Tag: Matt Galvin

Categories
ACI FCPA Conference 2025

ACI-FCPA Conference Speaker Preview Series – Matt Galvin on the AI and Data Analytics for Anti-Corruption Compliance Forum

In this episode of the ACI-FCPA and Global Anti-Corruption Conference Speaker Podcasts series, Matt Galvin discusses his forum, “AI and Data Analytics for Anti-Corruption Compliance,” which will be held on Tuesday, December 2.

Some of the issues the panel will discuss are:

  • Cutting-edge AI strategies for compliance;
  • Integrating AgenticAI into your workflows.
  • The need for AI governance into 2026 and beyond.

I hope you can join me at the ACI–FCPA Conference. This year’s event will take place on December 3-4 at the Gaylord National Resort & Convention Center in National Harbor, Maryland, near Washington, D.C. The lineup of this year’s event is simply first-rate, featuring some of the top FCPA professionals, white-collar attorneys, and compliance practitioners in the field.

The 2025 program is being completely redesigned to help your organization stay agile, responsive, and ahead of the curve. Expect a dynamic agenda shaped by real-world priorities, practical takeaways, and the most cutting-edge thinking in compliance—led by a faculty of global practitioners with boots on the ground, encountering the very risks that come across your desk.

Please join me at the event. For information on the event, click here. Listeners of this podcast will receive a discount by using the code D10-999-CPN26.

Categories
FCPA Compliance Report

FCPA Compliance Report – Upping Your Game in Compliance

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. This is a very special episode. This podcast comes from a webinar hosted by KonaAI on Tom Fox’s latest book, Ûpping Your Game. On this webinar, Tom is joined by Vince Walden, CEO of konaAI; Hemma Lomax, Deputy General Counsel, Vice President, Global Head of Ethics and Compliance at Docusign; and Carl Hahn and Matt Galvin, both from Gentic Global Advisors PLLC.

The discussion revolves around compliance, with thought leaders delving into how organizations can enhance their performance by utilizing emerging technologies and compliance strategies. The conversation begins with a focus on the transformative role of AI in compliance, highlighting its ability to support continuous monitoring, predictive analytics, and embedding compliance into day-to-day business operations. The panel emphasizes the rise of “compliance as a service” and the growing need to prioritize user experience, particularly in third-party risk management and digital transformations. The panel addresses key challenges, such as overcoming resistance from business process owners, and emphasizes the importance of using data strategically to drive better compliance outcomes. The panel introduces the concept of the “Office of Unlock” as a collaborative model to break down silos and promote agility. They also discuss change management, AI governance, and tailoring compliance communications to specific audiences. The episode concludes with practical advice for compliance officers and a forward-looking discussion on aligning compliance programs with evolving organizational and regulatory landscapes.

Key highlights:

  • Upping Your Game
  • Embedded Compliance
  • What’s the business value?
  • What steps should you take right now

Resources:

Hemma Lomax on LinkedIn

Vince Walden on LinkedIn

Matt Galvin on LinkedIn

Carl Hahn on LinkedIn

KonaAI

Gentic Global Advisors

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the use of AI in compliance programs, see Tom Fox’s new book, Upping Your Game. You can purchase a copy of the book on Amazon.com.

Categories
Blog

Using AI to Transform Whistleblower Response

When it comes to internal reporting programs, the days of the lonely 1-800 hotline are over. Today’s compliance landscape demands real-time action, smarter triage, greater protections for whistleblowers, and trust. Fortunately, we now have the tools to meet that demand. Artificial Intelligence (AI) and predictive analytics transform whistleblower programs from sluggish, reactive systems into powerful, proactive compliance assets.

This shift could not be timelier. Regulators like the DOJ and SEC have clarified that robust, responsive whistleblower programs are not just a “nice to have” but mandatory. Companies that fail to get this right risk regulatory penalties and devastating hits to their reputation and employee trust. AI offers the compliance community a tremendous opportunity to enhance whistleblower protection, build credibility, and drive a true culture of compliance. Today, I want to summarize key lessons compliance professionals can draw from this evolving space.

Lesson 1: AI as a Guardian of Whistleblower Anonymity

Historically, fear of retaliation has been the Achilles’ heel of internal reporting programs. Employees hesitate to come forward when they don’t trust the system to protect them.

AI changes that. Using sophisticated Natural Language Processing (NLP), AI systems can automatically strip away identifiers, names, job titles, and department names from reports while preserving the critical context needed for an investigation. This is not simply a technical improvement. Instead, it should be seen as a trust builder. Compliance officers must lean into these anonymization technologies and communicate their existence to employees. If employees know the system genuinely protects their identities, the likelihood of them speaking up and doing so internally increases dramatically.

The bottom line: anonymity protections powered by AI are no longer optional; they’re essential.

Lesson 2: Real-Time Prioritization Through Machine Learning

Another game-changer AI brings is the ability to sort and prioritize whistleblower reports in real-time. In the old world, investigators had to slog through hundreds or thousands of cases manually, often missing the truly high-risk ones. Machine learning algorithms today can review incoming reports, categorize them by urgency, and identify patterns that would otherwise go unnoticed.

This means faster action on serious allegations and earlier intervention to mitigate legal and reputational risks. Compliance professionals should build KPIs around AI-driven triage: How quickly are high-risk reports escalated? How often are machine-prioritized cases substantiated? What’s the employee satisfaction rate with the process?

AI-powered triage means your whistleblower system can evolve from a passive intake mechanism to a real-time risk management engine.

Lesson 3: Meet Employees Where (and How) They Communicate

Here is a hard truth in compliance: if your speak-up program is still just a hotline, you are losing the next generation of reporters. Vince Walden puts it best: different generations communicate differently. Millennials, Gen Z, and certainly Gen Alpha are far more comfortable with digital chat-based systems than voice calls. In fact, in one major telecom company, the top question employees asked the compliance chatbot was, “Is this a conflict of interest?” Thus, proving how valuable and revealing these interactions can be.

The lesson is clear: You need chatbots, mobile-first platforms, and AI-driven systems that not only receive reports but also interact, guiding users through the reporting process, clarifying ambiguous issues, and capturing better data upfront. Modernizing your intake channels is not just about technology; it’s about inclusivity and building a true culture of compliance that meets employees where they are.

Lesson 4: Expansion of the Grievance Mechanism Use Case

Compliance isn’t just about FCPA violations and insider trading anymore.

New regulatory frameworks like Europe’s Corporate Sustainability Due Diligence Directive (CSDDD) require grievance mechanisms that extend to supply chain employees and local communities affected by a company’s operations. Your AI-enhanced grievance mechanisms must be flexible enough to receive and triage various issues, such as code of conduct violations, human rights complaints, community grievances, and more.

Andrew McBride has noted that AI-driven intake systems can immediately ask follow-up questions when an initial report is unclear, vastly improving the quality of the information collected. That front-end improvement makes triage, investigation, and resolution much more efficient.

Lesson learned: Build a grievance mechanism that isn’t one-size-fits-all. Flexibility is the new mandate.

Lesson 5: AI for Smarter, Scalable Triage

Finally, Matt Galvin has pointed out the richest opportunity: using AI to automate and scale the triage process fully. Imagine a system trained on thousands of past investigations that can predict the most likely next steps for each new report, whether a simple follow-up, a deep-dive investigation, or escalation to senior leadership.

AI models developed from 5,000 annual complaints identified predictable investigative paths at one company, making triage faster, smarter, and far more cost-effective. Of course, Galvin wisely cautioned that you need a robust and affordable solution to make this practical, especially if you’re operating across high-cost jurisdictions. But the payoff is immense: more efficient investigations, lower operating costs, and a stronger, data-driven compliance posture.

Lesson: The future of whistleblower response is not simply about responding; rather, it is about predicting, prioritizing, and preempting risk.

Final Thoughts

The future of whistleblower programs is not about adding more hotlines or printing more posters. It is about embedding AI and predictive analytics into every layer of your reporting system, from intake to triage to resolution. AI helps compliance teams protect anonymity, prioritize real risk, meet employees where they are, expand the use cases for grievance mechanisms, and scale triage operations without scaling costs.

AI doesn’t replace the demands of human judgment compliance—it amplifies them. The compliance officers who understand this shift, embrace these tools, and lead their organizations through the transition will not just improve whistleblower response. They will make compliance a strategic asset that drives transparency, trust, and sustainable growth.

In short, the future of whistleblower programs is here—and it’s intelligent.

The above is from my latest book, Upping Your Game: How Compliance and Risk Management Move to 2030 and Beyond, available from Amazon.com.

Categories
Blog

Upping Your Game – Compliance Moves into the 2030s

On February 10, 2025, the Trump Administration suspended investigations under and enforcement of the Foreign Corrupt Practices Act via Executive Order. Many compliance professionals have since wondered what this will mean for corporate compliance programs. Hui Chen, in a blog post entitled Pause in FCPA Enforcement: Crisis or Opportunity?, said, “Many in the compliance world have expressed lament, concerns, and anger. Understandably so. This may feel like an existential crisis for an industry so dependent on enforcement as its raison d’être. Yet, in every crisis, there is an opportunity. This is no exception.” She stated, “We will have the opportunity to find out which companies do not believe they need to engage in bribery to be competitive. But we will also see companies recalibrate their risk tolerance not because the door to foreign bribery has been wedged open, but because their past fear-driven strategy resulted in a sometimes overly narrow view of corporate risk and responsibility in this space.” She listed three key areas to start, the third being “it’s time to up your game.”

I agreed wholeheartedly with Chen. Inspired by Chen, I wanted to write a book for compliance professionals about how they could think through ‘Upping Their Game’ using currently existing Generative AI (GenAI) tools to improve their compliance programs dramatically. It all starts with the precept from Carl Hahn, “To me, the animating reason for our compliance program was to deliver business value. And that was my proposition on day one. It is a positive business-forward proposition based on returning on investment, returning value to the business, being part of the business strategy, enabling the achievement of strategic goals, and enabling the company to successfully deliver to its customers, investors, stakeholders, and employees.” As compliance professionals, it is critical to recognize that this moment is not merely about incremental improvements. The Trump Executive Order brings to the compliance profession a rare inflection point where revolutionary technological advancements, if harnessed strategically, can elevate our profession to a new level of effectiveness, efficiency, and organizational value.

Once reliant on manual oversight, reactive reporting, and periodic audits, compliance monitoring is evolving into a proactive, real-time capability empowered by sophisticated AI technologies. Compliance professionals historically functioned as gatekeepers, viewed as necessary but inconvenient barriers to business velocity. But now, driven by AI, compliance stands poised to shed that restrictive image, embedding directly into core operational workflows and thus shifting from gatekeeper to integral business partner.

Today, the cutting edge of compliance is driven by two primary strands of AI: predictive analytics, leveraging machine learning, and GenAI. Each has distinct capabilities, but combined, they represent a powerhouse able to address the vast majority of traditional compliance challenges and emerging risks. At its core, compliance seeks to identify, manage, and mitigate risks. Traditionally, this has meant looking backward, investigating past issues, and reacting to problems after they occur. AI fundamentally shifts compliance from this rearview mirror perspective to a forward-looking, predictive posture. Machine learning technologies empower compliance officers to train AI models on vast quantities of historical data, teaching systems to recognize patterns and indicators that suggest elevated risk in real-time.

Today, a compliance officer can use predictive analytics to tag transactional data by risk category, identifying potential bribes, improper payments, fraud, conflicts of interest, and sanctions violations. With these capabilities, compliance teams can proactively identify, isolate, and remediate issues before they escalate, significantly reducing organizational exposure and regulatory risk.

This shift from reactive to proactive risk management also enhances compliance agility. Organizations equipped with AI-powered monitoring can swiftly pivot to address new regulatory developments or emerging business risks. Because AI can integrate and analyze data in real-time from diverse sources, such as financial records, employee communications, operational metrics, and third-party data, the organization is positioned to respond to regulatory inquiries swiftly, accurately, and effectively, thus greatly enhancing compliance resilience.

AI offers a transformative capacity to integrate compliance directly into essential business processes by embedding compliance directly into an organization’s operations. Andrew McBride’s approach is termed the “Holy Grail” for compliance professionals who seek to seamlessly embed compliance responsibilities within operational workflows, enabling employees to carry out compliance tasks without interrupting their regular business activities.

For all these reasons and more, I am thrilled to announce the publication of my latest book, Upping Your Game: How Compliance and Risk Management Move to 2030 and Beyond. The compliance function is uniquely situated to lead the management of risk going forward, and in this book, I provide every compliance professional with key tactics, concepts, and strategies to move forward with GenAI today to answer the call to Up Your Game. Each chapter is dedicated to one area of a compliance program: risk management, third parties, training, chatbots, and embedded compliance. I provide key lessons for compliance professionals in each chapter and a case study on how one or more companies have created GenAI tools that can be adapted for compliance. Each one of these strategies meets Hahn’s precept to enhance business value.

I  interviewed some of the top thinkers on GenAI in the compliance field for this book. Contributors included Vincent Walden, CEO of konaAI, a global, AI-driven technology company focused on anti-fraud, anti-corruption, and compliance risks. Matt Galvin, co-founder of Gentic Global Advisors. Carl Hanh, co-founder of Gentic Global Advisors. Dr. Hemma Lomax, Deputy General Counsel, Vice President, Global Head of Ethics and Compliance at Docusign. Jag Lamba is the founder and CEO of Certa. Eric Sydell is a co-founder and CEO of Vero AI.

I hope you check out the book and use it as a basis for Upping Your Game going forward. KonaAI, a leading data analytics firm, sponsored this book.

You can purchase a copy of the book on Amazon.com.

Categories
FCPA Compliance Report

Matt Galvin and Dan Kahn, Part 2-Reflections on the Monaco Speech

This episode of the FCPA Compliance Report begins a special two-part series with two well-known compliance professionals. Matt Galvin, most recently the CCO at AB-InBev and Dan Kahn, former acting Deputy Assistant Attorney General of the Criminal Division, Chief of the Fraud Section, and Chief of the FCPA Unit. Dan is now in private practice at DavisPolk. In this concluding Part 2, we take a deep dive into the Lisa Monaco Speech focusing on how the DOJ might look to access corporate culture, the Speech’s effect on the Benczkowski Memo, using the Monaco Speech and other external information for internal corporate presentations and the DOJ reviewing other corporate misconduct.

Resources

Matt Galvin on LinkedIn

Dan Kahn at Davis Polk

Categories
FCPA Compliance Report

Matt Galvin and Dan Kahn-Part 1, Disclosing to and Working with the DOJ

This episode of the FCPA Compliance Report begins a special two-part series with two well-known compliance professionals. Matt Galvin, most recently the CCO at AB-InBev and Dan Kahn, former acting Deputy Assistant Attorney General of the Criminal Division, Chief of the Fraud Section, and Chief of the FCPA Unit. Dan is now in private practice at DavisPolk. In this Part 1 we take up the key issues around dealing with the DOJ including the factors which go into the decision to self-disclose, incentives and disincentives in compliance programs, internal investigations including who is involved and scoping an investigation, presenting information to the DOJ during the pendency of an investigation and negotiating the final settlement and post-resolution; including both ongoing reporting and continuing innovation in your compliance program.

Resources

Matt Galvin on LinkedIn

Dan Kahn at Davis Polk