOJ: Prosecutors assess whether employees trust the compliance program enough to use it. A hotline no one calls is not evidence of a healthy culture—it may be proof of fear or cynicism.

What should you do?

  • Publicize examples where issues were raised and resolved fairly.
  • Protect whistleblowers from retaliation and make that protection visible.
  • Use employee surveys to measure trust in compliance processes.

Lesson 4: Leadership Must Model Ethical Behavior

Illustrated by: Stratos’s leaders speak about justice and stability, but are unwilling to live under the same risks or hardships as the Troglytes. Their detachment from the reality of mining life fuels the unrest.

Compliance Lesson. Leaders who preach ethics but cut corners for themselves undermine institutional fairness. Employees take cues from the top; if executives are exempt from rules, the rest of the organization will follow suit. In The Cloud Minders, the Stratos elite’s credibility collapses because they refuse to share the burdens of those they govern, a mistake no corporate leadership team should make.

Why It Matters to DOJ: The DOJ examines “tone at the top” and “conduct at the middle.” They want to see that leadership’s actions match their words and that managers reinforce the message through daily decisions.

What should you do?

  • Ensure executives participate in the same training and certifications as all employees.
  • Make leadership accountable for compliance metrics.
  • Publicly acknowledge when senior leaders are held to account for violations.

Lesson 5: Dialogue and Inclusion Are Tools for Justice

Illustrated by: Spock approaches the Troglytes with genuine respect, listening to their grievances and acknowledging their intelligence. His willingness to engage earns him credibility that Stratos leaders lack.

Compliance Parallel: Institutional fairness is strengthened when employees feel heard and included in shaping solutions. This doesn’t mean every request can be granted, but the act of listening and considering input builds trust. Just as Spock bridged the divide on Ardana, compliance leaders can bridge gaps in trust by treating all stakeholders with respect and dignity.

Why It Matters to DOJ: A compliance program is stronger when it incorporates feedback from the workforce. The DOJ favors companies that regularly assess the program’s effectiveness through interviews, surveys, and focus groups.

What should you do?

  • Include employee representatives in policy review committees.
  • Hold listening sessions for employees and other stakeholders after major incidents or policy changes.
  • Act on feasible suggestions and explain when ideas can’t be implemented.

Practical Compliance Takeaways from The Cloud Minders

  1. Apply Rules Equally: Avoid double standards by holding everyone—from the C-suite to front-line staff—to the exact requirements.
  2. Investigate Root Causes: Fix systemic issues, not just individual mistakes.
  3. Build Trust in the Process: Ensure employees perceive the program as fair and protective.
  4. Lead by Example: Leadership must model the ethical behavior expected of all.
  5. Listen and Include: Use dialogue to bridge divides and strengthen buy-in.

Final ComplianceLog Reflections

The Cloud Minders is more than a parable about class division; it is a warning for any institution that neglects fairness and justice. In Ardana, injustice created resentment, distrust, and rebellion. In a corporation, those same dynamics can lead to silent disengagement, hidden misconduct, and public scandal.

The DOJ’s message is clear: fairness and justice are not optional add-ons to compliance; they are the foundation of a program that works. As compliance leaders, our role is to be the “Spock” in the room, listening, respecting, and bridging divides while ensuring that the rules are fair, transparent, and consistently applied.

When we do that, we do not just comply with the DOJ’s expectations; we build organizations where people trust the system enough to make it work.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Blog

AI in Compliance Week: Part 4 – Keeping Your AI – Powered Decisions Fair and Unbiased

As artificial intelligence (AI) becomes increasingly integrated into business operations and decision-making, ensuring the fairness and lack of bias in these AI systems is paramount. This is especially critical for companies operating in highly regulated industries, where prejudice and discrimination can lead to significant legal, financial, and reputational consequences. Implementing AI responsibly requires a multifaceted approach beyond simply training the models on large datasets. Companies must proactively address the potential for bias at every stage of the AI lifecycle – from data collection and model development to deployment and ongoing monitoring.

Based upon what the Department of Justice said in the 2020 Evaluation of Corporate Compliance Programs, a corporate compliance function is the keeper of both Institutional Justice and Institutional Fairness in every organization. This will require compliance to be at your organization’s forefront of ensuring your AI-based decisions are fair and unbiased. What strategies does a Chief Compliance Officer (CCO) or compliance professional employ to help make sure your AI-powered decisions remain fair and unbiased?

The adage GIGO (garbage in, garbage out) applies equally to the data used to train AI models. If the underlying data contains inherent biases or lacks representation of particular demographic groups, the resulting models will inevitably reflect those biases. It would help if you made a concerted effort to collect training data that is diverse, representative, and inclusive. Audit your datasets for potential skews or imbalances and supplement them with additional data sources to address gaps. Regularly review your data collection and curation processes to identify and mitigate biases.

The composition of your AI development teams can also significantly impact the fairness and inclusiveness of the resulting systems. Bring together individuals with diverse backgrounds, experiences, and perspectives to participate in every stage of the AI lifecycle. A multidisciplinary team including domain experts, data scientists, ethicists, and end-users can help surface blind spots, challenge assumptions, and introduce alternative viewpoints. This diversity helps ensure your AI systems are designed with inclusivity and fairness in mind from the outset.

It would help if you employed comprehensive testing for bias, which is essential to identify and address issues before your AI systems are deployed. By Incorporating bias testing procedures into your model development lifecycle and then making iterative adjustments to address any problems identified. There are a variety of techniques and metrics a compliance professional can use to evaluate your models for potential biases:

  • Demographic Parity: Measure the differences in outcomes between demographic groups to ensure equal treatment.
  • Equal Opportunity: Assess the accurate favorable rates across groups to verify that the model’s ability to identify positive outcomes is balanced.
  • Disparate Impact: Calculate the ratio of selection rates for different groups to detect potential discrimination.
  • Calibration: Evaluate whether the model’s predicted probabilities align with actual outcomes consistently across groups.
  • Counterfactual Fairness: Assess whether the model’s decisions would change if an individual’s protected attributes were altered.

As AI systems become more complex and opaque, transparency and explainability become increasingly important, especially in regulated industries. (Matt Kelly and I discussed this topic on this week’s Compliance into the Weeds.) It would help if you worked to implement explainable AI techniques that provide interpretable insights into how your models arrive at their decisions. By making the decision-making process more visible and understandable, explainable AI can help you identify potential sources of bias, validate the fairness of your models, and ensure compliance with regulatory requirements around algorithmic accountability.

As Jonathan Marks continually reminds us, corporations rise and fall on their government models and how they operate in practice. Compliance professionals must cultivate a strong culture of AI governance within your organization, with clear policies, methods, and oversight mechanisms in place. This should include:

  • Executive-level Oversight: Ensure senior leadership is actively involved in setting your AI initiatives’ strategic direction and ethical priorities.
  • Cross-functional Governance Teams: Assemble diverse stakeholders, including domain experts, legal/compliance professionals, and community representatives, to provide guidance and decision-making on AI-related matters.
  • Auditing and Monitoring: Implement regular, independent audits of your AI systems to assess their ongoing performance, fairness, and compliance. Continuously monitor for any emerging issues or drift from your established standards.
  • Accountability Measures: Clearly define roles, responsibilities, and escalation procedures to address problems or concerns and empower teams to take corrective action.

By embedding these governance practices into your organizational DNA, you can foster a sense of shared responsibility and proactively manage the risks associated with AI-powered decision-making. As with all other areas of compliance, maintaining transparency and actively engaging with key stakeholders is essential for building trust and ensuring your AI initiatives align with societal values, your organization’s culture, and overall stakeholder expectations. A CCO and compliance function can do so through a variety of ways:

  • Regulatory Bodies: Stay abreast of evolving regulations and industry guidelines and collaborate with policymakers to help shape the frameworks governing the responsible use of AI.
  • Stakeholder Representatives: Seek input from diverse community groups, civil rights organizations, and other stakeholders to understand their concerns and incorporate their perspectives into your AI development and deployment processes.
  • End-users: Carsten Tams continually reminds us that it is all about the UX. A compliance professional in and around AI should engage with the employees and other groups directly impacted by your AI-powered decisions and incorporate their feedback to improve your systems’ fairness and user experience.

By embracing a spirit of transparency and collaboration, CCOs and compliance professionals will help your company navigate the complex ethical landscape of AI and position your organization as a trusted, responsible leader in your industry. Similar to the management of third parties, ensuring fairness and lack of bias in your AI-powered decisions is an ongoing process, not a one-time event. Your company should dedicate resources to continuously monitor the performance of your AI systems, identify any emerging issues or drift from your established standards, and make timely adjustments as needed. You must regularly review your fairness metrics, solicit feedback from stakeholders, and be prepared to retrain or fine-tune your models to maintain high levels of ethical and unbiased decision-making. Finally, fostering a culture of continuous improvement will help you stay ahead of the curve and demonstrate your commitment to responsible AI.

As AI is increasingly embedded in business operations, the stakes for ensuring fairness and mitigating bias have never been higher. By adopting a comprehensive, multifaceted approach to AI governance, your organization can harness this transformative technology’s power while upholding ethical and unbiased decision-making principles. The path to responsible AI may be complex, but the benefits – trust, compliance, and long-term sustainability – are worth the effort.

Categories
Adventures in Compliance

The Return of Sherlock Holmes – Compliance Lessons from The Norwood Builder

Welcome to a review of all the Sherlock Holmes stories that are collected in the work “The Return of Sherlock Holmes.“. It is a collection of thirteen detective stories written by Sir Arthur Conan Doyle, marking the reappearance of the brilliant detective Sherlock Holmes after his apparent death in “The Final Problem.” The collection spans various intriguing cases and mysteries that Holmes and his loyal friend Dr. John Watson tackle. Today we take up The Adventure of the Norwood Builder and mine it for compliance lessons for the CCO and compliance professionals.

The intriguing world of Sherlock Holmes’ investigative methods offers a wealth of lessons for compliance professionals. In The Adventure of the Norwood Builder, Holmes’ meticulous approach to a murder case, emphasizing thorough due diligence, attention to detail, verification of information, critical thinking, data-based decision-making, and ethical conduct, mirrors the approach that compliance officers should adopt. Tom Fox, a seasoned compliance expert, underscores the importance of these principles in navigating the complex landscape of corporate compliance. Fox’s perspective is shaped by his extensive experience in the field, and he advocates for a proactive, data-based approach, prioritizing integrity, attention to detail, trust but verify, critical thinking, database decision-making, ethics, risk assessment, and documentation. He encourages compliance professionals to embrace continuous learning and persistence, much like Sherlock Holmes. Join Tom Fox in this episode of the Adventures in Compliance podcast as he delves deeper into these fascinating parallels between the world’s greatest detective and the demanding field of compliance.

 

Key Compliance Lessons Learned

  1. Due Diligence.
  2. Risk Management.
  3. Document Document Document.
  4. Data-driven compliance.
  5. Trust but verify.
  6. Attention to detail.
  7. Ethical conduct by compliance professionals
  8. Institutional Justice and Institutional Fairness

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ

Connect with Tom Fox

Instagram

Facebook

YouTube