Tag: Risk Management

Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 18 – Leadership Lessons from Arena

In this episode of Trekking Through Compliance, we consider the episode Arena, which aired on January 19, 1967, with a Star Date of 3045.6.

The Enterprise arrives at the Cestus III Outpost by invitation of its commanding officer, but the crew finds the outpost obliterated and then under attack from an unknown vessel. Both ships enter a new space sector and lose all propulsion power shortly after. Enterprise is contacted by the Metrons, who announce they will pit the respective captains in a one-to-one battle to the death. Kirk is transported to the planet’s surface along with the other captain of the Gorn.

Kirk attempts to communicate with the Gorn but has not received a response. Kirk lies in wait for the Gorn and fires on him. As Kirk prepares to deal a death blow, he considers the Gorn’s claims that the attack on Cestus III was only self-defense and allowed him to live. Suddenly, the Gorn disappears, and a Metron appears to Kirk, congratulating him on not only winning the battle but showing the advanced trait of mercy for one’s enemy, leading the Metron to comment that “you are still half-savage, but there is hope,” and that the Federation should seek out the Metrons again in several thousand years.

Commentary

In this episode of ‘Trekking Through Compliance,’ host Tom Fox explores episode 18 of the original Star Trek series, ‘Arena.’ The narrative details Captain Kirk’s encounter with the Gorn and the intervention by the Metrons, who force them into a duel to the death. Key elements include the destruction of the Earth Observation Outpost, the high-stakes battle between Kirk and the Gorn, and Kirk’s ultimate moral and strategic decisions. Fox highlights several leadership lessons for compliance professionals drawn from the episode, including adaptability, empowering subordinates, emotional intelligence, strategic thinking, and principled decision-making. These insights aim to enhance the skills of compliance officers in navigating corporate governance and risk management.

Key Highlights

  • The Duel: Kirk vs. The Gorn
  • Behind the Scenes and Cultural Impact
  • Leadership Lessons from Arena

Resources

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

 

Categories
Blog

AI in Compliance Week: Part 1 – Transforming Risk Management

Compliance professionals face increasing pressures to adapt and innovate in today’s rapidly evolving landscape. On a recent episode of Innovation in Compliance, I visited with Matt Lowe, the Chief Strategy Officer at MasterControl. We discussed how AI is revolutionizing quality management in the life sciences industry. With a background in engineering and extensive experience at MasterControl, Matt offered a unique perspective on integrating AI into compliance processes. We deeply explored how AI is poised to transform the compliance field.

Generative AI is being utilized to create comprehension-based testing automatically. This innovation significantly reduces the time required for compliance-focused training, transforming a process that once took hours into a task completed in minutes. This approach resonates with the broader compliance community, where efficiency and accuracy are paramount. By automating the generation of training materials, AI can help ensure that employees are adequately trained on your internal policies and procedures, helping your organization maintain compliance with regulatory standards.

Perhaps one of AI’s most exciting promises is the shift from reactive to predictive and preventative compliance. Traditionally, risk management has focused on identifying and correcting issues after they occur. However, AI offers the potential to predict and prevent problems before they arise. By analyzing vast amounts of data, AI can identify patterns and anomalies, allowing organizations to address potential issues proactively.

This predictive capability is precious in the life sciences industry, where the stakes are high. Ensuring the highest quality products can directly impact patient safety and regulatory compliance. Leveraging AI to predict and prevent quality issues represents a transformative shift in managing compliance.

When implementing AI in compliance, you should take a risk-based approach. This involves starting with low-risk AI applications to gain confidence in the technology before moving on to more critical areas. For instance, generating training exams is a low-risk application that can still deliver significant benefits. As organizations become more comfortable with AI, they can explore its use in more complex and higher-risk areas.

This cautious approach aligns with the principles of compliance, where assessing and managing risk is a fundamental aspect of the profession. By gradually incorporating AI, organizations can mitigate potential risks while harnessing the technology’s power to enhance compliance processes.

While AI offers tremendous potential, we both stressed the importance of the “Human in the Loop” approach. AI can provide valuable insights and automate processes, but human oversight remains crucial. This is particularly important in life sciences, where the consequences of errors can be severe. Ensuring that humans review and validate AI-generated outputs helps maintain the accuracy and reliability of compliance efforts. This “Human in the Loop” reflects a balanced approach to AI integration. By combining the strengths of AI with human expertise, organizations can achieve a more robust and effective compliance framework.

Lowe shared his vision for the future of AI in compliance. He envisions a world where AI becomes integral to software applications, transforming how professionals interact with technology. Instead of navigating complex interfaces, users will engage with AI-driven chatbots that provide instant answers and guidance. This shift will enable compliance professionals to access the information they need more efficiently and effectively. AI has the potential to identify gaps in compliance frameworks and suggest appropriate controls. This capability can significantly enhance the effectiveness of compliance programs by ensuring that organizations are always prepared for audits and regulatory scrutiny.

As AI continues to evolve, collaboration within the industry will be essential. Lowe mentioned initiatives like the Convention for Healthcare AI, where industry players and regulators discuss the ethical implications and best practices for AI use. Such collaborations are vital to ensure that AI is leveraged responsibly and ethically, particularly in industries like life sciences, where the impact on human health is significant.

AI has transformative potential for compliance. By automating routine tasks, shifting from reactive to predictive compliance, and adopting a risk-based approach, AI can significantly enhance the efficiency and effectiveness of compliance programs. However, the human element remains crucial to ensure accuracy and reliability. As the industry continues to explore and embrace AI, collaboration and ethical considerations will play a vital role in shaping the future of compliance. By harnessing the power of AI, organizations can stay ahead of regulatory requirements, improve product quality, and ultimately protect patient safety. The journey towards AI-driven compliance is just beginning, and the possibilities are exciting and profound.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Of Fat Fingers, Internal Controls and Compliance

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject.

Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom and Matt delve deep into Citigroup’s $126 million trading error, resulting from poor internal controls.

They discuss how a simple ‘fat finger’ error by a trader led to a major flash crash on European stock exchanges in 2022, and how the failure of Citigroup’s internal controls allowed it to happen. The discussion covers multiple compliance lessons, including the importance of understanding the human element in control design, the need for adequate staffing and monitoring, and the necessity of consistent global risk management.

Fox and Kelly also highlight the importance of addressing findings from internal audits and maintaining urgency in improving internal controls. They emphasize that companies should think creatively about risk management, taking into account various global factors, including holidays and local regulations.

Key Highlights:

  • The Citigroup Internal Control Fiasco
  • Compliance Lessons from Citigroup’s Mistake
  • The Human Element in Compliance and Control Failures
  • Global Consistency in Risk Management

Resources:

Matt on Radical Compliance

 Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Data – Driven Solutions for Compliance and Risk Management

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In today’s episode, we show how shy companies are turning to AI and data-driven solutions to enhance their compliance programs and mitigate risks.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

AI-Driven Compliance Solutions: Balancing Automation and Human Judgment

In today’s rapidly evolving business landscape, compliance and risk management are critical components for the success and sustainability of any organization. With the increasing complexity of regulations and the growing need for transparency, companies are turning to innovative solutions to enhance their compliance programs and mitigate risks. The most revolutionary approach at this point in time is the use of data-driven tools powered by artificial intelligence (AI) and machine learning. The utilization of AI-driven tools has become increasingly crucial for compliance functions seeking to enhance decision-making processes, improve efficiency, and proactively address compliance risks. These tools, which leverage advanced analytics, machine learning, and automation, have the potential to revolutionize compliance practices and lead to more informed decisions at all levels.

Leveraging Data

Data has become a cornerstone in improving the effectiveness of compliance programs. By utilizing data analytics, companies can drive greater business efficiency, leading to a higher return on investment for their compliance initiatives. By leveraging AI-driven solutions, organizations can make fact-based decisions that focus on critical risk areas, enabling better risk assessment and reducing investigative costs.

The Department of Justice (DOJ) has made it clear that data analytics are part of a minimum set of best practices for compliance programs. This means the importance of user adoption is critical both in the effectiveness of AI-driven compliance solutions and in demonstrating your company’s commitment to compliance if the regulators come knocking. The truth is that no matter how sophisticated an AI-based tool may be if compliance professionals do not embrace and use it, its potential remains untapped. This underscores the need for a user-centric approach in developing and implementing AI and data-driven solutions for compliance and risk management.

The Role of Data

In the aftermath of global events such as the pandemic, geopolitical tensions, and regulatory changes, compliance has become more crucial than ever. Data-driven compliance solutions play a pivotal role in helping compliance functions navigate these challenges by providing valuable insights and supporting decision-making processes at all levels. By striking the right balance between automation and human judgment, AI-driven tools can effectively identify risks and enhance decision-making in risk management.

When implementing AI-driven compliance tools, every compliance professional should prioritize finding the right balance between automation and human judgment. While AI can analyze vast amounts of data and identify patterns and risks, human compliance expertise is essential in interpreting results and making informed decisions. Finding the right equilibrium between automation and human judgment is critical to ensuring the efficacy of AI-driven compliance solutions in risk management.

Enhancing Prevention

The use of AI and machine learning has revolutionized fraud prevention by enabling compliance professionals to interact more effectively and identify potential risks and high-risk transactions. While AI, coupled with machine learning, can analyze vast amounts of data and pinpoint areas of concern, human investigation and expertise remain essential in making informed decisions and determining the presence of fraud. By empowering compliance teams with AI-driven solutions, organizations can proactively mitigate risks, foster transparency, and build a strong anti-fraud culture.

AI-driven compliance tools offer various benefits, such as real-time risk notifications through alerts for a corporate compliance function and customized reports for senior managers. These tools enable organizations to take immediate action and remediate situations before they escalate into compliance violations. By leveraging AI and data-driven solutions, companies can enhance their decision-making processes, improve efficiency, and address compliance risks proactively.

Striking the Balance

While AI and data-driven solutions offer numerous benefits in compliance, risk management, and fraud prevention, it is essential to prioritize user adoption and consider the impact on the overall user experience. By incorporating a user-centric approach in the development and implementation of AI-driven tools, companies can ensure the effectiveness of their compliance and risk management initiatives.

However, relying solely on AI for fraud detection presents challenges. While AI and machine learning can enhance efficiency and identify potential risks, they are not foolproof. False positives can occur, necessitating human investigators to determine the validity of flagged transactions. Striking the right balance between AI and human expertise is crucial to ensuring accurate and effective fraud detection.

Embracing the Future of Compliance

As we look towards the future, the integration of AI and data-driven solutions will continue to play a pivotal role in transforming compliance. By leveraging advanced analytics, machine learning, and automation, organizations can enhance decision-making processes, improve efficiency, and proactively address compliance risks. With the right approach and a holistic perspective, AI-driven solutions can become a valuable asset in the pursuit of effective compliance and risk management strategies. However, it is crucial to maintain a balance between leveraging technology and harnessing human expertise to ensure the accuracy and effectiveness of these solutions.

The successful implementation of AI-driven compliance solutions requires a holistic approach that considers user adoption and the impact on employees, fosters a culture of transparency, and aligns with the organization’s risk management objectives. By prioritizing user adoption, balancing automation with human judgment, and considering the impact on the user experience, organizations can harness the transformative power of AI and data-driven solutions in compliance and risk management.

As organizations continue to navigate the complexities of compliance and risk management, AI-driven solutions offer a promising avenue for enhancing practices and making more informed decisions. By embracing these tools while recognizing the importance of human expertise, organizations can navigate the evolving landscape of compliance with greater efficiency and effectiveness.

Categories
Blog

Changing Sales Models

Over the past 12 months or so, there have been a series of Foreign Corrupt Practices Act (FCPA) enforcement actions in which the respondents have changed and/or modified their sales models to move away from external third parties and toward direct sales and business generation models. This portends a change in the way the Department of Justice (DOJ) may think about sales models, their inherent risk, and risk management going forward. These FCPA enforcement actions involved Albemarle, SAP, Gunvor, and Trafigura.

Albemarle

The Albemarle Non-Prosecution Agreement (NPA) cited several remedial actions by the company that helped Albemarle obtain a superior result in terms of the discounted fine and penalty. These steps were taken during the pendency of the DOJ investigation so that when the parties were ready to resolve the matter, Albemarle had built out and tested an effective compliance program. The company shifted to a direct sales business model.

This change was relatively new and undoubtedly noteworthy for FCPA enforcement actions, which were changes in a company’s approach to sales and their sales teams. Obviously, corrupt third-party agents brought the company to such FCPA grief. Many of the quotes in the NPA make it clear that Albemarle executives had an aversion to paying bribes but had greater moral flexibility when a third-party agent was involved. This led to the company moving away from third-party agents to a direct sales force.

SAP

While most of the remediation reported in this matter was standard, the one item that every compliance professional should consider is that SAP proactively discontinued using third-party agents for business origination. The point is perhaps the most significant, as the DOJ called out SAP for discontinuing their use of third-party agents. The DOJ information sets out the following: Change in sales models. On the external sales side, SAP eliminated its third-party sales commission model globally, prohibited all sales commissions for public sector contracts in high-risk markets, and enhanced compliance monitoring and audit programs, including creating a well-resourced team devoted to audits of third-party partners and suppliers.

Gunvor

As I noted in my review of the Albemarle and SAP enforcement actions, SAP eliminated its third-party sales commission model globally and prohibited all sales commissions for public sector contracts in high-risk markets. It also enhanced compliance monitoring and audit programs, including the creation of a well-resourced team devoted to audits of third-party partners and suppliers. Albemarle changed its approach to sales and its sales teams. Guvnor also moved away from third-party agents to a direct sales force.

Trafigura

Trafigura eliminated the use of third-party business origination agents. Matt Kelly noted in Radical Compliance, “This is the latest in a string of FCPA enforcement cases where we’ve seen a big, structural change to the sale function. Albemarle eliminated its use of third-party sales agents as part of its FCPA settlement last year; SAP eliminated its third-party sales commission model globally as part of its own FCPA settlement announced in January. Now we have a third global enterprise going that same route, reducing its FCPA risk in a deep, permanent way by restructuring its sales operations.” Here, Trafigura did away with third-party representatives for business generation.

In these four recent enforcement actions, the companies changed their approach to sales and their sales teams and did away with third parties generating new business. All of this points to these companies moving away from third-party agents to a direct sales force.

Moving to a direct sales force does have its risks, which must be managed, but those risks can certainly be managed with an appropriate risk management strategy, monitoring of the strategy, and improvement; those risks can be managed. Yet there is another reason, and more importantly, a significant business reason, to move towards a direct sales business model. Every time you have third-party agent or anyone else between you and your customer, you risk losing that customer because your organization does not have a direct relationship with the customer. A direct sales business model will give your organization more direct access to your customers.

The fact that the 2020 FCPA Resource Guide, 2nd edition, and the 2023 Evaluation of Corporate Compliance Programs do not outline this strategy is another intriguing aspect of how Albemarle, SAP, Gunvor, and Trafigura use it. These are all approaches developed by the companies based upon their own analysis and risk models. It may have come from a realization that the risk involved with third-party sales models was simply too significant, that the companies wanted more control over their sales or some other reason. Whatever the reason for the change, the DOJ took note of each organization and viewed it affirmatively.

Every compliance professional should understand that this is how new ideas are developed by the DOJ and in compliance. Companies assess their own risks and then move forward to manage or change their risk profiles. Expect to start seeing and hearing more about the direct sales model for the DOJ. This is where the DOJ’s comments on compensation incentives and consequence management will come into play.

Categories
Compliance Into the Weeds

Compliance into The Weeds: AI Washing and Compliance

The award winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance?

Look no further than Compliance into the Weeds! In this episode, Tom and Matt take a deep dive into the recent SEC enforcement actions involving AI washing and what it all may mean for the compliance professional.

The evolving landscape of Artificial Intelligence (AI) has brought on a new paradigm of risk management in AI disclosures. This has caught the attention of regulatory bodies like the SEC, thereby necessitating a heightened focus on transparency and the implementation of comprehensive risk strategies.

Tom advocates for the integration of AI risk reporting into the overall risk management strategy, emphasizing the need for governance and the right risk control measures. His views are shaped by his understanding of the potential repercussions of misleading AI disclosures and the significance of transparency in warding off enforcement actions from regulatory bodies.

Matt echoes a similar sentiment, underscoring the importance of recognizing and managing AI risks. His perspective is influenced by the unique challenges that AI poses, calling for strategically tailored governance and risk management practices to navigate the complexities of AI technology.

Key Highlights:

  • AI Misrepresentation Enforcement by SEC
  • Transparency in AI Risk Reporting for Compliance
  • Integrating AI Risk into Overall Risk Management
  • Collaborative Roles for Effective AI Governance
  • A theory of unified risk management
  • What does all this mean for compliance and the compliance professional?

Resources:

Matt on Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Week Conference Podcast

Compliance Week 2024 Speaker Preview Podcast – Michele Cahn on Emerging Risk Areas

In this episode of the Compliance Week 2024 Speaker Preview Podcasts series, Michele Cahn discusses her panel at Compliance Week 2024, “Examining and Interpreting Emerging Risk Areas.” Some of the issues she will discuss in this podcast and her presentation are:

  • What are emerging risk areas for compliance?
  • The geopolitical risks unique to 2024
  • Learning about emerging enforcement trends & best practices at Compliance Week 2024
  • Learn about benchmarking, emerging issues & best practices at Compliance Week 2024

I hope you can join me at Compliance Week 2024. This year’s event will be held April 2-4 at the Westin Washington, DC, Downtown. The line-up is first-rate, with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event, offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 19th year, join 500+ compliance, ethics, legal, and audit professionals who gather to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. Compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs, among many others, to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 80+ respected cross-industry practitioners, including CEOs, CCOs, regulators, federal officials, and practitioners, to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from panels on leadership, fraud detection, confronting regulatory change, abiding by cross-border rules and regulations, and the always-favorite fireside chats.
  • Bring actionable takeaways from various session types, including cyber, AI, Compliance, Board obligations, data-driven compliance, and many others, to your program for you to listen, learn, and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount on the registration price. Enter the discount code TFOX2024 for $200 off.

The Compliance Podcast Network produces the Compliance Week 2024 Preview Podcast series. Compliance Week sponsors this series.

Categories
Great Women in Compliance

Great Women in Compliance: Rupert Evill on Prioritizing Employee Well-Being in Risk Management

Welcome to the Great Women in Compliance Podcast. How can you make risk management more relevant? In this episode, Hemma Lomax visits with Rupert Evill, a seasoned expert in human-centered risk management with a diverse background spanning over 50 countries and 30 sectors and a strong academic foundation in business, international relations, and sustainability.

Rupert’s perspective on human-centered risk management is deeply rooted in the importance of understanding and valuing the personal and human aspects of risk. He emphasizes the need to consider values, ethics, and beliefs when assessing and managing risks, and highlights the significance of empathy, compassion, and curiosity in the process. His belief is that making risk management relevant involves engaging with local perspectives and experiences, acknowledging the realities faced by individuals in different contexts, and building relationships based on mutual understanding and respect. This perspective has been shaped by his extensive experience in due diligence, intelligence gathering, and counter-espionage, as well as his work with mid-caps and SMEs through his company, Ethics Insight.

Key Highlights:

  • Strength-Based Approach to Ethical Risk Management
  • Enhancing Employee Engagement through Simplified Communication
  • Empathy-driven Approach to Addressing Systemic Challenges
  • Fostering Ethical Culture Through Employee Engagement
  • Strategic Alignment for Effective Compliance Functions
  • Individual-Focused Risk Mitigation Strategies
  • Fostering Psychological Safety for Informed Decision-Making
  • Practical Risk Management Strategies for Businesses

Resources:

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Week Conference Podcast

Compliance Week 2024 Speaker Preview Podcasts – James Griffin on Emerging Risks

In the Compliance Week 2024 Speaker Preview Podcasts series episode, James Griffin discusses his panel presentation at Compliance Week 2024, “Examining and Interpreting Emerging Risk Areas.” Some of the issues he will discuss in this podcast and his presentation are:

  • What is top of mind for compliance leaders, including a review of recent settlements and interpretations of the implications of those settlements?
  • Emerging areas of risk, future trends, and what’s coming down the pike
  • New ideas for his compliance program from Compliance Week 2024

I hope you can join me at Compliance Week 2024. This year’s event will be held April 2-4 at The Westin Washington, DC, Downtown. The line-up for this year’s event is first-rate, with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event, offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 19th year, join 500+ compliance, ethics, legal, and audit professionals who gather to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. Compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs, among many others, to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 80+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from panels on leadership, fraud detection, confronting regulatory change, abiding by cross-border rules and regulations, and the always-favorite fireside chats.
  • Bring actionable takeaways to your program from various session types, including cyber, AI, Compliance, Board obligations, data-driven compliance, and many others, for you to listen, learn, and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount on the registration price. Enter the discount code TFOX2024 for $200 off.

The Compliance Week 2024 Preview Podcast series is a production of the Compliance Podcast Network. Compliance Week is the sponsor of this series.