Tag: whistleblowers

Categories
Compliance Tip of the Day

Compliance Tip of the Day – AI, Whistleblowing and a Culture of Speak Up

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How can AI enhance your whistleblower program, improve your culture of Speak Up, and crowdsource intelligence from your employees?

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
Daily Compliance News

Daily Compliance News: July 18, 2025, The Don’t Alter Docs Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, including compliance, ethics, risk management, leadership, or general interest, relevant to the compliance professional.

Top compliance stories:

  • SEC sanctions CCO who altered documents. (SEC Order)
  • The SEC grants $5 million in whistleblower awards. (Law360)
  • Meta settles shareholder claims on data privacy violations. (WSJ)
  • A Wells Fargo employee was denied departure from China. (WSJ)

You can donate to flood relief for victims of the Kerr County flooding by going to the Hill Country Flood Relief here.

Categories
Blog

The Enemy Within: Duality, Decision-Making, and the Ethics of Power

Show Summary

Today, we examine one of the most psychologically compelling Star Trek episodes to date: The Enemy Within. A transporter malfunction splits Captain Kirk into two versions of himself: one good and one evil. Each represents different aspects of leadership, impulse, and integrity. As the crew struggles to respond to the fractured captain, we’re given a front-row seat to the ethical breakdowns and Me Too-era lessons still resonant today. I explore five key compliance takeaways from this tale of divided identity, linking them directly to scenes aboard the Enterprise that show what happens when power is unmoored from principle and when control systems, both technical and ethical, fail.

Key Highlights and Star Trek Case Studies

1. The Dangers of Unchecked Power—When ‘Authority’ Becomes Assault

Illustrated by: Evil Kirk attacking Yeoman Janice Rand in her quarters.

One of the most disturbing moments in early Trek canon, this assault serves as a stark warning about the abuse of power. Evil Kirk resembles the captain and carries his authority, but lacks a conscience. It’s a Me Too moment that reveals the need for every organization to install guardrails, even around its most powerful figures. Compliance must include mechanisms to protect the vulnerable from those who misuse rank or influence.

2. Ethical Decision-Making Requires Wholeness—The Fragmented Leader Can’t Lead 

Illustrated by: Good Kirk losing decisiveness, compassion becoming indecision.

As “good” Kirk weakens, Spock and McCoy realize that without the aggressive, assertive part of his personality, the captain cannot lead. This reinforces the idea that ethical leadership is not about being soft; it is rather about striking a balance. Compliance leaders need the courage to act and the heart to guide. Ethical strength is integrative, not binary.

3. Crisis Response and Chain of Command—When Leadership Wavers, Chaos Breeds

Illustrated by: Evil Kirk taking the bridge and ordering the ship away from orbit.

With no one certain which Kirk is in control, the crew becomes vulnerable to manipulation. This episode serves as a cautionary tale about the importance of clarity in the chain of command and protocols for handling leadership incapacitation. In corporate compliance, crisis scenarios must anticipate rogue actors with access to decision-making tools.

4. Investigating Allegations—Belief, Process, and Support Matter

Illustrated by: Spock and McCoy interviewing Rand after her assault.

Their interview is subtle but painful. The tension in believing victims, navigating hierarchical power, and confronting uncomfortable truths is deeply relevant today. A strong compliance program ensures that all allegations are taken seriously, investigated professionally, and addressed with empathy and integrity.

5. Reintegration and Remediation—Restoring What Was Broken

Illustrated by: The merging of good and evil Kirk through a restored transporter.

Rebuilding trust and a unified identity requires technology, trust, and time. Just as Kirk must reabsorb the parts of himself to lead again, organizations recovering from misconduct must integrate the lessons learned into their culture, policies, and leadership. The ultimate goal is not punishment alone but rather to restore the organization’s ethical function.

Final Compliance Log Thoughts

The Enemy Within is more than a science fiction tale. It’s a mirror to every compliance program, showing us how quickly things unravel when power is unrestrained, when voices are ignored, and when organizations fail to integrate strength with morality. It is also a hopeful reminder that even fractured systems can be repaired if we face the truth with clarity and courage.

Resources:

Excruciatingly Detailed Plot Summary by Eric W. Weisstein

MissionLogPodcast.com

Memory Alpha

Categories
Great Women in Compliance

Great Women in Compliance – From Hotline to Headline: The DOJ’s Whistleblower Awards Reboot with Mary Inman and Liz Soltan

In this timely roundtable, Lisa and Hemma sit down with Mary Inman and Liz Soltan, two powerhouse advocates in the whistleblower legal space, to unpack the DOJ’s newly revised Corporate Whistleblower Awards (CWA) Pilot Program and its implications for the compliance community.

We also explore what makes whistleblowing work, how to support internal and external reporters, and why this moment may mark a turning point for global whistleblower engagement.

Highlights:

  • Mary and Liz break down the newly added DOJ priority areas
  • How the CWA Pilot Program could evolve into a DOJ equivalent of the SEC whistleblower program
  • Why organizational justice and psychological safety must be embedded into internal reporting systems.
  • How tips must result in asset forfeiture to trigger awards
  • Why do we need a speak-up culture, not just a hotline

Resources:

Biographies

Mary Inman

Partner, Whistleblower Partners LLP

Mary Inman is a seasoned attorney with over 30 years of experience representing whistleblowers under various U.S. programs, including the False Claims Act, SEC, CFTC, IRS, FinCEN, and NHTSA/DOT. After spending three years in London, she now focuses on international whistleblowers exposing misconduct with ties to the U.S. She assists clients in bringing claims to foreign regulators such as the Ontario Securities Commission and the Canada Revenue Agency.

Mary is renowned for her expertise in healthcare, tech, and financial services fraud. She has represented high-profile whistleblowers like Frances Haugen (Facebook) and Tyler Shultz (Theranos) and co-authored The Tech Workers’ Handbook, a guide for tech industry whistleblowers. Her advocacy extends to testifying before global governmental bodies, including the European Commission and UK Parliament, championing the effectiveness of U.S. whistleblower programs.

Mary holds a J.D. from the University of Pennsylvania Law School and has clerked for judges in both the U.S. District Court and the U.S. Court of Appeals for the Third Circuit. Outside of her legal work, she enjoys participating in her husband’s YouTube channel and spending time in northern Maine.

Liz Soltan

Associate, Whistleblower Partners LLP

Liz Soltan is an associate at Whistleblower Partners LLP, focusing on cases involving financial fraud, anti-money laundering, and sanctions evasion. Her notable work includes representing a foreign whistleblower in a FinCEN sanctions violation case concerning illegal sales to Russia. Liz also contributed to the landmark Medicare Advantage risk adjustment fraud case, United States ex rel. Poehling v. UnitedHealth Group, Inc.

Before joining Whistleblower Partners, Liz served as a Skadden Fellow at Community Legal Services of Philadelphia, where she was part of a team that secured $712 million in emergency food stamp benefits for 650,000 households during the COVID-19 pandemic. She earned her J.D. cum laude from Harvard Law School, where she led the Wage and Hour Practice Group at the Harvard Legal Aid Bureau and successfully argued a workers’ rights case before the Massachusetts Supreme Judicial Court. Liz completed her undergraduate studies at Cornell University, graduating summa cum laude with majors in history and Spanish.

Residing in Brooklyn, Liz maintains strong ties to her roots in Philadelphia. She enjoys participating in a fiction-only book club, exploring historical sites, and spending time with her husband, son, and their two cats, Alex Trebek and Vanna White.

Categories
Blog

A New Era of White-Collar Enforcement

Matthew R. Galeotti, Head of the Criminal Division at the U.S. Department of Justice (DOJ), recently delivered a speech at SIFMA’s Anti-Money Laundering and Financial Crimes Conference. Galeotti outlined crucial changes in the DOJ’s approach to corporate enforcement. For compliance professionals, it was the first major speech by a DOJ representative touching on issues important to the corporate compliance community. It represents a paradigm shift that requires immediate attention, reflection, and strategic recalibration.

As compliance professionals, our mission goes beyond merely ensuring adherence to rules and regulations; it is about aligning ethical conduct with business excellence. Galeotti’s remarks clearly state that the DOJ recognizes compliance teams as indispensable allies in maintaining integrity and national security. Today, I want to explore the key insights and crucial lessons learned from Galeotti’s landmark address for compliance professionals.

Proactivity in Self-Disclosure is Paramount

The Criminal Division’s revised Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP) underscores a clear incentive structure. Companies that voluntarily self-disclose, fully cooperate, timely remediate, and demonstrate no aggravating circumstances will not merely be presumed eligible but will definitively qualify for a declination. As Galeotti emphasized, “Self-disclosure is key to receiving the most generous benefits the Criminal Division can offer.”

The days of companies hesitating to self-disclose due to uncertainty about consequences are (hopefully) numbered. Compliance programs must prioritize internal monitoring and foster a culture where issues surface rapidly, are transparently addressed, and are communicated proactively to authorities. The DOJ now promises more certainty, with the carrot being a declination, not ambiguity. For compliance teams, the action is clear: establish robust internal reporting mechanisms and ensure swift escalation processes.

DOJ Clarifies Incentives for Partial or Late Disclosures

The revised policy also addresses a longstanding area of anxiety. What happens when a company comes forward after the DOJ has initiated an inquiry or self-discloses late? Galeotti clarified that even companies that disclose “not quickly enough” are eligible for significant benefits, including a Non-Prosecution Agreement (NPA) of fewer than three years, up to a 75% fine reduction, and no monitor requirement.

Compliance professionals should seize this clarity to advocate internally for transparency, even if belated. Organizations must understand that delayed disclosure still carries significant benefits compared to complete silence. This new clarity enhances the compliance professional’s ability to negotiate internally, ensuring corporate leaders understand the tangible benefits of transparency, even under challenging circumstances.

Expect a Narrower and More Focused DOJ Enforcement

Galeotti explicitly intended to shift the Criminal Division’s focus to the priorities of administrative enforcement. These schemes harm individual Americans, defraud government programs, and exploit financial systems to facilitate international crime. The DOJ now pledges to target resources precisely rather than spreading them thin through overly broad or protracted investigations. Galeotti succinctly encapsulated the rationale: “Excessive enforcement and unfocused corporate investigations stymie innovation, limit prosperity, and reduce efficiency.”

This presents an opportunity for compliance programs to fine-tune their internal risk assessments and investigative frameworks. Compliance professionals must ensure internal investigative resources are equally precise and strategic, aligning clearly with the DOJ’s focus areas. In short, avoid distraction; concentrate your vigilance on risks that matter most to regulators.

Reconsideration of Corporate Monitorships

One of the most consequential announcements is the reconsideration of the DOJ’s policy on corporate monitorships. Galeotti recognized that monitors can sometimes impose excessive financial and operational costs. Going forward, monitorships will be narrower in scope, tightly tailored, and deployed selectively only when benefits outweigh costs.

This is welcome news for compliance professionals, as corporate monitorship can be an unpleasant experience for a corporation and a compliance function. This change empowers compliance teams to advocate for internal investment in compliance improvements over external oversight. Compliance leaders should proactively develop internally led remediation and monitoring plans to demonstrate to regulators that the company has comprehensive capabilities to ensure compliance without burdensome external monitoring.

However, when a monitor is necessary, compliance professionals now have clear factors to prepare for DOJ review, including the severity of the underlying conduct, existing regulatory oversight, efficacy and maturity of compliance programs, and a demonstrated culture of compliance. Companies must document continuous improvement efforts clearly and transparently, making a strong case that external monitoring is redundant.

Corporate Whistleblower Programs Elevated in Importance

Lastly, Galeotti underscored the DOJ’s expanded whistleblower program, adding specific priority areas for whistleblower tips, including procurement fraud, trade and tariff violations, immigration violations, and sanction violations supporting terrorist groups or transnational criminal organizations.

The clear lesson here is the criticality of robust internal whistleblower programs. Compliance professionals must champion strong, accessible, secure, and confidential internal whistleblower policies to encourage employees to report concerns internally first. Organizations that fail to nurture internal reporting channels may receive external regulator attention first. Whistleblower programs should no longer be viewed solely as legal necessities; they must be strategic initiatives central to corporate integrity and national security.

A Call to Action for Compliance Professionals

Galeotti’s address represents a clear change in the DOJ’s approach. Compliance professionals have long desired a regulatory environment that rewards proactive transparency and practical self-governance, and the DOJ now offers this.

However, clarity and pragmatism from the DOJ require reciprocal clarity and pragmatism within corporate compliance programs. Compliance leaders must leverage these new DOJ policies to advocate internally for stronger compliance investments, clearer internal communication channels, and faster reporting protocols.

The DOJ’s message to compliance professionals is clear: You are our frontline partners in protecting integrity and national security. Self-reporting, effective remediation, and robust internal compliance structures will not merely shield your company from punitive enforcement; they represent pathways to tangible benefits and increased corporate resilience.

As compliance evangelists, we must seize this moment. Strengthen your internal mechanisms, streamline your reporting protocols, and reaffirm to your organizations that compliance excellence is not merely defensive but strategically beneficial.

Matthew Galeotti’s remarks provide the road map; it is incumbent on the compliance community to lead the way forward.

We will explore the attendant policy releases announced with the publication of Galeotti’s speech. Over the remainder of the week, we will consider the following:

CRM White Collar Enforcement Plan

Revised CEP

CRM Monitor Memo

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending May 17, 2025

Welcome to 10 For 10, the podcast which brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • The $100K in cash deposit.  (WSJ)
  • Broader DOJ whistleblower program announced.  (WSJ)
  • Google faces massive antitrust lawsuit in Italy. (WSJ)
  • Apple says punishment for its illegal acts unfair. (BBC)
  • Insurance cover for chatbot based losses.  (FT)
  • Adani tries to settle corruption case. (Bloomberg)
  • Is the gift of a jet plane corruption. (NYT)
  • Will SEC overturn bans and suspensions? (Reuters)
  • GOP wants to ban state regulation of AI. (Bloomberg)
  • What is risk paralysis.  (FT)

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

You can purchase a copy of my new book, Upping Your Game, on Amazon.com

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending May 10, 2025

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings you the compliance professional and the compliance stories you need to know to end your busy week. Sit back, and in 10 minutes, hear the stories every compliance professional should know from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Malaysia wants Tim Leissner. (WSJ)
  • Aussie regulator goes after Macquarie Bank for corruption. (Reuters)
  • Only $1MM in legal fees for a Presidential pardon. (Bloomberg)
  • UnitedHealth sued over response to exec’s death. (Reuters)
  • The EU Parliament cracks down on lobbyists. (Politico)
  • Adani tries to settle the corruption case. (Bloomberg)
  • Albemarle gets out of the DPA early. (ComplianceWeek)
  • Whistleblower payments coming to the UK? (FT)
  • Amtrak bribery scandal. (Railway Supply)
  • China likens ABC to preparing for war. (South China Morning Post)

You can check out the Daily Compliance News for four curated compliance- and ethics-related stories each day here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

You can purchase a copy of my new book, Upping Your Game, on Amazon.com

Categories
Daily Compliance News

Daily Compliance News: May 5, 2025, The Washing Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • China is washing exports through 3rd party countries. (FT)
  • Whistleblower payments coming to the UK? (FT)
  • Amtrak is under corruption scrutiny. (Railway Supply)
  • China likens ABC to preparing for war. (South China Morning Post)
Categories
Blog

Using AI to Transform Whistleblower Response

When it comes to internal reporting programs, the days of the lonely 1-800 hotline are over. Today’s compliance landscape demands real-time action, smarter triage, greater protections for whistleblowers, and trust. Fortunately, we now have the tools to meet that demand. Artificial Intelligence (AI) and predictive analytics transform whistleblower programs from sluggish, reactive systems into powerful, proactive compliance assets.

This shift could not be timelier. Regulators like the DOJ and SEC have clarified that robust, responsive whistleblower programs are not just a “nice to have” but mandatory. Companies that fail to get this right risk regulatory penalties and devastating hits to their reputation and employee trust. AI offers the compliance community a tremendous opportunity to enhance whistleblower protection, build credibility, and drive a true culture of compliance. Today, I want to summarize key lessons compliance professionals can draw from this evolving space.

Lesson 1: AI as a Guardian of Whistleblower Anonymity

Historically, fear of retaliation has been the Achilles’ heel of internal reporting programs. Employees hesitate to come forward when they don’t trust the system to protect them.

AI changes that. Using sophisticated Natural Language Processing (NLP), AI systems can automatically strip away identifiers, names, job titles, and department names from reports while preserving the critical context needed for an investigation. This is not simply a technical improvement. Instead, it should be seen as a trust builder. Compliance officers must lean into these anonymization technologies and communicate their existence to employees. If employees know the system genuinely protects their identities, the likelihood of them speaking up and doing so internally increases dramatically.

The bottom line: anonymity protections powered by AI are no longer optional; they’re essential.

Lesson 2: Real-Time Prioritization Through Machine Learning

Another game-changer AI brings is the ability to sort and prioritize whistleblower reports in real-time. In the old world, investigators had to slog through hundreds or thousands of cases manually, often missing the truly high-risk ones. Machine learning algorithms today can review incoming reports, categorize them by urgency, and identify patterns that would otherwise go unnoticed.

This means faster action on serious allegations and earlier intervention to mitigate legal and reputational risks. Compliance professionals should build KPIs around AI-driven triage: How quickly are high-risk reports escalated? How often are machine-prioritized cases substantiated? What’s the employee satisfaction rate with the process?

AI-powered triage means your whistleblower system can evolve from a passive intake mechanism to a real-time risk management engine.

Lesson 3: Meet Employees Where (and How) They Communicate

Here is a hard truth in compliance: if your speak-up program is still just a hotline, you are losing the next generation of reporters. Vince Walden puts it best: different generations communicate differently. Millennials, Gen Z, and certainly Gen Alpha are far more comfortable with digital chat-based systems than voice calls. In fact, in one major telecom company, the top question employees asked the compliance chatbot was, “Is this a conflict of interest?” Thus, proving how valuable and revealing these interactions can be.

The lesson is clear: You need chatbots, mobile-first platforms, and AI-driven systems that not only receive reports but also interact, guiding users through the reporting process, clarifying ambiguous issues, and capturing better data upfront. Modernizing your intake channels is not just about technology; it’s about inclusivity and building a true culture of compliance that meets employees where they are.

Lesson 4: Expansion of the Grievance Mechanism Use Case

Compliance isn’t just about FCPA violations and insider trading anymore.

New regulatory frameworks like Europe’s Corporate Sustainability Due Diligence Directive (CSDDD) require grievance mechanisms that extend to supply chain employees and local communities affected by a company’s operations. Your AI-enhanced grievance mechanisms must be flexible enough to receive and triage various issues, such as code of conduct violations, human rights complaints, community grievances, and more.

Andrew McBride has noted that AI-driven intake systems can immediately ask follow-up questions when an initial report is unclear, vastly improving the quality of the information collected. That front-end improvement makes triage, investigation, and resolution much more efficient.

Lesson learned: Build a grievance mechanism that isn’t one-size-fits-all. Flexibility is the new mandate.

Lesson 5: AI for Smarter, Scalable Triage

Finally, Matt Galvin has pointed out the richest opportunity: using AI to automate and scale the triage process fully. Imagine a system trained on thousands of past investigations that can predict the most likely next steps for each new report, whether a simple follow-up, a deep-dive investigation, or escalation to senior leadership.

AI models developed from 5,000 annual complaints identified predictable investigative paths at one company, making triage faster, smarter, and far more cost-effective. Of course, Galvin wisely cautioned that you need a robust and affordable solution to make this practical, especially if you’re operating across high-cost jurisdictions. But the payoff is immense: more efficient investigations, lower operating costs, and a stronger, data-driven compliance posture.

Lesson: The future of whistleblower response is not simply about responding; rather, it is about predicting, prioritizing, and preempting risk.

Final Thoughts

The future of whistleblower programs is not about adding more hotlines or printing more posters. It is about embedding AI and predictive analytics into every layer of your reporting system, from intake to triage to resolution. AI helps compliance teams protect anonymity, prioritize real risk, meet employees where they are, expand the use cases for grievance mechanisms, and scale triage operations without scaling costs.

AI doesn’t replace the demands of human judgment compliance—it amplifies them. The compliance officers who understand this shift, embrace these tools, and lead their organizations through the transition will not just improve whistleblower response. They will make compliance a strategic asset that drives transparency, trust, and sustainable growth.

In short, the future of whistleblower programs is here—and it’s intelligent.

The above is from my latest book, Upping Your Game: How Compliance and Risk Management Move to 2030 and Beyond, available from Amazon.com.

Categories
Compliance and AI

Compliance and AI: Transforming Compliance Through AI with Marcelo Erthal

What is the role of Artificial Intelligence in compliance? What about Machine Learning? Are you using ChatGPT? These questions are but three of the many we will explore in this cutting-edge podcast series, Compliance and AI, hosted by Tom Fox, the award-winning Voice of Compliance. In this episode, Tom is joined by Marcelo Erthal, CEO of ClickCompliance, to discuss the transformative role of AI in driving compliance.

Marcelo shares his professional background in computer science and the journey that led to the founding of ClickCompliance. He highlights the unique challenges faced by the compliance industry in Brazil and how AI can be leveraged to address these issues effectively. Marcelo delves into the innovative applications of AI by ClickCompliance, including their AI-powered whistleblower channel, and emphasizes the importance of integrating technology with human decision-making to enhance ethical practices and compliance culture within organizations. Tune in to gain insights into the future of compliance and how AI shapes the industry.

Key highlights:

  • AI’s Impact on Compliance in Brazil
  • The AI-Powered Whistleblower Channel
  • The Future of AI in Compliance
  • User Experience and Ethical Considerations

Resources:

Marcelo Erthal on Linkedin

ClickCompliance

Email Marcelo – marcelo.erthal@clickcompliance.com

 Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Check out my latest book, Upping Your Game: How Compliance and Risk Management Move to 2030 and Beyond, available from Amazon.com.