Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Tom Kline, a seasoned automobile industry expert and risk management authority.
The two Toms delve into specific risks unique to car dealerships and how to manage customer and employee relations to avoid regulatory problems effectively. Kline shares his extensive experience from almost 35 years in the industry, detailing strategies like proactive online reputation management and creative contractual clauses designed to preempt legal issues from customer disputes. They also discuss the complexities of insurance policies in the automotive sector and the importance of understanding coverage as a risk mitigation tool. Kline introduces ‘Tuck the Octopus,’ a metaphor for handling the multifaceted challenges dealerships face, emphasizing customer service’s importance in fostering long-term loyalty.
Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.
Today, we consider what questions a Board of Directors should ask a CCO and the types of metrics they should ask for in their role of overseeing the compliance program.
For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.
Check out the full 3-book series, The Compliance Kids, on Amazon.com.
The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Are you looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this special election day episode of ‘Compliance into the Weeds,’ Tom Fox and Matt Kelly dive into a lighter yet insightful compliance story involving a young boy named Danny Doherty.
At 12 years old, Danny set up a homemade ice cream stand in Massachusetts to raise money for a hockey team for children with developmental disabilities. However, the local health department shut its stand down due to risks associated with homemade dairy products, highlighting the importance of a risk-based approach in compliance activities. Tom and Matt discuss key compliance lessons from this incident, such as the necessity of addressing real risks, the potential for compliance failures despite good intentions, and the importance of effective communication by regulators.
Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.
Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.
Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.
Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.
How does the discovery of the Creature from the Black Lagoon guide a compliance professional in managing new and emerging risks?
David Caruso is the founder and managing director of the Dominion Advisory Group, a consulting firm based in Virginia, near the nation’s capital. The firm works with banks facing regulatory enforcement actions across the U.S., Europe, and Asia. David aids institutions and organizations in navigating financial crime risk and compliance modernization globally.
As a former special agent with the US Secret Service and a graduate of George Washington University since 1996, he has been at the forefront of shaping the financial crime risk and compliance profession more generally. Building anti-money laundering (AML) and sanctions compliance programs at banking and financial institutions across the US and internationally, overseeing headline-grabbing corruption and money laundering investigations, and building and selling a RegTech software firm have afforded him an ideal perspective to reflect on every major issue and trend occurring in the financial crime compliance space for the past 25 years.
In this episode of Regulatory Ramblings, David shares his reflections on a nearly three-decade career in AML and financial crime compliance with our host, Ajay Shamdasani.
He recounts having worked at global institutions like JP Morgan, Riggs Bank, Wachovia, Washington Mutual, and HSBC, to name a few. His notable achievements include his time as Riggs Bank’s chief compliance and AML officer.
In that role, he was hired to address some program weaknesses cited by the US Treasury Department’s Office of the Comptroller of the Currency (OCC). While at Riggs, David’s team uncovered two notorious international corruption schemes involving the government of Equatorial Guinea and former Chilean dictator Augusto Pinochet. The team’s work led to investigations by the Department of Justice and the U.S. Senate Permanent Subcommittee on Investigations.
The cases drew worldwide media attention from justice authorities in the US, UK, Spain, and Chile. The facts uncovered by David at Riggs shook US lawmakers and regulators, kicking off 10 years of active regulatory and law enforcement action against banks across the US.
After Riggs, David founded The Dominion Advisory Group in 2005. From his ringside seat near Washington, DC, he works closely with executive management, boards, and outside counsel to craft responses and build entire financial crime risk and compliance programs to address regulatory concerns—of which there has been no shortage in recent years.
David also discusses the allure of AML and financial crime compliance and what brought him to the professional path he has been on for over three decades. Methodologically speaking, he recounts what has changed in AML and financial crime in that time and what has remained the same.
He concurs that since 1970, so many additional requirements and expectations have been created that AML teams still need to catch up on their primary mission. Reflecting on the impact of the Bank Secrecy Act (1970), the USA PATRIOT Act (2001), the Foreign Account Tax Compliance Act (2010), or FATCA, and the more recent Anti Money Laundering Act (2020), he shares his views on how the impact of regulatory action has distracted from compliance professionals’ more critical tasks—with an eye towards how the regulatory exam-focused mindset of money laundering reporting officers (MLROs) affects operations and innovation.
David also depicts the pervasive and ongoing discrepancies between what domestic and international/supernational policy-setting organizations, like the Financial Action Task Force (FATF), based in Paris, say and what they do. He says, “No one wants to ask if new rules and regulations are working and whether they prevent crime or have the unintended consequence of reducing [economic] growth?”
He acknowledges the degree of geopolitical hypocrisy when it comes to AML and financial crime compliance, as well as when it comes to fighting bribery, fraud, and corruption internationally. Washington, New York, London, and Brussels all too often regulated the financial world. Yet, while the US and UK, and increasingly the EU, are some of the most aggressive jurisdictions regarding financial crime enforcement actions, their regulatory apparatus is often used to further their geopolitical goals. It is a view that many outside the West hold.
The conversation concludes with David’s views on why sanctions against Russia stemming from its 2022 invasion of Ukraine have largely been unsuccessful, how technologies such as artificial intelligence can help AML/KYC/FCC compliance, and what policy recommendations he suggests moving forward.
We are bringing you the Regulatory Ramblings podcasts with assistance from the HKU Faculty of Law, the University of Hong Kong’s Reg/Tech Lab, HKU-SCF Fintech Academy, Asia Global Institute, and HKU-edX Professional Certificate in Fintech.
Today, we conclude a multipart blog post series exploring one of the biggest corporate scandals of the 1990s, the Bre-X mining scandal. Our most recent blog post explored the foundational lessons from the Bre-X scandal for today’s compliance professionals, focusing on due diligence, transparency, corporate governance, and more. In today’s concluding blog post, we focus on additional critical areas where compliance officers can play a pivotal role in ensuring organizational integrity. From fostering a strong whistleblowing culture to leveraging modern technologies for continuous monitoring, these strategies will help prevent financial fraud, uphold ethical standards, and do business in compliance into 2024 and beyond.
The Role of Whistleblowing and Ethics Programs
A lack of transparency and accountability within Bre-X contributed to the persistence of fraud for years. If a robust whistleblowing mechanism had been in place, the red flags might have been raised earlier, potentially preventing the massive fallout.
Encouraging Whistleblowing. One of the most critical aspects of modern compliance is creating a culture where employees feel empowered to speak up without fear of retaliation. Compliance officers should focus on building and maintaining secure, confidential channels where employees can report unethical or suspicious activities. A strong whistleblowing framework protects the organization from reputational damage and demonstrates to employees that integrity is a top priority.
Ethics Training. In addition to promoting whistleblowing, regular ethics training can help build a culture of transparency and accountability. Employees must be educated on the importance of ethical decision-making and how their actions contribute to the company’s long-term success. Compliance teams can reinforce the core values of honesty and integrity across the organization through frequent workshops, case studies (including Bre-X), and clear guidance on ethical behavior.
Risk Management and Scenario Planning
The Bre-X scandal is a stark reminder of the importance of comprehensive risk management. The ability to foresee potential risks and prepare accordingly can be the difference between averting a disaster or getting caught in one.
Assessing and Mitigating Risk. Risk management is central to the work of a compliance officer. Rigid risk assessments are non-negotiable in industries like mining—where speculation, large financial stakes, and geographical challenges intersect. Compliance professionals must develop strategies that identify, assess, and mitigate potential risks early, whether they stem from operational, financial, or reputational sources. For instance, resource overestimation, as seen in Bre-X, could have been mitigated with proper checks on geological data and third-party verification.
Scenario Planning. Preparing for various fraud scenarios, including “what if” situations similar to Bre-X, is a valuable exercise. Scenario planning enables organizations to consider how they would respond in the event of fraud or a major compliance breach. Companies should develop detailed crisis management plans, identify key decision-makers, and outline steps for navigating potential crises. In the event of another large-scale scandal, having these contingency plans in place will reduce the organization’s response time and limit damage.
Continuous Controls Monitoring and Auditing
The importance of continuous monitoring cannot be overstated, particularly in industries prone to high levels of fraud, such as mining, finance, or healthcare. Compliance professionals must champion ongoing oversight to ensure early detection of potential issues.
Ongoing Oversight. Continuous auditing of processes and transactions is an effective way to catch problems before they escalate. In the Bre-X case, regular audits of geological sample reporting and financial disclosures could have flagged discrepancies early on. Compliance teams today should implement robust monitoring programs that examine critical areas like financial performance, regulatory adherence, and ethical behavior. Routine audits of key operational processes, especially in high-risk industries, can prevent fraudulent behavior from going undetected.
Use of Technology. The rise of data analytics and artificial intelligence (AI) has transformed the compliance landscape. In 2024, compliance professionals must embrace technology that enhances real-time monitoring capabilities. By leveraging AI and big data, companies can detect anomalies or suspicious activities before they evolve into significant problems. For example, automated systems can track financial reporting patterns or identify irregular resource estimates, helping compliance teams intervene before major fraud occurs.
Global Considerations and Jurisdictional Awareness
In today’s globalized business environment, companies often operate in multiple countries, each with its regulatory requirements. Compliance professionals must stay abreast of international standards and ensure the organization complies with all regions.
Navigating International Regulations. The Bre-X scandal highlighted the complexities of operating in different jurisdictions. While Bre-X was a Canadian company, much of its fraudulent activities occurred in Indonesia, and the regulatory landscape vastly differed between the two countries. In 2024, compliance officers must develop an in-depth understanding of the regulatory environments in each jurisdiction where their company operates. This includes legal compliance and cultural and business norms that could impact operations and risk management strategies.
Cross-Border Cooperation. In an interconnected world, no company is an island. Regulatory bodies across countries are increasingly cooperating on compliance and enforcement efforts, especially in mining, finance, and pharmaceuticals. Building relationships with regulatory agencies in different jurisdictions is vital for compliance professionals. These partnerships can help organizations navigate complex international regulations and stay on top of emerging global compliance trends.
The Bre-X scandal was a watershed moment for the mining industry and for compliance professionals across sectors. The lessons from this case are invaluable in shaping how compliance is approached in 2024. Compliance officers can safeguard their organizations from the devastating consequences of fraud by encouraging a culture of whistleblowing, implementing comprehensive risk management practices, leveraging technology for continuous monitoring, and understanding global regulatory landscapes.
Fraud prevention is a continuous journey that requires vigilance, transparency, and a proactive mindset. Today’s compliance professional’s responsibility is not just to respond to incidents but to anticipate them, fostering a corporate culture prioritizing ethics and accountability at every level. This concludes our series on the Bre-X scandal. By learning from the past, compliance professionals can build a more resilient, transparent future for their organizations.
What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These questions are but three of the many questions we will explore in this cutting-edge podcast series, Compliance and AI, hosted by Tom Fox, the award-winning Voice of Compliance.
In this episode, Tom visits with Vall Herard, CEO of Saifr.ai, which is aimed at transforming compliance in the financial services industry.
Saifr.ai is an AI company aimed at transforming compliance in the financial services industry. Herard shares his professional background, the founding and objectives of Saifr, and the company’s innovative AI solutions, including marketing communications compliance, electronic communications compliance, and AML/KYC capabilities. We cover how Saifr.ai uses AI to help compliance officers by providing tools that streamline their work and embed compliance checks in everyday processes. Herard also touches upon AI ethics, adaptive risk management, and the future of AI in compliance. He hints at upcoming innovations, including the compliant adaptation of large language models like ChatGPT for financial services.
In this episode of Trekking Through Compliance, we consider the compliance and leadership lessons from the episode The Doomsday Machine, which aired on October 20, 1967, and occurred on Star Date 4202.9.
The Enterprise responds to a distress beacon from the Starship U.S.S. Constellation and then finds the battered remains of the ship itself. Kirk sends a boarding party to the Constellation to investigate. Its commander, Commodore Matt Decker, is in a state of shock and not very coherent. Even after McCoy injects him, Decker can say that his ship was attacked by “that thing.”
Kirk beams Decker and McCoy back to the Enterprise. The Doomsday Machine attacks the Enterprise. Commodore Decker pulls his rank and assumes command over Spock’s objections. Kirk sees what is going on from the Constellation and begins heading toward the Doomsday Machine using impulse power.
Kirk angrily orders Spock to re-assume command of his authority, which he does. Decker steals a shuttlecraft and pilots it into the Doomsday Machine, killing himself but producing a small power drop in the Doomsday Machine. Kirk reasons that the starship explosion might be capable of destroying the alien vessel. Scott rigs the Constellation to explode, then transports it to the Enterprise. The Constellation then explodes, turning the planet killer into a harmless pile of space junk.
Commentary
The Enterprise encounters a planet-destroying robot and must devise a way to stop it. Fox underscores various compliance and risk management lessons: establishing robust incident response protocols, fostering cross-functional teamwork, ensuring organizational resilience, balancing short-term fixes with long-term solutions, cultivating a culture of compliance and innovation, and maintaining situational awareness and adaptability. These lessons are essential for compliance leadership in 2024.
Key Highlights
Story Synopsis: The Doomsday Machine
Fun Facts and Behind the Scenes
Compliance Leadership and Risk Management Lessons
Resources
Excruciatingly Detailed Plot Summary by Eric W. Weisstein
In this episode of Trekking Through Compliance, we consider the compliance and leadership lessons from the episode The Apple, which aired on October 13, 1967, and occurred on Star Date 3715.0.
A Landing Party finds danger on a seemingly pristine planet as the Enterprise is threatened. The planet’s inhabitants are the feeders of Vaal. Kirk asks to be taken to Vaal, just as Scott reports that the Enterprise is being dragged into the planet by a tractor beam from the planet.
Kirk and Spock go to confront Vaal. Vaal responds by calling a thunderstorm and striking Spock with a lightning bolt. The people of Vaal then attack, killing a security guard. As usual, the rest of the landing party fends off the attack and gets off unscathed. Kirk has Scott attack Vaal with the ship’s phasers to weaken. This drains Vaal’s power reserves and frees the people from his grip. Spock accuses Kirk of giving the people the equivalent of the apple of knowledge and driving them from their Eden, but Kirk maintains that Spock’s resemblance to the Devil is much more apparent than his own.
Commentary
The episode follows Captain Kirk and his landing party as they encounter the planet Gamma Trianguli VI and grapple with its godlike ruler, Vaal. The discussion highlights critical business ethics lessons, including the dangers of paternalistic control, respecting cultural sovereignty, ensuring transparency, avoiding disruption of stable systems, fostering self-determination, and balancing short-term and long-term impacts. Additionally, this episode reflects on the broader implications of Kirk’s actions on the planet’s civilization and draws parallels to modern ethical concerns in compliance programs.
Key Highlights
Story Synopsis
Fun Fact and Episode Themes
Business Ethics Lessons from The Apple
Resources
Excruciatingly Detailed Plot Summary by Eric W. Weisstein
Welcome to the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group’s podcast, All Things Investigation.
In this podcast, host Tom Fox welcomes back Mike DeBernardis to discuss recent corruption convictions involving individuals connected to Venezuela, as highlighted in Hughes Hubbard & Reed’s ‘Month in a Minute.’
We use these criminal matters as a starting point to discuss how companies can effectively manage compliance in high-risk areas by assessing risks, crafting risk management strategies, implementing specific controls, documenting processes, and training employees. We emphasize the importance of maintaining thorough documentation to meet regulatory requirements and auditing standards.