Tag: Leadership

Categories
Blog

The Man Trap: Salt Vampires, Soft Controls, and the Price of Inaction

Today, we consider the Star Trek: TOS episode “The Man Trap,” which aired on June 3, 1969, Star Date 5298.5. We mine it for compliance and leadership lessons.  We begin by beaming down to Planet M113 with Captain Kirk and crew to uncover the compliance and leadership lessons buried in the salt-thirsty narrative of The Man Trap. This first-aired Star Trek episode is not simply science fiction; rather, it is a parable for today’s compliance professional. When a creature with the ability to shapeshift into anyone it wants hides among the crew, deception, emotional blind spots, and ethical hesitation threaten the mission’s integrity and the lives aboard the Enterprise.

Story

In this episode, a landing party from the Enterprise beams down to perform an annual checkup of scientist Bob Crater and his wife Nancy, who have lived on the planet M113 for 5 years. Dr. Crater and Nancy appear to be in good health, but Dr. Crater goes out of his way to request an additional salt supply from the Enterprise’s stores. A crewman wanders off and dies under mysterious circumstances. Further tests show that his body is completely devoid of salt.

Scanning the planet’s surface reveals only a single life form, so Spock and Kirk realize that Nancy must have beamed aboard the Enterprise and started searching for her. They question Dr. Crater and learn that Nancy is dead and that her form has been taken over by the planet’s last remaining indigenous creature, which can assume any form and requires salt to live.

Kirk and Spock then beam Dr. Crater aboard the Enterprise, who prevents Kirk from killing the creature (which he still sees as Nancy Crater), and then stands idly by as she begins to drain the salt from Kirk’s body. At this juncture, Spock rushes in and demonstrates to McCoy that the woman attacking Kirk could not be Nancy by striking her repeatedly and forcefully. Nancy does not flinch, sending Spock flying across the room with a single counterblow. When the creature attacks Kirk again, its proper alien form is revealed, and Bones kills it with a phaser, even after it reverts to Nancy’s form.

Key highlights:

1. Compliance and Leadership Lessons – The Cost of Denial

Key Scene—Dr. Crater’s refusal to acknowledge the danger posed by the creature impersonating his wife, Nancy.

Leadership is about difficult truths, not convenient fantasies. Dr. Crater’s emotional attachment blinds him to reality, echoing the risks faced when leaders ignore clear signs of compliance breakdowns. Just as he stalls Kirk and enables the creature’s deception, real-world executives who refuse to confront corruption or misconduct endanger the entire ship.

2. Character Dynamics – Trust, Bias, and Team Decision-Making

Key Scene—The landing party’s conflicting views of Nancy—each member sees her differently.

This episode reminds us how biases cloud judgment. The creature manipulates the crew’s perceptions, much like a charismatic fraudster might mislead auditors or compliance officers. Effective compliance teams must cultivate objectivity and challenge assumptions, especially when red flags appear under familiar disguises.

3. Ethical Decision-Making and Vigilance – When Loyalty Becomes Liability

Key Scene—McCoy’s inability to act until it’s almost too late.

McCoy’s emotional paralysis shows the danger of misplaced loyalty in corporate settings. Compliance professionals must prioritize facts over feelings. Only when Spock physically assaults the creature and reveals its true nature does McCoy accept the need for lethal action. It’s a painful but powerful lesson in balancing empathy with professional duty.

4. Storytelling and Visual Branding – Make the Message Memorable

Key Scene—The unforgettable reveal of the creature’s true alien form.

The creature’s transformation is a visual metaphor for uncovering the truth beneath appearances. For compliance programs, this underscores the importance of storytelling, compelling visuals, and emotional engagement. Dry policies don’t stick—memorable messages do. Think of the salt vampire’s final scene as a compliance training module with bite.

5. Balancing Security and Compassion – Don’t Let the Monster in the Room Stay Hidden

Key Scene—The crew’s initial desire to give Nancy space, contrasted with the need for containment.

Compassion is vital, but so is security. The crew’s hesitation to confront “Nancy” creates a vulnerability that costs lives. In corporate compliance, this translates to having the courage to investigate suspicions swiftly and without prejudice. The longer you let a problem impersonate a solution, the greater the risk to your organization

Final ComplianceLog Reflections

As we wrap up this episode, we are reminded that illusions, whether born of nostalgia, bias, or fear, can be deadly in space and in the boardroom. “The Man Trap” teaches us that truth must be pursued with vigilance, that leaders must act decisively in the face of risk, and that compliance is not simply about rules; it is also about readiness.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Great Women in Compliance

Great Women in Compliance: Designing The Rooms Where Leadership Happens

This week on Great Women in Compliance, Hemma Lomax sits down with Meredith Anastasio, Managing Director of the Emerging Technology Division at Opal Group, for a thoughtful conversation about leadership, emerging technology, governance, and the power of designing meaningful dialogue.

Meredith’s career journey has taken her from law to executive leadership and strategic convening, where she now creates high-impact forums that bring together leaders across compliance, governance, AI, technology, and business. Her work focuses on building spaces where complex ideas can be explored honestly, collaboratively, and with practical impact.

Meredith shares why she believes compliance and governance professionals are uniquely important in moments of rapid technological change, and why thoughtful conversations matter more than ever in the age of AI. She and Hemma discuss the difference between simply organizing events and intentionally designing environments where leaders can challenge assumptions, wrestle with complexity, and move industries forward together.

The conversation also explores Meredith’s legal background, her passion for leadership development, and her belief that compliance work remains one of the most meaningful and influential professions inside modern organizations.

Topics include:

  • Meredith’s journey from lawyer to leadership strategist
  • The vision behind Opal Group’s emerging technology initiatives
  • Why governance and compliance conversations matter now
  • The role of human judgment in increasingly automated systems
  • Designing rooms where meaningful leadership conversations can happen

About Meredith Anastasio:

Meredith Anastasio, J.D., MSEL, is the Managing Director of the Emerging Technology Division at Opal Group. She leads conferences and executive forums focused on AI, governance, leadership, and emerging technologies, bringing together cross-functional leaders for deeper, more collaborative conversations about the future of business and society. Meredith also serves as the Founder and CEO of MAEvents, LLC, and has a background in law and executive leadership. 

Categories
Blog

The Muppet C-Suite: A Compliance Professional’s Guide to Culture, Controls, and Chaos: Part 1 – Kermit the Frog as CEO: Tone at the Top in a Theater of Chaos

Early this year, Disney released The Muppet Show. It is a revival of the original Muppet Show series (1976–1981) created by Jim Henson, featuring recurring sketches and musical numbers interspersed with ongoing plotlines, with backstage gags and other running gags throughout the venue. The special features include Special Guest singer and actress Sabrina Carpenter, with additional guest appearances by actress and comedian Maya Rudolph, backstage gags, and other running gags throughout, and comedian Seth Rogen. In 2026, The Muppet Show revived the original show’s tone with slapstick, absurdist, and surreal humor. Within its context, Kermit the Frog acts as the showrunner and host, who tries to maintain control of the overwhelming antics of the other Muppet characters and appease the guest stars.

The Muppets may appear chaotic, but beneath the comedy lies a surprisingly sophisticated lesson in organizational leadership. Every compliance professional has worked with a Kermit, managed a Piggy, worried about a Gonzo, or tried to contain an Animal. This series uses the Muppet executive team as a framework to explore leadership, governance, innovation, operational risk, and corporate compliance through the lens of the DOJ’s Evaluation of Corporate Compliance Programs (ECCP) and modern governance expectations.

There may never have been a more realistic fictional CEO than Kermit the Frog. He is not flashy. He is not domineering. He rarely appears fully in control. In fact, most episodes of The Muppet Show depict Kermit managing a workplace that appears one step away from complete operational collapse. Explosions happen backstage. Talent refuses direction. The animal breaks containment regularly. Miss Piggy ignores authority whenever it conflicts with her personal brand strategy. Gonzo treats safety protocols as optional suggestions. And yet somehow, the show goes on.

That is leadership. More specifically, leadership in a modern corporation involves competing incentives, operational pressures, innovation demands, and cultural personalities that collide every day. For compliance professionals, Kermit offers a remarkably useful framework for understanding tone at the top and why effective governance is less about command-and-control and more about maintaining organizational coherence under stress.

Tone at the Top Is Not About Perfection

One of the more damaging myths in corporate governance is that strong leadership means projecting certainty and total control at all times. Kermit disproves this theory in nearly every episode. He is frequently overwhelmed. He becomes frustrated. He occasionally loses patience. But he continues to communicate expectations, reinforce standards, and keep the organization focused on its mission despite persistent disruption.

This matters because the DOJ’s ECCP does not ask whether leadership is perfect. It asks whether leadership demonstrates commitment to ethics and compliance through words, actions, decisions, and resource allocation. Kermit consistently demonstrates this commitment.

He tries to resolve disputes fairly. He intervenes when behavior becomes destructive. He supports the enterprise even when individual performers create personal headaches. Most importantly, he never allows the organization’s chaos to become its identity. That is the tone at the top. The lesson for compliance professionals is straightforward: employees do not expect leadership perfection. They expect leadership consistency.

Kermit Understands Culture Is Operational

Many executives treat culture as an abstract concept discussed at annual retreats or included in (what was previously called) ESG reports. Kermit understands culture differently. For him, culture is operational reality. Culture determines:

  • whether people cooperate,
  • whether concerns are escalated,
  • whether misconduct is tolerated,
  • and whether organizational dysfunction becomes normalized.

Kermit spends much of his time managing interpersonal conflict because he understands something many executives miss: operational breakdowns often begin as cultural breakdowns. Consider the dynamics of the Muppet theater:

  • Miss Piggy demands attention and exceptions.
  • Gonzo constantly pushes boundaries.
  • Fozzie requires emotional reassurance.
  • An animal creates pure operational volatility.

A weaker CEO would either overreact with authoritarian control or surrender entirely. Kermit does neither. Instead, he continually recalibrates the organization back toward functional alignment. That is exactly what compliance professionals attempt to do every day.

Under the ECCP, prosecutors are instructed to assess whether a company’s culture encourages ethical conduct and commitment to compliance. Posters or slogans do not measure culture. It is measured by behavior under pressure. Kermit’s theater is always under pressure. That is precisely why it works as a governance analogy.

Leadership Visibility Matters

Kermit is not a remote executive. He is constantly present:

  • backstage,
  • during rehearsals,
  • during crises,
  • and during failures.

This visibility creates credibility.

Employees tend to distrust leaders who appear only during earnings calls, investigations, or public relations crises. Kermit’s team knows he is engaged because they see him actively trying to keep the organization functioning every single day. Modern compliance programs increasingly recognize this principle. Tone at the top alone is insufficient. Organizations also need visible engagement from leadership and reinforced accountability from middle management.

The ECCP repeatedly emphasizes this point through its focus on:

  • commitment by senior leadership,
  • middle-management reinforcement,
  • and operational integration.

Kermit succeeds because he is operationally embedded in the business. He does not lead from a memo.

Kermit as a Crisis Manager

Every episode of The Muppet Show is essentially a live operational-risk exercise. Unexpected events occur constantly:

  • technical failures,
  • talent disruptions,
  • emotional meltdowns,
  • physical destruction,
  • and reputational threats.

Kermit’s real strength as CEO emerges during these moments. He does not freeze. He does not catastrophize. He does not blame others publicly. He focuses on containment, continuity, and getting the production across the finish line. This is a critical lesson for modern compliance professionals, as organizational resilience increasingly depends on leadership behavior during disruptions. The most sophisticated compliance program in the world can still fail if leadership collapses during a crisis.

Kermit demonstrates several best practices repeatedly:

  • maintain calm visibility,
  • prioritize continuity,
  • avoid emotional escalation,
  • focus on immediate stabilization,
  • Then return later for remediation.

That sequence matters.

Too many organizations focus exclusively on assigning blame during a crisis while neglecting operational stabilization. Kermit instinctively understands that you first keep the theater standing. Then you investigate why the cannon exploded backstage.

Compliance Cannot Function Without Cross-Functional Coordination

Kermit also demonstrates another overlooked governance truth: no single department can manage organizational risk alone.

He constantly coordinates:

  • creative personalities,
  • operational functions,
  • technical failures,
  • audience expectations,
  • and financial realities.

That mirrors the reality of corporate compliance. Compliance programs fail when they become isolated from business operations. Effective governance requires coordination between:

  • legal,
  • HR,
  • finance,
  • operations,
  • marketing,
  • innovation,
  • and leadership.

Kermit’s greatest leadership skill may be his ability to keep highly divergent personalities moving in roughly the same direction. Importantly, he accomplishes this without destroying individuality. That balance matters because mature compliance programs should not eliminate creativity or innovation. They should channel them responsibly.

Kermit does not try to turn Gonzo into Rolf. He tries to prevent Gonzo from setting the building on fire. Many compliance professionals would recognize that as success.

Why Kermit Matters Right Now

Kermit is especially relevant in today’s governance environment because modern corporations increasingly operate in a permanent state of volatility. Executives face:

  • AI disruption,
  • geopolitical instability,
  • reputational acceleration through social media,
  • regulatory expansion,
  • activist stakeholders,
  • and heightened board expectations.

Under these conditions, leadership style matters more than ever.

The organizations most likely to survive are not necessarily the most rigidly controlled. They are the ones capable of maintaining ethical alignment, operational coordination, and cultural stability during sustained uncertainty. That is Kermit’s real genius. He keeps the enterprise functioning without pretending chaos does not exist. For compliance professionals, that may be the most important lesson of all.

5 Key Takeaways for the Compliance Professional

1. Tone at the top is measured during pressure, not during presentations.

Leadership credibility is built through behavior during operational stress and organizational disruption.

2. Culture is operational.

Culture directly affects escalation, accountability, cooperation, and ethical decision-making.

3. Visible leadership engagement matters.

Employees trust leaders who are operationally present and consistently engaged with the business.

4. Compliance requires cross-functional coordination.

Effective governance depends on alignment between leadership, operations, legal, HR, finance, and compliance.

5. The goal is not to eliminate chaos.

The goal is to manage risk, maintain alignment, and preserve organizational integrity while operating in an environment of uncertainty.

Looking Ahead to Miss Piggy

If Kermit represents leadership stability, Miss Piggy represents a very different governance challenge: visibility, incentives, and reputational pressure. Because tone at the top is only the beginning. Eventually, every organization faces the same question: What happens when brand, growth, and public attention begin pushing harder than governance systems can comfortably manage?

In Part 2, we will examine Miss Piggy as Chief Marketing Officer and what she teaches compliance professionals about reputation risk, marketing pressure, incentives, and the governance challenges created by high-performing executives.

Categories
Blog

When Leaders Get Permission to Be Worse: Why Compliance Must Stop Fear-Based Leadership from Becoming Culture

Brené Brown’s blunt warning about toxic leadership is really a compliance warning: when fear, cruelty, and intimidation become normalized management tools, misconduct risk rises, speak-up culture collapses, and the compliance function must move from observer to guardian of organizational integrity.

There are moments when an outside voice captures a problem with more clarity than a stack of internal reports ever could. Brené Brown did exactly that when she warned that some leaders now feel a “sense of relief and permission from the current political climate to be the assholes that they are and have always been”. She paired that with an equally important observation: truly courageous leaders do not need permission from the political climate to be good people. For compliance professionals, that is not simply a leadership critique. It is a flashing red warning light.

Whenever a political or social environment legitimizes bullying, anti-empathy, macho posturing, humiliation, or domination, some corporate leaders will inevitably import that behavior into the workplace. They will call it toughness. They will call it candor. They will call it performance culture. They will call it accountability. But often it is something much simpler and much uglier. It is abuse wrapped in executive language. Compliance needs to be said so clearly.

The central challenge is not that every hard-driving executive is a bully. Some leaders are demanding, exacting, and high-performing without being abusive. They set clear expectations. They make hard calls. They hold people accountable. But they do not create fear as a management system. They do not humiliate subordinates. They do not retaliate against dissent. They do not turn uncertainty into control theater. That is the line compliance must help an organization define.

Brown also offers a useful lens for understanding how toxic leadership takes root. She notes that when people feel vulnerable or afraid, they “put on armor,” and for her, that armor often looks like “micromanagement” and “perfectionism”. That is a profound compliance insight. Toxic leadership is often not random. It is fear operationalized. It is insecurity translated into control. It is anxiety turned outward as cruelty. And once that fear-based conduct gets normalized, the compliance consequences follow quickly.

Employees stop raising concerns. Managers shade facts upward. Internal reporting channels become performative. Investigations lose witnesses because no one wants to be the next target. Small control failures become larger ethical failures because people learn that silence is safer than truth. In that kind of environment, the company does not merely have a culture problem; it has a systemic problem. It has a misconduct incubation problem.

This is where the Department of Justice’s Evaluation of Corporate Compliance Programs (ECCP) becomes highly relevant. The ECCP asks whether compliance is empowered, whether misconduct is investigated, whether reporting mechanisms are trusted, whether middle managers reinforce the right values, and whether the company’s culture actually supports ethical behavior. Those questions are not abstractions. They are designed to uncover exactly this sort of rot. If leadership behavior teaches employees that power matters more than principle, your code of conduct is not your culture. Your leaders are.

Prevention

That is why the compliance function must own this issue as a core mandate for prevention, detection, and response. Compliance should work with HR, internal audit, legal, and business leadership to define abusive leadership conduct in operational terms. Not vague values language. Not posters. Not generic civility commitments. Real examples. Public humiliation. Retaliation against dissent. Weaponized performance reviews—threat-based management. Selective enforcement. Meetings where people are punished for raising risks. Impossible deadlines are designed to force corner-cutting—leaders who demand loyalty over truth.

Just as importantly, compliance should distinguish this from legitimate performance management. Strong leaders can push hard. They can demand rigor. They can insist on deadlines and quality. But they do so transparently, consistently, and without degrading people. That distinction matters because toxic leaders love to hide behind the claim that others are too soft. Compliance must not allow that defense to go unchallenged.

Training is part of the answer, but only if it is targeted. Senior leader and middle manager training should include fear-based leadership scenarios, anti-retaliation obligations, how abusive conduct suppresses reporting, and how a breakdown in culture creates legal and regulatory exposure. This is not “soft skills” programming. Brown herself makes the point that leaders must know themselves, regulate their emotions, and think strategically, rejecting the dismissive label of ‘soft skills’ while linking that work directly to performance and growth. Compliance should embrace that insight. Emotional self-regulation is not cosmetic. It is a control.

Promotion and compensation systems must also be brought into the conversation. Companies create exactly what they reward. If a leader hits numbers while leaving a trail of fear, attrition, broken teams, retaliation complaints, and suppressed escalation, that person is not a high performer. That person is a risk event with a bonus target. So compensation committees, HR, and compliance should align on consequences and incentives. Promotion criteria should include team health, substantiated conduct findings, speak-up metrics, turnover patterns, and responsiveness to internal controls. A toxic rainmaker is still toxic.

Detection

Most companies already have more data on toxic leadership than they think. Hotline reports. Ombuds trends. HR complaints. exit interviews. internal mobility data. regrettable attrition. pulse surveys. investigation outcomes. audit interviews. skip-level feedback. even the language patterns that recur in misconduct reports. The failure is rarely a lack of information. The failure is the refusal to connect the dots when the accused is powerful.

Compliance should build a dashboard to monitor toxic leadership. Not for public circulation, but for disciplined internal review. Which functions have repeated retaliation allegations? Which leaders generate unusual turnover after promotion? Where do substantiated complaints cluster? Which business units show low reporting and high pressure simultaneously? Low hotline volume is not always a sign of health. Sometimes it is a sign that employees have already learned the rules of silence.

Here, the political and social climate matters. Brown describes the current atmosphere as “anti-empathy” and “sinister”. Whether one agrees with every aspect of that characterization is almost beside the point. Compliance professionals should understand that external discourse does seep into internal culture. When public life celebrates cruelty, belittles inclusion, mocks empathy, and treats domination as authenticity, some executives will feel culturally validated in bringing those behaviors to work. The company cannot control the external environment, but it can harden its internal norms to counter it. That means reinforcing that empathy is not weakness, accountability is not abuse, and candor is not humiliation.

Remediation

When a toxic leader crosses the line, the organization has to act in ways employees can see and believe, even if they do not see every fact. This is where many compliance programs fail. They investigate the conduct, document the issues, perhaps quietly coach the leader, and then move on. Employees notice. They conclude that there are two systems: one for everyone else and one for top performers.

The ECCP is skeptical of exactly that sort of inconsistency. Regulators want to know whether discipline is applied fairly across the organization and whether managers are held accountable for misconduct and for supervisory failures. A company that protects abusive executives because they deliver revenue is sending a very loud message about what it truly values.

The response toolkit should include substantiated findings, documented remediation plans, compensation impact, leadership coaching where appropriate, enhanced oversight, demotion when necessary, and termination when warranted. Not every toxic leader needs to be fired. But every confirmed pattern of abusive conduct needs a real consequence. Otherwise, the company is not remediating. It is subsidizing misconduct.

There is another subtle but important point in Brown’s remarks. She warns that emotionally resonant language can be weaponized and that vulnerability does not mean oversharing or abandoning responsibility. Compliance should take that seriously as well. Culture language can be gamed. Toxic leaders are often very good at learning the vocabulary of belonging, authenticity, or purpose without changing their behavior. So the compliance function should evaluate culture not by slogans, but by lived experience. Are people willing to raise concerns? Are bad facts welcome? Can managers be challenged without retaliation? That is the test.

In the end, the compliance function cannot prevent every executive from being a jerk. But it can and must prevent jerk behavior from becoming the unofficial operating system of the company.

That is the real issue. Not bad manners. Not personality conflicts. Not style differences. The real issue is whether fear becomes normalized as a management tool and whether the company, through inaction, grants silent permission for it to continue. When that happens, misconduct is never far behind.

Conclusion

In the final analysis, the compliance function has a duty far beyond policing policies or checking boxes. It must help set the boundaries of acceptable power inside an organization. When leaders use fear, intimidation, humiliation, or retaliation as management tools, they do more than damage morale. They corrode trust, silence speak-up culture, and create the precise conditions in which misconduct can flourish. That is why compliance professionals must be willing to call toxic leadership what it is: a cultural risk, a governance failure, and a business threat.

The larger lesson is straightforward. Culture is not shaped by what an organization says in its values statement. It is shaped by the behavior leaders model, the conduct that gets rewarded, and the misconduct that gets tolerated. If compliance leaders want to prevent corporate executives from turning into bullies with titles, they must insist on accountability before fear becomes normalized. In today’s environment, that is not optional. It is one of the clearest tests of whether a company truly has an effective compliance program.

Categories
Innovation in Compliance

Innovation in Compliance: Jim Massey on Risk in Action

Innovation spans many areas, and compliance professionals need not only to be ready for it but also to embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode,  host Tom visits with Jim Massey about his latest book, Risk in Action: The Leader’s Guide to Act with Clarity.

Jim Massey is a distinguished figure in risk management, known for translating complex ideas into practical strategies that empower business leaders. With a wealth of experience from boardrooms to executive sessions, he is a highly sought-after keynote speaker who enlightens audiences on how to navigate risks in high-pressure situations. Through his books, including his prior work, Trust in Action, Jim champions prioritizing and understanding risks, focusing on critical gaps and opportunities rather than attempting to address all risks equally. He is a proponent of using AI to streamline and revolutionize risk assessment processes, advocating a proactive approach in which leaders view risk as a potential driver of innovation and growth rather than merely a hurdle to overcome.

 

Key highlights:

  • Transforming Compliance Professionals into Risk Advisors
  • Adaptive Decision-Making in Uncertain Environments
  • Real-time AI Risk Cards for Executives
  • Embracing Risk as Catalyst for Innovation in Business
  • Embracing Risk as an Innovation Catalyst

Resources:

Jim Massey on LinkedIn

Jim Massey Website

Risk in Action: The Leader’s Guide to Act with Clarity

Innovation in Compliance was recently honored as the Number 4 podcast in Risk Management by 1,000,000 Podcasts

Categories
Daily Compliance News

Daily Compliance News: February 26, 2026, The Why So Few Women CEOs Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • What happens when companies demand that employees use AI? (WSJ)
  • Why so few women CEOs? (FT)
  • eBay finally settles Steiner harassment suit. (Reuters)
  • Alfred Sloan and objective organizations. (Bloomberg)
Categories
Great Women in Compliance

Great Women in Compliance: Proof, Patterns & Power: The Real Art of Workplace Investigations

In this roundtable episode, Sarah Hadden and Ellen M. Hunt explore the real art of workplace investigations with guests Lloydette Bai-Marrow and Onyinye Asala-Olojola through these three lenses:

  • Proof: What evidence do you need to support your finding that not only holds up in a court of law but also withstands scrutiny
  • Patterns: How to connect the dots so that the investigation tells a meaningful story that leads to action
  • Power: How to manage leaders so that the best resolution for the organization is the path forward

 

If you are looking for expert advice on how to increase the value of workplace investigations to your organization, tune in on your favorite podcast platform, on Corporate Compliance Insights, and the Compliance Podcast Network

#WorkplaceInvestigations #RootCause #CorrectiveMeasures #Retaliation #EthicalLeadership

Categories
Blog

The Starliner, Culture and Compliance: Leadership Lessons from a NASA Investigation Report

Corporate compliance professionals spend a lot of time talking about controls, training, third parties, and investigations. Yet the hard truth is that the most important control environment sits above all of that: leadership behavior and the culture it creates. That is why this NASA investigation report on the Boeing CST-100 Starliner Crewed Flight Test (CFT) is such a useful case study. It is a technical report, to be sure. But it is also a cultural, leadership, and governance report. NASA’s bottom line is unambiguous: technical excellence and safety require transparent communication and clear roles and responsibilities, not as slogans, but as operating requirements that must be institutionalized so safety is never compromised in pursuit of schedule or cost.

If you are a Chief Compliance Officer, General Counsel, or business leader, you should read this report the way you read an enforcement action. Not to gawk. Not to assign blame. But to harvest lessons for your own organization before you have your own high-visibility close call.

The incident(s) that led to the report

The CFT mission launched June 5, 2024, as a pivotal step toward certifying Starliner to transport astronauts to the International Space Station. It was planned as an 8-to-14-day mission but was extended to 93 days after significant propulsion system anomalies emerged. Ultimately, the Starliner capsule returned uncrewed, while astronauts Barry “Butch” Wilmore and Sunita “Suni” Williams returned aboard SpaceX’s Crew-9 Dragon in March 2025. In February 2025, NASA chartered a Program Investigation Team (PIT) to examine the technical, organizational, and cultural factors contributing to the anomalies.

The report describes four major hardware anomaly areas, including Service Module RCS thruster fail-offs that temporarily caused a loss of 6 Degrees of Freedom control during ISS rendezvous and required in-situ troubleshooting to recover enough capability to dock, a Crew Module thruster failure during descent that reduced fault tolerance, and helium manifold leaks where seven of eight Service Module helium manifolds leaked during the mission. The PIT further determined that the 6DOF loss during rendezvous met criteria for a Type A mishap (or at least a high-visibility close call), underscoring how close the program came to a very different ending.

That is the “what.” For compliance professionals, the “so what” is that NASA did not treat this as a purely engineering problem. It treated it as an integrated system failure, in which culture and leadership either reduce risk or magnify it.

Lesson 1: Decision authority is culture, not paperwork

One of the report’s clearest threads is that fragmented roles and responsibilities delayed decision-making and eroded confidence. In the compliance world, unclear decision rights become the breeding ground for “informal governance”: private conversations, end-runs around committees, and decisions that are never fully documented. Over time, that becomes a shadow-control environment that your policies cannot touch.

Compliance action steps

  • Define decision rights for the riskiest calls (high-risk third parties, market entry, major remediation, critical incidents).
  • Require a short, written record of: facts reviewed, options considered, dissent captured, decision made, and owner accountable.
  • Separate “recommendation authority” from “approval authority” so everyone knows where they sit.

Lesson 2: Transparency is a control, and selective data sharing destroys trust

The report explicitly flags that the lack of data access fueled concerns about selective information sharing. Interviewees described frustration that information could be filtered, selectively chosen, or sanitized, which eroded confidence in the process and people. It also notes reports of questions being labeled “too detailed” or “out of scope” without mechanisms to ensure concerns were addressed. That is the compliance danger zone. When teams believe the narrative matters more than the data, they stop escalating early. They start documenting defensively. They seek safety in silence.

Compliance action steps

  • Build “open data” expectations into your incident response and investigative protocols.
  • Create a defined pathway for technical or subject-matter dissent to be logged, reviewed, and dispositioned.
  • Treat meeting notes and decisions as governed records, not optional artifacts.

Lesson 3: Risk acceptance without rigor becomes “unexplained anomaly tolerance”

NASA calls out “anomaly resolution discipline” and warns that repeated acceptance of unexplained anomalies without root cause can lead to recurrence. That single lesson belongs on a poster in every compliance office. In corporate terms, “unexplained anomalies” are recurring control exceptions, repeat hotline themes, repeated third-party red flags, and audit findings that are “managed” rather than fixed. If leadership normalizes that pattern, it teaches the organization that closure is more important than correction.

Compliance action steps

  • Require root cause analysis for repeat issues, not just incident closure.
  • Set escalation thresholds for “repeat with no root cause” findings.
  • Audit remediation quality, not only remediation completion.

Lesson 4: Partnerships fail when “shared accountability” is not operationalized

The report emphasizes that shared accountability in the commercial model was inconsistently understood and applied. It also notes that historical relationships and private conversations outside formal forums created perceptions of blurred boundaries, favoritism, and lack of objectivity, whether or not those perceptions were accurate. Compliance teams have seen this movie. Think distributors, joint ventures, outsourced compliance support, and major technology partners. If accountability is shared in theory but siloed in practice, something will fall through the cracks. Usually, it falls right into your lap when regulators arrive.

Compliance action steps

  • Define “shared accountability” in contracts, governance charters, and escalation protocols.
  • Ensure independence and objectivity are protected by design, not by personality.
  • Create joint forums where data is shared broadly, dissent is recorded, and decisions are made openly.

Lesson 5: Burnout is a risk factor, and meeting chaos is a governance failure

The report’s recommendations recognize the operational reality: high-pressure environments can degrade decision quality. It calls for “pulse checks,” rotation of high-pressure responsibilities, contingency staffing, and time protection for deep work to proactively address burnout and improve decision-making under mission conditions. Compliance professionals should take that to heart. Crisis cadence is sometimes unavoidable. Permanent crisis cadence is a leadership choice. And it carries predictable consequences: shortcuts, missed details, weakened documentation, and poor judgment.

Compliance action steps

  • Build surge staffing plans for investigations and incident response.
  • Rotate incident commander roles when events extend beyond days.
  • Protect time for analysis, not just meetings and status updates.

Lesson 6: Accountability must be visible, not performative

NASA does not bury the human dimension. The report contains leadership recommendations to speak openly with the joint team about leadership accountability, including concurrence with the report and reclassification as a mishap, and to hold a leadership-led stand-down day focused on reflection, accountability concerns, and rebuilding trust. For corporate leaders, this is where trust is won or lost after a crisis. Employees can tolerate a hard outcome. They struggle to tolerate spin. If your organization communicates externally with confidence but internally with vagueness, your culture learns the wrong lesson: optics first, truth second.

Compliance action steps

  • After a major incident, publish an internal accountability and remediation plan with owners and timelines.
  • Provide regular updates on what has been completed, what is delayed, and why.
  • Make it safe for the workforce to ask questions in interactive forums, as NASA recommends.

Lesson 7: Trust repair requires a plan, not a pep talk

One of the most useful artifacts in the report is a sample Organizational Trust Plan. It sets a goal to rebuild trust by establishing clear expectations, open accountability, and shared commitment to safety and mission success. It includes objectives around transparent communication, acknowledging past challenges, reinforcing shared values, and structured engagement. It then lays out action steps: leadership engagement, facilitated sessions, outward expressions of accountability, teamwide rollout, training and coaching, and communication through a written plan and regular updates.

That is exactly the kind of operational discipline compliance leaders should bring to culture work. Culture does not change because someone gives a speech. Culture changes when the organization changes how it makes decisions, treats dissent, and follows through.

Five key takeaways for the compliance professional

  1. Clarify decision rights before the crisis. Ambiguity becomes politics under pressure.
  2. Make transparency non-negotiable. Perceived filtering of data destroys credibility.
  3. Do not normalize unexplained anomalies. Repeat issues without a root cause are future failures.
  4. Operationalize shared accountability with partners. Otherwise, it is a slogan.
  5. Rebuild trust with a written plan and visible accountability. Trust repair is a managed process.

In the end, the Starliner lesson for compliance is simple: controls matter, but culture decides whether controls work when it counts. If leadership cannot run disagreements well, cannot share data broadly, and cannot demonstrate accountability after the fact, the best-written compliance program in the world will fail the moment the pressure rises.

Categories
Great Women in Compliance

Great Women in Compliance: Why Decision Rubrics Matter in the Age of AI with Hemma Lomax and Shalini Rajoo

In this conversation, GWIC host Dr. Hemma R. Lomax and Shalini Rajoo explore the critical role of decision rubrics in governance, accountability, and trust, especially in the context of AI. Shalini shares her journey from law to compliance, emphasizing the importance of understanding systems and the impact of leadership on decision-making processes. They discuss how transparency and clarity in decision-making can build trust within organizations and the necessity of responsible AI governance. Practical tips for improving decision quality are also provided, highlighting the importance of self-awareness and critical thinking in leadership.

Takeaways:

  • The biggest risk in governance is unclear decisions.
  • AI amplifies existing clarity or confusion in decision-making.
  • Systems and rules reflect the identities of their architects.
  • Everyone has an impact on those around them every day.
  • Leadership is about improving the people around you.
  • It’s not just about rules; it’s about how people behave.
  • Decision rubrics provide consistency and predictability in outcomes.
  • Transparency in decision-making processes builds trust.
  • Slowing down to ask questions can lead to better decision-making.
  • Writing down the reasons for decisions brings clarity and accountability.

Sound bites:

“Systems and rules are not inherently neutral.”

“Transparency in decision making builds trust.”

“Slow is smooth, and smooth is fast.”

Chapters:

00:00 Introduction to Decision Rubrics and Governance

02:55 Shalini’s Journey: From Law to Governance

06:09 The Impact of Systems on Leadership and Accountability

09:09 Transitioning to Compliance and Ethics

11:49 Understanding Decision Rubrics in Compliance

15:06 The Role of Leadership in Decision Making

18:03 Designing Conditions for Effective Decision Making

20:47 The Importance of Transparency in Decision Processes

24:09 Decision Rubrics: Building Trust in Organizations

26:49 AI and Governance: Leadership Infrastructure Failures

29:47 Responsible AI: The Role of Ethics and Compliance

32:55 Practical Tips for Improving Decision Quality

36:00 Conclusion: The Future of Decision Making in AI

Guest Biography:

Shalini Rajoo is the Founder and Principal Consultant of Shalini Rajoo Advisory, LLC, where she partners with organizations to design governance, compliance, and decision-making systems that are resilient, trustworthy, and aligned to real operational pressures. Across more than two decades in law, compliance, HR, and organizational leadership, Shalini has helped companies and leaders move beyond check-the-box frameworks to build structures that embed accountability, clarity, and performance into everyday decisions.

She began her career in South Africa, first as a public prosecutor and then leading regulatory work with the Department of Trade and Industry, collaborating with legislative and executive stakeholders on corporate, competition, and consumer law. After relocating to the U.S., Shalini practiced commercial litigation. She later served as Director of Global Business Conduct for a Fortune 500 company, where she redesigned ethics and compliance systems, led global risk assessments, and championed psychological safety and integrity-based practices.

Today, Shalini’s work centers on helping leaders clarify decision rights, governance architectures, and accountability pathways — especially as organizations adopt AI and automation. She recently spoke at the Opal Group’s Corporate Governance & Ethics in the Age of AI conference, where she reframed AI governance as a leadership-infrastructure challenge rather than a purely technical or compliance one.

Categories
Compliance Into the Weeds

Compliance into the Weeds: The Essence of Leadership and Why Donald Trump Is Not a Role Model

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore it more fully. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode of Compliance into the Weeds, Tom Fox and Matt Kelly look at the leadership failures from Donald Trump and his administration after the killing of Alex Pretti last weekend. This episode has significant editorial commentary.

Matt and Tom critically examine the behavior and leadership failings of Donald Trump and his Administration in the wake of the shooting of Alex Pretti and argue that his approach is far from exemplary for CEOs or business leaders. The discussion highlights the essence of effective leadership as the ability to instill trust and direction, contrasting this with Trump’s history of questionable business acumen and the allegations of his disastrous lying to the American people. The takeaway is that true leadership involves integrity, trustworthiness, and the ability to inspire and guide employees toward a common goal, traits that Trump is argued to lack. 

Key highlights:

  • Comparing CEOs to Donald Trump
  • Crisis of hyper-transparency
  • Corporate responses. Were they enough or a first step?
  • Leadership and Trust

Resources:

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

A multi-award-winning podcast, Compliance into the Weeds was most recently honored as one of the Top 25 Regulatory Compliance Podcasts, a Top 10 Business Law Podcast, and a Top 12 Risk Management Podcast. Compliance into the Weeds has been conferred a Davey, a Communicator Award, and a W3 Award, all for podcast excellence.