Innovation in Compliance with Tom Fox

C-Suite Radio

C-Suite TV

Grab Nina Sunday’s book on Amazon

Tom Fox

Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI

Thu, 07 Aug 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Jessica Czeczuga, Amanda Carty and Neta Meidav In Part 2, Tom is joined by Amanda Carty, GM Compliance Solutions at Diligent.

Carty shares insights from her decade-long experience in the GRC field and offers detailed perspectives on how leaders can model ethical behavior within their organizations. The conversation dives into how Diligent helps companies assess and document leadership effectiveness and the role of AI in enhancing compliance initiatives. Carty emphasizes the necessity of leaders acting as ambassadors of culture and the impact of measurable outcomes in compliance programs. The episode also explores the integration of AI and chatbots to provide real-time compliance support to employees, ensuring efficiency and ease of access to crucial information.

Key Highlights

· Importance of Tone at the Top

· Leadership and Ethical Culture

· AI in Compliance

· Employee Engagement and Technology

· Actionable Takeaways for Compliance Professionals

Resources:

⁠Amanda Carty on LinkedIn

Tom Fox

Mastering Communication: Insights from Dr. Dennis Cummins on Speaking and Selling without Selling

Tue, 05 Aug 2025 15:41:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, Tom Fox hosts Dr. Dennis Cummins, CEO of Pro Speaker Academy, to discuss the art of speaking and selling without pushing sales.

Dr. Cummins shares his journey from being a successful chiropractor to a professional speaker and trainer, emphasizing the importance of effective communication in corporate settings. They explore the connections between speaking, selling, compliance, and internal communication, highlighting how clear and compelling communication can foster a better corporate culture and increased engagement. Dr. Cummins also introduces concepts such as ‘invitational selling’ and the power of storytelling in business. The episode concludes with details about Dr. Cummins’ latest book, ‘Non-Professional Speaking,’ and his upcoming event, ‘Building Your Business from the Stage. ‘

Key highlights:

Dennis Cummins’ Professional Journey
The Importance of Communication in Corporations
Invitational Selling Explained
The Power of Storytelling
The Danger of Unscripted Moments
Building Trust Through Clear Speaking
Upcoming Event: Building Your Business from the Stage
Writing Non-Professional Speaking

Resources:

Non-Professionally Speaking: How Professionals Turn Small Talks Into Big Profits on Amazon

Visit Dr. Dennis Cummins’ Website

Follow Dr. Cummins on:

Link to Speaker Demo Video

Tom Fox

The Future of Compliance Training: AI, Adaptive Learning, and Cultural Integration

Thu, 31 Jul 2025 12:42:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Jessica Czeczuga, Daniel Zmak, and Amanda Carty. In Part 1, Tom is joined by Jessica Czeczuga, Principal Instruction Design Instructor at Diligent, about the future of compliance training.

Tom and Jessica will explore the future of compliance training, covering key challenges such as cybersecurity and data privacy. They discuss the transformative role of AI in creating adaptive, targeted training and the importance of continuous and varied communication methods to drive home compliance messages. Jessica emphasizes the need for a comprehensive compliance education strategy, integrating training, communication, and culture, tailored to the diverse ways different generations consume information.

Key highlights:

Future of Compliance Training
Adaptive Learning and AI
Targeted Training Examples
Generational Differences in Training Delivery
Importance of Compliance Culture

Resources:

⁠Jessica Czeczuga on LinkedIn⁠

Tom Fox

Scaling Compliance Programs: Insights from a Navy Veteran and Compliance Leader

Tue, 29 Jul 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. This series is introduced by Tom Fox and hosted by Roxeanne Petraeus. Ethena sponsors this special five-part series on Innovation in Compliance.

In this episode, Roxeanne Petraeus sits down with LaSalle Vaughn, a seasoned compliance leader and Navy veteran. They delve into Vaughn's extensive experience in scaling compliance programs for both large and small companies, emphasizing the importance of top leadership buy-in, cross-functional collaboration, and creative compliance training solutions. Vaughn shares his journey to becoming a board member, the significance of network relationships, and how his military background informs his approach to building a strong compliance culture. The discussion also highlights the unique qualities of the Ethena compliance platform and the necessity of effective customer support. Listeners gain valuable insights on effective compliance strategies and career development in the compliance field.

Key highlights:

LaSalle Vaughn's Background and Experience
Scaling Compliance Programs
Getting C-Suite Buy-In for Compliance
Cross-Functional Collaboration in Compliance
Path to Board Service
Military Influence on Compliance and Culture

Resources:

LaSalle Vaughn on LinkedIn

Original Podcast Recording

Ethena on LinkedIn

The Power of Accountability and Team Culture with Gina Cotner

Tue, 22 Jul 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this engaging episode, Tom Fox sits down with Gina Cotner, the founder and CEO & Founder of Athena Executive Services, to explore the importance of team culture and accountability in corporate settings.

Cotner delves into her professional background and the organic development of a strong team culture at Athena. She emphasizes the critical role of accountability as a cultural standard and provides actionable insights for leaders on how to instill this within their organizations. Key takeaways include the significance of consistency, the balance between compassion and accountability, and the role of follow-up as a leadership tool. With real-world examples and practical advice, Cotner provides a comprehensive guide to building and maintaining a high-performing, accountable team.

Key highlights:

Gina Cotner’s Professional Background
The Importance of Team Culture
Accountability in High-Performing Teams
Misunderstandings About Accountability
Building a Culture of Accountability
Consistency and Psychological Safety
Follow-Up as a Leadership Tool
Compassion in Leadership

Resources:

Follow Athena Executive Services on:

Tom Fox

Allison Lagosh on Proactive Compliance Planning for Regulatory Changes

Tue, 15 Jul 2025 05:00:00 -0000

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with Allison Lagosh, Head of Compliance at Saifr.ai, to discuss the current and future landscape of regulatory compliance.

With over two decades of experience in asset management, compliance, and regulatory affairs, Lagosh anticipates a pivotal shift towards AI and cryptocurrency regulations. She predicts a lighter enforcement landscape but stresses the importance of a conservative, informed approach to compliance, encouraging firms to future-proof their programs by staying abreast of regulatory changes and engaging in cross-team collaboration. Her insights, shared on platforms like the “Innovation in Compliance” podcast, highlight the necessity of strong leadership support and continuous learning to effectively navigate the dynamic regulatory environment, particularly in the realm of emerging technologies.

Key highlights:

Regulatory Futurism: AI and Crypto Compliance
“Colorado’s Groundbreaking AI Safety Legislation”
Proactive Compliance Planning for Regulatory Changes
Navigating Compliance Uncertainties with AI Integration
Regulatory Insights on Safer.AI Website

Resources:

Allison Lagosh on LinkedIn

Tom Fox

Check out my latest book, Upping Your Game—How Compliance and Risk Management Move to 2023 and Beyond, available from Amazon.com.

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Maximizing LinkedIn for Personal and Professional Branding with Carol Kaemmerer

Tue, 08 Jul 2025 05:00:00 -0000

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with Carol Kaemmerer, a renowned executive branding expert and author of ‘LinkedIn for the Savvy Executive.’

Carol shares her professional journey, from marketing communications expert to LinkedIn branding specialist. They discuss the significance of LinkedIn in today’s digital landscape, focusing on its role in establishing a professional brand, the importance of a deliberate and cohesive personal brand, and effective strategies for leveraging LinkedIn’s digital presence. Carol also elaborates on her five-point LinkedIn Brilliance Framework and the ‘rule of three’ to enhance clarity and retention of personal branding messages. This insightful conversation highlights how professionals, particularly young graduates and executives, can utilize LinkedIn to improve their careers and individual brands. Key highlights:

The Power of LinkedIn for Branding

Personal Branding for Young Professionals

LinkedIn as a Professional Storefront

The Rule of Three for Effective Messaging

Maximizing LinkedIn’s Digital Real Estate

The LinkedIn Brilliance Framework

Resources:

Carol Kaemmerer on ⁠LinkedIn⁠

Carol Kaemmerer ⁠Website⁠

Tom Fox

LeadHERship with Linda Fisk

Tue, 24 Jun 2025 05:00:00 -0000

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Linda Fisk, the leader of LeadHERship Global, to discuss the challenges and opportunities faced by female entrepreneurs.

Linda shares her extensive professional journey, from serving as a CMO at notable media companies to founding LeadHERship Global. They discuss the impressive yet under-recognized contributions of women entrepreneurs in the U.S. economy, highlighting stats and trends around new business ventures led by women, especially women of color. Linda emphasizes the ongoing difficulties women face in accessing capital and offers practical steps for success, including addressing stereotypes, learning from each other, and creating supportive networks. The conversation closes with insights on how LeadHERship Global helps women thrive professionally and how men can support this movement. Linda also mentions her recent anthology, “LeadHERship Unveiled,” which features inspiring stories from women leaders.

Key highlights:

Current Landscape for Female Entrepreneurs
Challenges in Funding for Women Entrepreneurs
Practical Steps for Women Entrepreneurs
The Vision Behind LeadHERship Global

Resources:

LeadHERship Website

Tom Fox

Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden

Tue, 17 Jun 2025 05:00:00 -0000

Innovation is present in many areas, and compliance professionals must not only be prepared for it but also actively embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, Tom Fox cross-posts an episode from the BCG Podcast, where host Hanjo Siebert visits with KonaAI CEO Vince Walden.

Walden is a prominent advocate for interdepartmental collaboration, particularly in the realm of compliance and fraud risk management. With his company specializing in AI-driven compliance solutions across diverse industries, Walden emphasizes the importance of breaking down data silos to promote transparency and improve communication among internal auditors, compliance teams, and IT departments. He views collaboration as a strategic imperative driven by data and governance, emphasizing that data should be the ultimate equalizer, thereby promoting a culture of collaboration that effectively achieves organizational goals. By leveraging shared data sources and advanced technology, Walden believes organizations can enhance their oversight, detect potential fraud, and address data privacy issues, ultimately improving their ability to prevent financial losses and maintain regulatory compliance.

Key highlights:

Breaking Down Data Silos for Collaboration
Enhancing Collaboration Through Data Transparency and Technology
Unified Data Approach for Enhanced Fraud Prevention
Advanced Fraud Detection with Machine Learning
Proactive Monitoring for Financial Security

Resources:

Vince Walden on LinkedIn

KonaAI

Tom Fox

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

The Critical Importance of Mobile Application Security: Insights from Subho Halder

Tue, 10 Jun 2025 05:00:00 -0000

Halder shares his extensive background in mobile app security, including developing the first mobile malware and presenting at prestigious conferences like Black Hat and DEF CON. The conversation covers the evolving market need for specialized mobile app security tools, the unique challenges faced by mobile applications compared to web applications, and the critical importance of integrating security early in the development lifecycle—a concept known as the ‘left shift’ approach. Halder also explores AI-powered cyberattacks and how Appknox is utilizing AI to develop defensive strategies. The discussion highlights regulatory blind spots in the US regarding mobile security, the challenges of managing mobile app security in large multinational corporations, and best practices for ensuring robust mobile app security.

Key highlights:

Market Need and Opportunity for AppKnox
Appknox Security Assessment of Perplexity’s Android App
Regulatory Blind Spots in US Cybersecurity Frameworks
Engaging with Large Multinational Companies
AI-Powered Cyber Attacks and Defensive Strategies
Importance of the Left Shift Approach in Mobile App Security

Resources:

Subho Halder on LinkedIn

Appknox

Appknox Resources Page

Appknox Blog: Is Perplexity AI Safe to Use? Security Flaws in the Android App

Tom Fox

Integrating AI in Compliance and Risk Management with Jana Brost

Tue, 03 Jun 2025 05:00:00 -0000

They chat about the intersection of compliance, risk management, and AI. Jana discusses her background in high-growth business process outsourcing and data analysis, as well as her journey to joining my company. She explains the concept of Certificates of Insurance (COIs) and their importance in managing risk for companies. The conversation examines how myCOI empowers vendors and owners to manage their insurance requirements more efficiently through the use of AI, highlighting key industry trends and the impact of AI on speed, accuracy, and user experience. Jana also discusses the future of AI in risk management and its potential to enhance employee engagement and foster a positive company culture.

Key highlights:

Understanding COIs in Construction
Risk Management and Insurance
Evolution of COI Management with AI
AI’s Impact on Vendors and Owners
Customer Expectations and AI
Future of AI and Company Culture

Resources:

Jana Brost on LinkedIn

Tom Fox

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Break the Five Lies: A Conversation with John Kormanik

Tue, 27 May 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with John Kormanik, author of the book ‘Break the Law: Five Lies Lawyers Tell Themselves and What to Do Instead.’

John shares his extensive legal background, spanning 25 years in criminal defense, and how his journey led him to write a book aimed at addressing the self-limiting beliefs prevalent in the legal profession. The conversation delves into the five lies lawyers commonly tell themselves, including the myths that constant work is necessary for success and that busyness equates to productivity. John provides actionable insights on how lawyers can overcome these lies, avoid burnout, and create a more fulfilling professional life. We also explore the importance of legacy, the concept of ‘leadership alchemy,’ and the critical role of being open to personal and professional growth.

Key highlights:

Writing ‘Break the Law’
The 5 Lies
Legacy and Paying It Forward
Leadership Alchemy and Coaching

Resources:

John Kormanik on LinkedIn

John Kormanik on Instagram

John Kormanik Coaching on YouTube

John Kormanik Website

Break the Law Intro

Burnout Proofing Tactical Guide

Edge Index Assessment

Tom Fox

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Staying the Course in Compliance: Insights from Kristy Grant-Hart

Tue, 20 May 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Clint Palermo, Kristy Grant-Hart, and Stephanie Font. In Part 3, Tom is joined by Kristy Grant-Hart, Vice President and Head of Compliance Advisory Services at Spark Compliance Consulting, a Diligent brand, about the state of compliance in the wake of recent changes to FCPA enforcement.

They discuss the importance of staying consistent with compliance programs, the role of regulatory bodies worldwide, and the practical implications of modern slavery and trade sanctions. Kristy emphasizes the need for a strategic focus on forward-looking risks and the benefits of combining Diligent's software capabilities with expertise in compliance services. They also underscore the importance of maintaining psychological safety and a speak-up culture within organizations.

Key highlights:

The Importance of Consistency in Compliance
The Power of Combining Compliance Services with Technology
Strategic Focus for Compliance Officers

Resources:

Kristy Grant-Hart on LinkedIn

Spark Compliance

Visit Diligent Website

Tom Fox

Innovative Approaches to Compliance and Training with Catherine Choe

Thu, 15 May 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. This series is introduced by Tom Fox and hosted by Roxeanne Petraeus. Ethena sponsors this special five-part series on Innovation in Compliance.

In this episode, Roxeanne Petraeus sits down with Catherine Choe, Chief of Staff to the Chief Legal Officer at Zendesk to discuss Choe’s unique career path leading to her current role at Zendesk. The conversation delves into compliance best practices, highlighting Choe’s insights on making training programs effective and engaging. They explore the implementation of innovative approaches like the ‘test out’ feature and the potential impact of AI on compliance. The discussion underscores the importance of a customer-centric approach and adaptability in compliance training.

Key highlights:

Catherine Choe’s Career Journey
Best Practices in Compliance
Operationalizing Compliance Training
Innovative Approaches: Test Out
AI’s Impact on Compliance
Feedback and Customization

Resources:

Catherine Choe on LinkedIn

Zendesk Website

Zendesk on LinkedIn

Stephanie Font on LinkedIn

Tom Fox

Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font

Tue, 13 May 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Clint Palermo, Kristy Grant-Hart, and Stephanie Font. Part 2 discusses navigating regulatory changes and compliance in trade and data privacy.

In this episode, host Tom Fox converses with Stephanie Font, Director for Operations Optimization Group at Diligent, to discuss the ever-evolving landscape of economic sanctions, trade policies, and data privacy. Font shares insights on how businesses can stay compliant amidst rapid regulatory changes, emphasizing the importance of continuous monitoring, thorough due diligence, and understanding one’s business partners. The conversation also touches on new regulatory trends such as BIS address specifications, Mexican cartels being designated as FTOs, and the implications of the Uyghur Forced Labor Prevention Act.

Key highlights:

Economic Sanctions and Trade Policy
Compliance and Business Operations
Staying Updated on Regulatory Changes
Cartels and Foreign Terrorist Organizations
Data Privacy and Cybersecurity
Human Rights and Business Culture

Resources:

Visit Diligent Website

Tom Fox

Exploring the Intersection of Compliance, Technology, and AI with Ben Sperry

Thu, 08 May 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. This series is introduced by Tom Fox and hosted by Roxeanne Petraeus. Ethena sponsors this special five-part series on Innovation in Compliance.

In this episode, Roxanne Petraeus explores the intersection of compliance, technology, and AI with Ben Sperry, Deputy Chief Compliance Officer at Bestow. Sperry is a tech-driven life insurance provider that shares its journey from political science and legislative analysis to its current compliance role. The discussion delves into Bestow’s innovative approach to making life insurance accessible through technology and the challenges and strategies of implementing effective compliance training programs. Sperry highlights the importance of employee engagement and specific training tailored to different roles and departments. He also discusses the increasing significance of AI in the compliance landscape, both in terms of governance and practical application, and shares insights on using AI to enhance training effectiveness. The episode discusses the value of close vendor support and technical integration to streamline compliance processes.

Key highlights:

Bestow’s Unique Approach to Life Insurance
Challenges and Strategies in Compliance Training
Leveraging AI in Compliance
Future Trends and Final Thoughts

Resources:

Ben Sperry on LinkedIn

Bestow on LinkedIn

Bestow Website

Clint Palermo on LinkedIn

Tom Fox

Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo

Tue, 06 May 2025 13:40:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Clint Palermo, Kristy Grant-Hart, and Stephanie Font. In part 1, we discuss understanding human trafficking and modern slavery: a business imperative with Clint Palermo, Senior Manager (Due Diligence) at Diligent.

Tom and Clint take a dive into the pressing issues of human trafficking and modern slavery and their significance to the business community. Palermo highlights his professional journey in compliance, beginning in 2018 at Diligent, and discusses the regulatory landscape across various jurisdictions, including notable laws like Canada’s S-211, the EU’s CS3D Directive, and the US’s Uyghur Forced Labor Prevention Act. The conversation emphasizes the importance of knowing third parties (KY3P), managing reputational risks, and maintaining continuous due diligence to ensure ethical business practices and compliance.

Key highlights:

Significance of Human Trafficking and Modern Slavery
Global Regulations on Forced Labor
Impact of Forced Labor on Businesses
Reputational Risks and Moral Imperatives
Solutions and Compliance Programs

Resources:

Visit Diligent Website

Tom Fox

Training Synergy: Insights from Compliance and HR Integration with Lori Stahl

Thu, 01 May 2025 05:00:00 -0000

In this episode, Roxanne Petraeus visits with Lori Stahl, Chief People Officer at Synaptics Incorporated. Stahl discusses the intersection of HR and compliance training and covers the importance of a seamless, non-siloed approach to training; the challenges of staying current with compliance laws; and the benefits of using an external platform like Ethena for consistency and ease. Stahl also highlights the value of tailored, role-specific training and real-time microlearning to enhance employee engagement and effectiveness. The conversation concludes with a discussion on future innovations, including the potential of AI and adaptive learning in compliance training.

Key highlights:

HR and Compliance Training Overlaps
Challenges of Siloed Training
Effective Compliance Strategy
Choosing Athena for Compliance Training
The Importance of Customer Success
Future of Compliance Training

Resources:

Lori Stahl on LinkedIn

Synaptics Incorporated on LinkedIn

Synaptics Incorporated Website

Unity Technologies on LinkedIn

Tom Fox

Exploring the Fractional COO Model with La Tonya Roberts

Tue, 29 Apr 2025 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with La Tonya Roberts to discuss the concept of the fractional COO and how it can benefit organizations of all sizes.

Roberts shares her professional journey, including transitioning from working for a major consulting firm to becoming an entrepreneur and fractional COO. She emphasizes the importance of strategic planning, relationship building, and effective change management in achieving business success. She also highlights how fractional COOs can provide valuable expertise to visionary founders and smaller companies, ensuring operations run smoothly and effectively.

They explore the critical role of a fractional COO in supporting business growth, optimizing processes, and leveraging AI to enhance efficiency. Roberts introduces her Operations Gold Mine Framework, an eight-part process that helps businesses develop sustainable and scalable operations. Listeners will gain insights into the unique challenges and opportunities presented by the fractional COO model and practical tips for fostering resilience and creativity in the entrepreneurial space.

Key highlights:

• Roberts’s Professional Journey
• The Fractional COO Model
• Leveraging AI in Business
• CEO and COO Relationship Dynamics
• Operations Gold Mine Framework

Resources

La Tonya Roberts on LinkedIn

Tom Fox

Innovation in Compliance was recently honored as the number 4 podcast in Risk Management by 1,000,000 Podcasts.

Design-Centric Compliance Training with Karen Oddo

Thu, 24 Apr 2025 05:00:00 -0000

In this episode, Roxanne Petraeus welcomes Karen Oddo, Senior Managing Counsel and Legal Compliance at Unity Technologies. Karen shares insights on Unity’s software platform, which is predominantly known for video game development, and its expansive global footprint. The discussion dives into best practices for compliance training, emphasizing the importance of user experience and personalized content to engage employees effectively. Karen highlights the significance of targeted risk-based training and the benefits of leveraging advanced analytics to improve compliance programs. With anecdotes from her experience and her value in working with Ethena’s customizable and responsive platform, Karen offers practical advice for compliance leaders looking to enhance their training efforts.

Key highlights:

Compliance Training Best Practices
The Importance of User Experience in Compliance Training
Customizing Compliance Training with Ethena
Leveraging Analytics for Targeted Training
The Value of Strong Vendor Support

Resources:

Karen Oddo on LinkedIn

Unity Technologies

Ethena

Academy Of MotivAction Website

Tom Fox

Strategic Compliance in Regulated Industries with Kerri Reuter

Tue, 22 Apr 2025 10:50:00 -0000

Reuter shares her extensive law, compliance, and athletics background, including her journey from being a volleyball player to her professional career in the insurance industry. The discussion covers SageSure's business operations as a managing general agency (MGA) and the importance of collaboration and strategic thinking in her role. Reuter also highlights the significance of robust compliance programs in regulated industries, the implementation of the Athennian tool for corporate governance, and future growth plans, emphasizing the need for efficiency and forward-thinking in compliance and legal departments.

Key highlights:

Reuters’ Academic and Professional Journey
The Business of SageSure
Lessons from Volleyball: Skills in Professional Life
Regulatory Compliance in the Insurance Industry
Leveraging Athennian for Corporate Governance
Future Vision and Industry Involvement

Resources:

SageSure on LinkedIn

Kerri Reuter on LinkedIn

SageSure Website

Athennian Website

Part 3: Mastering Stress Communication with the C.A.R.E.S. Framework

Thu, 17 Apr 2025 12:11:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this concluding episode of a three-part series, Tom Fox visits with Jen Hardy, Chief Operations Officer at the Academy Of MotivAction, to discuss how stress affects communication and delve into why communication often breaks down under stress.

They highlight the role of psychological safety and emotional regulation. Jen shares a personal story illustrating the importance of self-awareness and self-regulation in maintaining effective communication during stressful times. She also introduced the C.A.R.E.S. framework, which provides practical tools for managing tough conversations and establishing trust. Irina Alexander, founder & CEO of the Academy of MotivAction, joins to give a call to action, emphasizing the significance of their approach to improving professional and personal relationships through enhanced communication strategies.

Key highlights:

Understanding Communication Breakdown
Personal Story: Handling Stressful Conversations
The Importance of Psychological Safety
The C.A.R.E.S. Framework for Effective Communication
Practical Tips for Better Conversations
Corporate Communication: Speak Up and Listen Up

Resources:

Academy Of MotivAction on LinkedIn

Jen Hardy on LinkedIn

Irina Alexander on LinkedIn

Tom Fox

Instagram

Academy Of MotivAction Website

YouTube

Part 2: Tactical Resilience: Mastering Stress and Self-Awareness

Wed, 16 Apr 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this part 2 of the 3-part series, Tom Fox and Irina Alexander, founder & CEO of the Academy of MotivAction, explore tactical resilience and how awareness and self-mastery shape performance.

They use the metaphor of stress 'driving the bus' to highlight the various ways unmanaged stress manifests, from irritability to substance abuse and eventual burnout. Irina also distinguishes between burnout and breakdown, noting that while burnout is cumulative stress, a breakdown is a singular event. The discussion extends to the corporate world's awareness of the costs of stress and the importance of self-awareness in improving performance and emotional well-being. Irina shares actionable steps to cultivate self-awareness and sheds light on the pitfalls of equating control with strength. She emphasizes that authentic leadership requires flexibility and adaptation. The episode concludes with a teaser for the next episode, covering emotional regulation and trust rebuilding in high-pressure situations.

Join us tomorrow, where we conclude our 3-part series by visiting with Jen Hardy on Communication, Emotional Stability & the Power of Trust.

Key highlights:

Understanding Stress and Burnout
Corporate Stress and Productivity
Self-Awareness and Emotional Wellbeing
High Performers and Burnout Indicators
Personal Rituals for Grounding

Resources:

Academy Of MotivAction on LinkedIn

Jen Hardy on LinkedIn

Irina Alexander on LinkedIn

Tom Fox

Instagram

Academy Of MotivAction Website

YouTube

Part 1: Understanding the Hidden Costs of High-Stress Professions

Tue, 15 Apr 2025 11:15:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series with Irina Alexander and Jen Hardy, the founders of Academy Of MotivAction. In part 1, we discuss the hidden cost of high-stress careers.

We take a deep dive into the costs and impacts of high-stress professions. They discuss the universal toll of pressure in male- and female-dominated fields, the detrimental effects of hustle culture, and how societal norms often glamorize overworking. Jen and Irina emphasize the importance of self-awareness, emotional regulation, and the need for proactive care. They share personal anecdotes and professional insights on mitigating the negative impacts of stress, providing practical and neuroscience-based strategies through their CARES program. The discussion aims to destigmatize seeking help and promote healthier, more sustainable work habits.

Join us tomorrow where we discuss Tactical Resilience: How Awareness & Self-Mastery Shape Performance.

Key highlights:

The Hidden Costs of High-Pressure Jobs
Hustle Culture and Its Impact
Addressing Shame and Guilt in High-Stress Professions
The Importance of Rest and Recovery
Personal Experiences with Stress and Health
Proactive Care and Stress Management
Challenging Deep-Seated Beliefs

Resources:

Academy Of MotivAction on LinkedIn

Jen Hardy on LinkedIn

Irina Alexander on LinkedIn

Tom Fox

Instagram

ModeOne Technologies in LinkedIn

YouTube

Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye

Tue, 08 Apr 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Matt Rasmussen and Ryan Frye from ModeOne and their innovative approach to compliance data collection and cybersecurity.

They discuss their professional backgrounds, the founding of ModeOne, and their solutions to common challenges in data collection for compliance purposes. The conversation covers the shift from full data extraction to targeted data collection, navigating the complexities of encrypted communications, and the evolution of cloud compliance and AI integration. Key takeaways include the importance of targeted data collection, the use of AI in compliance monitoring, and strategies for balancing data privacy and protection.

Key highlights:

Founding ModeOne: The Journey
Innovation in Compliance and Cybersecurity
Role of the Chief Innovation Officer
Risk Management Frameworks
Future of Cloud Compliance and AI
Top Action Items for Compliance Officers
Preparing for the Future: 2030 and Beyond

Resources

Matt Rasmussen on LinkedIn

Ryan Frye on LinkedIn

ModeOne Website

Mobile Device Data Collection: What You Need to Know in 2025

Tom Fox

Crisis Preparedness with Coni Meyers

Tue, 01 Apr 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with Coni Meyers, an expert in crisis preparedness and sustainability.

Coni discusses her extensive background, including her time as a FEMA inspector and trainer, and how it led her to her current mission of educating communities on disaster resilience through her initiative, Be Prepared Be Ready. The highlight of their conversation is Coni’s Kits for Kids initiative, which empowers young people to become spokespeople for emergency preparedness in their communities, thereby addressing broader concerns, including mental health and sustainability. Throughout the episode, Coni emphasizes the importance of local community involvement and innovative solutions in disaster preparedness and sustainability, making a strong case for proactive measures to mitigate the impacts of increasing climate-related disasters.

Key highlights:

The Importance of Crisis Preparedness
Kits for Kids Initiative
Community and Organizational Collaboration
Preparedness and Sustainability in Business
Innovative Solutions for Disaster Resilience
Kits for Kids: Spokesperson Campaign

Resources:

Coni Meyers on LinkedIn

Coni Meyers on Instagram

Coni Meyers on Facebook

Tom Fox

Visionary Leadership with Jackson Calame

Tue, 25 Mar 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox views Jackson Calame, a dynamic entrepreneur dedicated to helping other entrepreneurs get out of their way.

Jackson shares his journey from a less-than-stellar academic record to professional success in leadership consulting and podcasting. He emphasizes the importance of infrastructure in scaling businesses and draws an interesting analogy using Batman and Alfred to explain his role in supporting entrepreneurs. Jackson also delves into the value of developing a strong company culture, the significance of effective leadership, and the eight layers of sustainable revenue growth. He further explains the importance of understanding and building personal and corporate power brands in today’s market. Wrapping up, Jackson talks about fostering environments where great leaders can emerge by following and learning from others.

Highlights include:

The Role of Infrastructure in Entrepreneurship
The Concept of ‘Chief’ in Leadership
Dysfunctional vs. Championship Teams
Building a Power Brand
Eight Pillars of Sustainable Revenue Growth

Resources:

Website: firstclassbusiness.io

LinkedIn: Jackson Calame LinkedIn

Podcast: Vision Pros Live

Tom Fox

Nikki Rausch on Harnessing Relationships for Sales and Effective Compliance

Tue, 18 Mar 2025 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox welcomes Nikki Rausch, the Sales Maven, to visit her unique journey and expertise in neuro-linguistic programming (NLP) and sales coaching.

Nikki shares her professional background and foray into NLP and how it transformed her communication skills, leading her to start her own business, Sales Maven. We cover key insights on simplifying the sales process using strategic conversations and frameworks like the ‘Selling Staircase’ and debunking common misconceptions about sales. Nikki emphasizes the importance of building rapport and permission-based selling, making the process more collaborative and less daunting for sellers and buyers.

Tom and Nikki also touch upon the importance of storytelling in making content memorable and techniques for scaling businesses by training teams to recognize buying signals and create curiosity. Whether in the corporate world of compliance or an entrepreneur looking to scale your business, this episode offers valuable strategies that can be applied across various fields. Don’t miss Nikki’s gift—a free training course on asking the right questions in sales calls, available through her website.

Highlights include:

Exploring NLP and Sales Techniques
The Selling Staircase Framework
Building Relationships in Sales
Positioning Yourself as a Solution Provider

Resources:

Nikkie Rausch on LinkedIn

Your Sales Maven

Free Training called Seal The Deal

Your Sales Maven Podcast

The Selling Staircase: Mastering the Art of Relationship Selling

Your Sales Maven Facebook & Instagram

Tom Fox

Navigating AI Governance in 2025 with Christine Uri

Tue, 11 Mar 2025 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox welcomes Christine Uri to discuss her insights and experiences in AI governance.

Christine shares her extensive background as a legal executive and outlines her current work in advising general counsels on governance and sustainability issues at her consulting firm, CURI Insights. Christine emphasizes the importance of a cross-functional committee to oversee AI governance and highlights AI technology’s rapid evolution and inherent risks. The episode also covers the implications of the EU AI Act, the urgency of building AI literacy, and the challenges of managing AI risks in a dynamic regulatory landscape. As AI continues to evolve at a breakneck pace, Christine offers practical advice on how companies can keep up and ensure robust governance frameworks are in place to mitigate risks.

Key highlights:

AI Governance and Compliance
AI Governance in 2025
EU AI Act and Its Implications
Building AI Literacy in Compliance
Future of AI and Compliance

Resources:

Christine Uri on LinkedIn

Hard Fork podcast

Tom Fox

Alyssa Borden on The Power of Strategic People Processes in Organizations

Tue, 04 Mar 2025 17:23:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox welcomes Alyssa Borden, founder of SuccessBridge, LLC.

Alyssa founded SuccessBridge, LLC, to offer tailored solutions that bridge strategic and tactical needs for diverse organizations. Her approach is centered on understanding each client's unique situation and embedding herself with their teams to ensure that the solutions provided are both effective and sustainable. Alyssa views every challenge as an opportunity for growth, emphasizing the importance of effective communication and collaboration to navigate workplace changes successfully. Through SuccessBridge, LLC, she aims to empower organizations to build strategic people processes and develop digital upskilling programs, thereby driving transformation and fostering continuous improvement and adaptability.

Key highlights:

Strategic Team Building Solutions by SuccessBridge
Cultural Alignment Through Hiring Touchpoints
Navigating Complexities in Workplace Technology Implementation
Strategic Flexibility: Navigating Dynamic Organizational Changes
Custom Solutions Through Embedded Team Approach

Resources:

Alyssa Borden on LinkedIn

Tom Fox

From Military Service to Corporate Success: Insights on Leadership, Resilience, and Compliance with Sean Douglas

Tue, 25 Feb 2025 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Sean Douglas, a dynamic speaker and author with a rich background spanning 20 years in the Air Force.

Sean discusses his professional journey, emphasizing lessons from his military service, such as the importance of recognizing bad leadership, discipline, patience, and service. He further delves into his podcasts and books, focusing on resilience, leadership, and business positioning. Highlighting key concepts like gratitude, transformational leadership, and overcoming self-defeating behaviors, Sean provides actionable insights for corporate compliance officers and executives. This episode is packed with practical advice on building a supportive workplace culture, creating positive work environments, and achieving long-term success through values-based goals.

Key highlights:

Resiliency and Leadership Insights
Military Service Lessons
Resilience and Mental Health
Transformational Leadership
Business Positioning and Category Design
Values-Based Goals and Compliance

Resources:

Sean Douglas on LinkedIn

Tom Fox

Supporting White Collar Offenders: A Conversation with Jeff Grant

Tue, 18 Feb 2025 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox welcomes back Jeff Grant, co-founder of the White Collar Support Group, an initiative of Progressive Prison Ministries.

Jeff shares the evolution of the support group, which now boasts over 1,300 members and focuses on providing spiritual and emotional support to those navigating the white-collar criminal justice system and their families. Jeff discusses the importance of community and the group’s diverse membership, which includes individuals from various backgrounds affected by white-collar crime. He also highlights the group’s expansion into advocacy work, including initiatives for federal pardon and expungement reform and the right to banking for formerly incarcerated individuals. Jeff reflects on his journey through addiction, incarceration, and redemption, emphasizing his commitment to helping others through similar struggles. The episode concludes with ways for listeners to engage with Jeff and support his impactful work.

Key highlights:

White Collar Support Group Overview
Diversity and Evolution of the Group
Family Support and Integration
ABA White Collar Conference and Legal Assistance
Federal Pardon and Expungement Reform
Right to Banking Initiative
Personal Journey and Reflections

Resources:

Jeff Grant on LinkedIn

Grant Law

White Collar Support Group

Tom Fox

Exploring NLP and Burnout Recovery: Insights from Irina Alexander and Jen Hardy

Tue, 11 Feb 2025 06:00:00 -0000

Innovation comes in many forms, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by fellow C-Suite members Irina Alexander and Jen Hardy, co-founders of the Academy of MotivAction.

Their discussion begins by examining the transformative impact of Neuro-Linguistic Programming (NLP) and other self-discovery tools on their personal and professional lives. They further explore their CARES approach, which stands for Communication, Awareness, Resiliency, Emotional Literacy, and Self-Mastery, designed to help high-stress professionals, including first responders and corporate workers, manage stress, prevent burnout, and build resiliency. Irina and Jen share their journey from being educators and entrepreneurs to founding the Academy of MotivAction and the programs and initiatives they offer designed to foster better communication, stronger relationships, and overall well-being in high-stress environments.

Key highlights:

Jen Hardy’s Journey: From Educator to NLP Expert
Irina Alexander’s Background and Meeting Jen
Understanding the Cycle of Overcommitment
The CARES Approach for First Responders
Expanding CARES to Corporate and High-Stress Environments

Resources:

Jen Hardy on LinkedIn

Irina Alexander on LinkedIn

The Academy of MotivAction

Tom Fox

Financial Literacy and Smart Investing with Kris Miller

Tue, 04 Feb 2025 06:00:00 -0000

Innovation comes in many areas, and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Kris Miller, a fellow podcaster, author, and member of the C-Suite, to discuss her extensive background as a financial expert.

Kris shares her journey from starting as a paralegal to becoming a prominent figure in financial education, particularly focusing on living trusts and safe money strategies. She provides valuable insights into how individuals can ‘crash-proof’ their finances using tools like equity index annuities and index universal life policies. Kris underscores the importance of early financial planning and debunks myths surrounding investments, emphasizing the need for safe and sustainable financial practices. She also touches upon the significance of living trusts and asset protection in traditional estate planning. Kris’s mission is to educate millions on healthy money strategies, especially amidst current financial volatility. Kris discusses her podcast ‘Money 9-1-1,’ which covers health, wealth, and peace of mind, and her book ‘Ready for PREtirement: 3 Secrets for Safe Money and a Fabulous Future.’

Key highlights:

Mission to Educate on Financial Strategies
Living Trusts and Asset Protection
Insurance as an Investment Tool
Long-Term Health Care Solutions
Social Media Outreach and Podcast

Resources:

Kris Miller on LinkedIn

Money 9-1-1 Podcast

Ready for PREtirement on Amazon.com

Tom Fox

Sam Silverstein on the Fractional Chief Culture Officer

Tue, 28 Jan 2025 06:00:00 -0000

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Sam Silverstein from the Accountability Institute to discuss his new service offering, the Fractional Chief Culture Officer.

Sam elaborates on the essential role of a Chief Culture Officer who collaborates with the CEO to establish a culture by design rather than by default. This service allows organizations of all sizes, from those with 24,000 employees to those with just 26, to benefit from their extensive expertise in developing and maintaining a high-performance culture. Sam emphasizes the importance of leadership in driving culture and shares how a fractional chief culture officer can provide the necessary support and tools to ensure that the organization’s values and culture are consistently upheld across all levels. The episode delves into the practical aspects of working with different sizes of organizations, the importance of continuous cultural assessment, and the role of leadership in fostering a sustainable, high-performance culture.

Key highlights:

Introducing the Fractional Chief Culture Officer
Defining the Role and Importance of a Chief Culture Officer
The Continuous Nature of Culture Management
Tailoring Services to Client Needs

Resources:

The Accountability Institute

Tom Fox

Navigating Accounting and Compliance with Mike Whitmire

Tue, 21 Jan 2025 06:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready to embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Mike Whitmire, Co-founder & CEO at FloQast, on his journey in accounting and compliance.

In this episode, Tom is in a riveting conversation with Mike Whitmire, Co-founder & CEO at FloQast. They dive into Mike’s professional journey, starting from his early days at Ernst & Young, navigating the complexities of Sarbanes-Oxley (SOX) compliance, and eventually founding FloQast. Mike shares his firsthand experiences with the challenges in accounting and compliance, such as the talent gap and behavior change within organizations, and explains how FloQast’s closed management and compliance software addresses these issues. The discussion deeply delves into risk orchestration and its critical role in modern compliance strategies.

Additionally, Mike provides insights into his passion for podcasting and touches on his book, ‘Shift Happens,’ co-authored to highlight the rise of the operational accountant. The episode wraps up with a focus on FloQast’s innovative solutions that integrate daily accounting tasks with compliance requirements, thus simplifying processes for finance professionals. Tune in to hear how a common pain point in the accounting world led to the creation of a transformative software solution.

Key highlights:

Challenges in Accounting and Compliance
Risk Orchestration and Compliance
Mike’s Podcast and Book

Resources:

Mike Whitmire on LinkedIn

FloQast

Purchase Shift Happens on Amazon.com.

Tom Fox

Todd Haugh on Ethical Decision Making in the Workplace: Beyond Financial Incentives

Tue, 14 Jan 2025 06:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with Todd Haugh, Associate Professor of Business Law and Ethics at the IU Kelley School of Business, Arthur M. Weimer Faculty Fellow in Business Law Board Member and Jesse Fine Fellow, The Poynter Center for the Study of Ethics, and American Institutions Director of the Institute for Corporate Governance and Ethics.

Tom and Todd have too much fun, deep-diving into the intricate relationship between missed bonuses and ethical decision-making in a corporate environment. They discuss how unmet expectations around bonuses can lead to the rationalization of unethical or illegal behavior by employees. They emphasize the importance of managers understanding the broader implications beyond economic incentives, as ignoring these psychological factors can introduce significant risks to an organization. They also talk about the Institute for Corporate Governance and Ethics. Tune in to hear two top commentators talk about financial and other incentives in compliance and how these dynamics can affect overall corporate compliance. Learn strategies to mitigate associated risks.

Understanding Behavioral Ethics in Business
Impact of Missed Bonuses on Ethical Decision Making
Rationalizing Unethical Behavior
Perception of Company Care
Potential for Unethical or Illegal Behavior
The Institute for Corporate Governance and Ethics

Resources:

Todd Haugh on LinkedIn

Indiana University-Kelley School of Business

Institute for Corporate Governance and Ethics

Todd Haugh at Kelley School of Business

Tom Fox

Navigating Leadership and Talent Retention with Pat McNeil

Tue, 07 Jan 2025 06:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Pat McNeil, founder and principal of Chart House Solutions, to delve into his extensive experience in the Navy and his journey into leadership development and organizational coaching.

Pat discusses his transition from the military to civilian life, the creation of Chart House Solutions, and his role in guiding clients through professional and personal challenges. He introduces the EC3 principle for talent retention—expectations, communication, commitment, and consistency, drawing parallels from his military service to corporate environments. He also highlights the importance of structured training and the concept of ‘falling forward’ in professional development. He discusses the Lego Serious Play method, emphasizing the role of serious play in improving corporate settings and engagement. Pat stresses that coaching at all organizational levels fosters effective leadership and a sustainable company culture.

Key highlights:

Pat McNeil’s Professional Background
The EC3 Principle for Talent Retention
Lego Serious Play Method in Corporate Training
Falling Forward: Embracing Failure in Professional Development
Training with Purpose: Driving Culture and Engagement
The Importance of Coaching in Professional Development

Resources:

Pat McNeil on LinkedIn

Chart House Solutions

Tom Fox

Sage Franch and Scott McCleskey on AI-Powered Compliance Strategies for Risk Prevention

Tue, 31 Dec 2024 06:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready to embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom welcomes Sage Franch, CEO and co-founder of Rulebook.ai, and Scott McCleskey, a member of Rulebook.ai’s board of advisors, who discuss their innovative AI-driven solutions for regulatory compliance.

Sage and Scott offer compelling perspectives on the role of artificial intelligence in compliance. Sage views AI as a tool to augment human capabilities, enabling compliance professionals to process large volumes of information swiftly and focus on strategic decision-making, provided the AI tools are built on trusted data sources. Meanwhile, Scott highlights AI’s potential to enhance compliance programs by reducing false positives, improving risk management, and offering real-time regulatory insights, which can make compliance efforts more efficient and proactive. Both experts agree that AI’s integration into compliance streamlines processes and empowers professionals to address compliance challenges with greater confidence and foresight.

Key highlights:

The Superpower of AI in Compliance
Enhancing Compliance Processes with AI
Proactive Compliance Measures with AI Technology
AI-Powered Compliance Strategies for Risk Prevention

Resources:

Sage Franch on LinkedIn

Scott McCleskey on LinkedIn

Tom Fox

Boosting Corporate Culture Through Engagement with Stephan Poschik

Tue, 17 Dec 2024 06:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Stephan Poschik, an entrepreneur with over 23 years of experience in the health and wellness industry and founder of six companies primarily focused on coaching and consulting.

Stephan discusses his journey from Austria to running businesses across Europe and the United States and shares insights into his work with major corporations like Siemens, Toyota, and Volkswagen. The conversation highlights the importance of employee engagement, compliance, and corporate culture in driving productivity and ethical business practices. Stephan explains the dangers of disengaged employees and emphasizes the need for companies to create environments that foster engagement and loyalty.

Stephan also delves into the differences in corporate wellness practices between Europe and the United States and how cultural factors influence employee engagement and compliance. He shares his CHC process for assessing and improving corporate health, which involves gathering employee feedback and implementing changes across three dimensions: personal responsibility, leadership development, and process optimization. Stephan believes companies can enhance employee and organizational performance by focusing on these areas, ultimately making them more competitive in the marketplace.

Key highlights:

Stephan’s Background and Career Journey
Corporate Engagement and Compliance
The Impact of Disengagement
Cultural Differences in Corporate Wellness
Employee Engagement Strategies
Consulting Process and KPIs

Resources:

Stephan Poschik on LinkedIn

Corporate Health Consulting GmbH

Corporate Health Consulting & CHC Franchise LLC

Tom Fox

From Engineer to Business Coach: Insights on Leadership and Growth with Brad Farris

Tue, 10 Dec 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits Brad Farris to delve into his multifaceted role as a business coach, advisor, and personal growth director.

Brad shares his journey from engineering to coaching, emphasizing the shift business owners need from service delivery to managerial roles as their companies grow. The discussion covers the complexities of leadership evolution, the impact of AI on professional services, and strategies for scaling and potentially selling a business. Brad provides practical advice on managing client relationships, mentoring emerging leaders, and navigating the intricacies of corporate transitions. Tune in to gain valuable insights on personal and business growth, whether you are an entrepreneur or a compliance professional.

Key highlights:

Challenges in Leadership Transition
Dealing with Client Expectations
Mentorship and Leadership Development
Mastermind Groups Explained
Preparing for Business Acquisition

Resources:

Brad Farris on LinkedIn

Anchor Advisors

Tom Fox

Navigating Compliance and Innovation with Colin Darke

Tue, 03 Dec 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox visits with Colin Darke, an attorney and compliance professional with a diverse career spanning over twenty years.

Colin shares his journey from banking and finance law to in-house compliance roles, eventually co-founding CompliSun, an AI-enhanced compliance management system. Colin discusses his experience handling regulatory challenges, building compliance programs from scratch, and innovating within fintech. He also delves into his book ‘Unleashing Innovation: Compliance Strategies for FinTech Disruptors,’ which offers practical guidance for compliance professionals. Additionally, Colin explores his dual passion for art, explaining how being an artist has contributed to his mental well-being and professional success. Listeners will gain valuable insights into integrating AI in compliance, effective training techniques, and the importance of creating a strong compliance narrative for regulators.

Key highlights:

Colin Darke’s Professional Journey
Authorship and Book Insights
CompliSun: AI-Enhanced Compliance
Regulated vs. Non-Regulated Industries
AI Revolution in Compliance
Art and Compliance: A Unique Intersection

Resources:

Colin Darke on LinkedIn

CompliSun

Unleashing Innovation-Compliance Strategies for Fintech Disruptors

Tom Fox

Innovating Data Security a Conversation with Christian Geyer

Tue, 26 Nov 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Christian Geyer, CEO of Actfore, the podcast’s sponsor.

Christian discusses his journey from initially supporting the Navy and Marine Corps to founding Actfore, a company focused on automating breach notifications using onshore software powered by patent-pending AI technologies. The conversation delves into how Actfore simplifies breach notifications and the impact of AI and machine learning in improving speed, precision, and data security in incident responses. Christian also speaks on the importance of unified risk management, future data governance trends, and the regulatory requirements for data transfers between the US and EU. This episode offers valuable insights into leveraging data mining to enhance compliance and cybersecurity measures.

Key highlights:

Automation and Innovation in Data Breach Response
AI and Machine Learning in Data Mining
Compliance and Data Governance
Reverse Domino Effect in Incident Response
Future of Data Mining and Risk Management

Resources

Christian Geyer on LinkedIn

Tom Fox

Navigating Risk Management in the Automotive Industry with Tom Kline

Tue, 19 Nov 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Tom Kline, a seasoned automobile industry expert and risk management authority.

The two Toms delve into specific risks unique to car dealerships and how to manage customer and employee relations to avoid regulatory problems effectively. Kline shares his extensive experience from almost 35 years in the industry, detailing strategies like proactive online reputation management and creative contractual clauses designed to preempt legal issues from customer disputes. They also discuss the complexities of insurance policies in the automotive sector and the importance of understanding coverage as a risk mitigation tool. Kline introduces ‘Tuck the Octopus,’ a metaphor for handling the multifaceted challenges dealerships face, emphasizing customer service’s importance in fostering long-term loyalty.

Key highlights:

Key Risks in Automobile Dealerships
Managing Customer and Employee Complaints
Upstream Risk Management
Tuck the Octopus: A Creative Solution
Service Aspect of Dealerships

Resources:

Tom Kline on LinkedIn

Tom Fox

Exploring Client-Side Security and PCI DSS Compliance with Rui Ribeiro

Tue, 12 Nov 2024 06:00:00 -0000

Rui discusses innovative measures in client-side security and PCI DSS compliance, his professional background, and the significance of the PCI DSS Version 4 update in enhancing client-side environments, mainly focusing on controlling third-party vendors to prevent unauthorized data access. The discussion outlines the strides taken in making transactions secure and offers insights into the broader implications of data privacy and compliance trends. Listeners will gain a comprehensive understanding of the intersection between technology and compliance in the context of data security alongside the evolving regulatory landscape.

Key highlights:

Exploring Client-Side Security and PCI DSS Compliance
The Importance of PCI DSS Version 4
Challenges and Solutions in Client-Side Security
Jscrambler’s Role and Customer Engagement
Future of Client-Side Security and Compliance

Resources:

Rui Ribeiro on LinkedIn

Tom Fox

Anik Singal on His Journey from Digital Marketer to Compliance Advocate

Tue, 05 Nov 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, Tom Fox sits down with Anik Singal, an expert in digital marketing and compliance.

They discuss the often-overlooked aspects of compliance in direct marketing business. Anik shares his remarkable journey from being an online marketer for over two decades to facing a civil investigative demand from the FTC just as he was about to sell his company. This life-altering experience led him to focus on marketing compliance, creating AI-powered software, a podcast, a book, and an academy aimed at helping businesses market compliantly while still achieving high conversion rates. The episode delves into the complexities of FTC, SEC, and FINRA regulations and provides actionable insights into maintaining compliance to avoid legal pitfalls.

Key highlights:

The Turning Point: FTC Investigation
Lessons Learned and New Mission
Understanding FTC Marketing Compliance
The Pentagon of Compliance
The Importance of Substantiation in Marketing
The ‘Don’t Say That’ Podcast

Resources:

Anik Singal on LinkedIn

Complily

Don’t Say That podcast

Tom Fox

Revolutionizing Compliance: AI’s Role in Shaping The Future of Compliance Financial Institutions

Tue, 29 Oct 2024 05:00:00 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast.

In this episode, Tom Fox has an enlightening discussion with John Sun, CEO of Spring Labs, sponsor of this podcast, as they delve into the transformative impact of AI on compliance in the financial sector.

John shares his journey from a Chief Risk Officer at Avant to leading Spring Labs, an AI company focused on creating innovative compliance tools for financial institutions. The episode explores the significant gap in existing compliance tools and the company’s contributions to making compliance processes more efficient and adoptable. They cover the challenges faced by compliance professionals in communicating the value of these tools to quantitative-oriented stakeholders and highlight how AI-powered solutions like Zanko ComplianceAssist, Agent Assist, and Customer Assist are enhancing efficiency and accuracy.

Additionally, the conversation touches on how AI is being used to convert unstructured conversational data into actionable insights, leading to better business decisions and process improvements. This episode offers valuable insights for financial institutions aiming to use customer feedback as a strategic resource and emphasizes the growing importance of AI in compliance and data management.

Key Highlights:

The Genesis of Spring Labs
Strategic Value of Compliance Management
Leveraging AI in Compliance
Streamlining Customer Service with AI
Leveraging Data for Business Efficiency
AI’s Role in Structuring Data
Future of AI in Compliance

Resources:

John Sun on LinkedIn

Tom Fox

Monica Goyal on Tech-Driven Solutions for Law Firms

Tue, 22 Oct 2024 05:00:00 -0000

In this episode, Tom welcomes Monica Goyal, the Vice President for Legal Innovation and Lawyer at Caravel LLC and Briefly LLC, to explore the transformative potential of technology in the legal industry.

Monica has a non-traditional journey to the legal profession, beginning with her educational background in electrical engineering and firsthand experience in Silicon Valley. From this perspective and after law school and work in the legal field, she observed multiple process inefficiencies. She discusses how advanced technologies like generative AI and data analytics can address these inefficiencies, improving corporate governance, contract management, and the overall delivery of legal services.

Monica highlights the importance of legal innovation officers in law firms and the role of Caravel Law’s unique model in providing backend support to legal professionals, allowing them to escape administrative tasks and focus on core legal work. She also touches on the innovative concept of fractional in-house counsel, which serves businesses needing more support than external counsel without the full expense of a general counsel. Listeners will gain insights into the growing necessity for legal tech skills and the benefits of tools such as Athennian for document automation. Monica underscores the value of emerging technologies and encourages further exploration of resources like Caravel and Briefly for legal professionals.

Key Highlights:

Monica Goyal’s Unique Journey into Law
Innovations in Corporate Legal Departments
Communicating Tech Solutions to Legal Professionals
Caravel’s Unique Business Model
Management with Athennian

Future of Legal Tech and Data Analytics

Resources:

Monica Goyal on LinkedIn

Caravel LLC

Tom Fox

Tech Evolution in Real Estate Law: A Conversation with Christy-Ann Jordaan

Tue, 15 Oct 2024 05:00:00 -0000

In this episode, Tom welcomes Christy-Ann Jordaan, a Paralegal with extensive experience in the commercial real estate sector.

Christy discusses her career journey, starting from her early days in law firms to her current role at BOSA Properties in Vancouver. She elaborates on the evolution of technological solutions in the legal field, emphasizing the benefits of automating manual tasks and enabling self-service information access. Christy highlights how these innovations have improved efficiency, reduced workload, and enhanced service quality. She shares insights into the implementation of Athenian, a digital solution for managing corporate records, which has transformed their operations by centralizing data and enabling secure access. Looking ahead, Christy is excited about future tech advancements, including AI-powered corporate record management. Listeners are encouraged to connect with her on LinkedIn or explore BOSA Properties’ website for more information about the company’s endeavors.

Key Highlights:

Christy’s Professional Journey
Technological Evolution in Legal Work
Athenian Solution: A Game Changer
Future Tech Solutions and AI

Resources:

Christy-Ann Jordaan on LinkedIn

Tom Fox

Tina Grubisa on Creating a Culture of Governance with Athennian

Tue, 08 Oct 2024 05:00:00 -0000

In this episode, Tom welcomes Tina Grubisa, Industry Consultant, Fund Operations at Athennian, to discuss how Athennian can help to drive a culture of governance at your organization.

In this episode, Tina Grubisa discusses her career transition from finance to a tech startup, ultimately landing at Athennian as a Fund Operations consultant. Athennian, a cloud-based entity management platform, is known for aiding private equity, law firms, and corporations in automating compliance tasks and enhancing corporate governance. The conversation covers Athennian’s value proposition in the market, focusing on its innovative use of AI to evolve from a system of record to one of engagement and intelligence. Tina highlights Athennian’s role in helping clients stay ahead of regulatory demands, such as the SEC’s private fund rule, and building a culture of governance within an ESG framework. Additionally, the platform’s user experience and customer feedback are integral to its ongoing innovation process. Tina also explores future trends in governance and compliance, emphasizing the increasing importance of transparency and the potential impact of AI by 2030.

Key Highlights:

Building a Culture of Governance
Corporate Trends and AI in Governance
Future of Workflow Platforms
Advice for GRC Professionals Going Forward

Resources:

Tina Grubisa on LinkedIn

Tom Fox

Evie Wentink on Rethinking Compliance

Tue, 01 Oct 2024 05:00:00 -0000

In this episode, Tom welcomes back Evie Wentink to discuss the importance of rethinking ethics and compliance practices.

Evie shares insights from her recent LinkedIn articles on best practices for ethics hotlines and the importance of finding creative ways to engage employees in compliance topics. She reads a whimsical Dr. Seuss-inspired piece on reaching ethics hotlines and emphasizes the need for compliance messaging to be approachable and engaging. Additionally, Evie discusses the challenges compliance professionals face with limited budgets and offers practical solutions such as leveraging LinkedIn for networking and creating low-cost, effective compliance awareness tools.

The conversation also touches on the significance of changing the narrative around ethics and compliance for younger generations. Evie shares her experiences discussing compliance with her children and highlights the need for better education in schools to prepare future employees. She concludes by mentioning her new website, Ethical Edge Experts, and various platforms she’s using to spread compliance awareness. Tom and Evie agree on the necessity of continuous dialogue and innovation in the compliance field.

Key Highlights:

Rethinking Compliance Practices
Creative Messaging for Ethics Hotlines
Leveraging Low-Cost Resources
Engaging Managers in Compliance

Resources:

Evie Wentink on LinkedIn

Evie’s Top 10 Compliance Back to Basics

Tom Fox

Greg Shultz on Key Traits for Compliance Professionals: Connecting and Listening

Tue, 17 Sep 2024 10:16:53 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance as he visits with top innovative minds, thinkers and creators in the award-winning Innovation in Compliance podcast. In this episode, Tom welcomes Greg Shultz, the founder of Conformitise, to take a deep dive into his journey in operationalizing compliance in some of the world’s largest companies. Shultz also advises into the essential skills required for a thriving career in compliance.

Emphasizing the importance of active listening, Shultz shares the significance of listening again before advising, to foster a collaborative partnership with business teams. Forming personal connections is highlighted, particularly through face-to-face interactions with investment teams, which helps in understanding different personas and building strong relationships over time. Our discussion also touches on the evolving role of data analytics in the compliance field, stressing its criticality in managing global data and mitigating risk in today's super funds landscape. This episode is a must-listen for anyone aiming to step into or advance within the compliance profession.

Key Highlights

· Introduction to Compliance Professional Skills

· The Importance of Listening and Advising

· Building Strong Relationships

· The Role of Data Analytics in Compliance

Resources

Greg Shultz on LinkedIn

Tom Fox

Travis Howerton on Revolutionizing Compliance: Integrating Automation for Digital Transformation

Tue, 10 Sep 2024 05:00:00 -0000

In this episode, Tom welcomes back, Travis Howerton, a co-founder of RegScale, the sponsor for this episode, to take a deep dive into automating compliance solutions for the digital transformation of compliance.

Howerton advocates for the integration of automation in compliance to keep pace with rapid technological advancements, thereby maintaining competitiveness and efficiency. Through digitizing regulations by using the latest standards and forming strategic partnerships, Howerton and RegScale are transforming traditional compliance from a manual, burdensome task into an automated, streamlined process, thereby redefining the role of compliance professionals as key contributors to secure and innovative operations.

We discuss the three pillars of cybersecurity: confidentiality, integrity, and availability. While much focus is placed on safeguarding confidentiality to protect sensitive information, the speaker highlights that integrity issues pose a significant threat, particularly in sensitive industries like healthcare and critical infrastructure. Compromised integrity can lead to dire physical consequences, making it the most concerning aspect of cybersecurity.

Key Highlights:

Introduction to Cybersecurity’s Three-Legged Stool
Focus on Confidentiality in Cybersecurity
The Critical Importance of Data Integrity
Real-World Implications of Integrity Issues
The Sleepless Nights of a Cybersecurity Analyst

Resources:

Travis Howerton on LinkedIn

Tom Fox

The Evolution of Compliance and Technology: An Interview with Stuart Breslow

Tue, 03 Sep 2024 10:29:33 -0000

In this episode, Tom welcomes Stuart Breslow, a member of the Board of Directors at STAR Compliance., who takes a deep dive into the evolution of tech solutions for compliance.

Breslow has had extensive journey in compliance, including professional roles at Morgan Stanley, Credit Suisse, McKinsey, and Google Cloud. He was the CCO at Morgan Stanley. Our conversation takes a deep dive into the transformation of compliance through technological solutions, the evolution of Codes of Conduct, and the impact of digital tools on compliance efficiency.

Breslow advocates for the use of technology to scale compliance efforts, address evolving challenges, and integrate compliance more seamlessly with business operations. Emphasizing data analysis and proactive risk identification, Breslow believes that modern compliance tools not only enhance efficiency and effectiveness but also contribute significantly to business profitability. Breslow also explores the future role of generative AI and how STAR Compliance is poised to leverage advanced data management to enhance compliance functions.

Key Highlights:

Evolution of Compliance Technology
The Role of Codes of Conduct in Compliance
Digital Transformation in Compliance
Future of Compliance with Generative AI

Resources:

Tom Fox

Unpacking Healthcare Compliance with Maria Villanueva

Tue, 13 Aug 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, Tom welcomes compliance aficionado Maria Villanueva to dive deeply into healthcare compliance.

In this episode, Tom and Maria discuss her diverse career trajectory from accounting to healthcare compliance and delve into the complexities of ethical selling, aggregate spending challenges, and the growing role of AI in the compliance industry. Drawing on her extensive experience, she offers valuable insights on balancing roles in compliance and HR, the impact of data analytics, and the future landscape of healthcare compliance.

Key Highlights

Passion for Healthcare
Challenges in Healthcare Compliance
Balancing Compliance and HR Roles
The Role of Data Analytics and AI in Compliance
Future of Healthcare Compliance

Resources

Maria Villanueva on LinkedIn

Tom Fox

Alan Saquella on Navigating The Complexities of Corporate Whistleblowing and Compliance

Tue, 06 Aug 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals not only need to be ready for it but also embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast.

In this episode, Tom welcomes back Alan Saquella to discuss critical issues surrounding retaliation, whistleblowers, and fostering a speak-up culture within corporations.

Saquella, drawing from his extensive background in law enforcement, corporate compliance investigations, and academia, delves into the challenges middle managers face due to the fear of retaliation from senior leadership. The conversation also explores the ethical dilemmas in C-suite decisions regarding vendor and supplier selection, the mechanics and significance of whistleblower hotlines, and the crucial role of senior leadership in promoting ethical practices. Alan further emphasizes the importance of protecting whistleblowers and ensuring the effectiveness of compliance mechanisms through education, promotion, and a trust-centric approach.

Key Highlights:

Retaliation and Whistleblowers
Middle Managers and Ethical Dilemmas
Vendor and Supplier Selection Ethics
Whistleblower Programs and Confidential Hotlines
Role of Senior Leadership in Ethical Practices
Whistleblower Protection and Corporate Culture

Resources:

Alan Saquella on LinkedIn

Tom Fox

John Byrne and Corlytics – Innovations in Regulatory Compliance

Tue, 30 Jul 2024 05:00:00 -0000

In this episode, Tom speaks with John Byrne, founder and CEO of Corlytics.

John shares his background as a serial entrepreneur focusing on technology and finance and discusses the inception and mission of Corlytics. The conversation delves into the complexities of regulatory compliance, the need for real-time risk assessments, and the integration of AI and machine learning in regulatory monitoring.

John also explores how Corlytics helps financial institutions navigate evolving regulations, including ESG metrics, and forecasts the future regulatory landscape. This episode offers valuable insights for professionals interested in compliance, risk management, and the role of technology in these fields.

Key Highlights:

Founding Corlytics and Its Mission
Real-Time Risk Assessment
Policy Management and Global Compliance
Impact of Current Events on Financial Institutions
The Rise of ESG in Financial Institutions
Future of Regulation and AI

Resources:

John Byrne on LinkedIn.

Tom Fox

Commercial Real Estate and the Housing Crisis: Affordable Housing - Challenges and Solutions

Thu, 25 Jul 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with some of the most innovative thinkers on an issue. I recently had the opportunity to do so, over a topic I have been thinking about for some time: the commercial real estate market post Covid and the US housing crisis. Over this three-part series we will introduce the problem and challenges around commercial real estate in the mid-2020’s; the future of where (and how) employees work and take a deep dive into the nation’s housing crisis and propose some solutions. In this special three-part series, I am joined by industry experts John Petrovski, Mike Flanagan, Bart Peterson, Walter Calhoun, Andrew Gay, and Gilbert Paiz to delve into the current state of commercial real estate. In this concluding Episode 3, we take a deep dive into the US housing crisis, the disconnect between employee salaries and affordable housing and discuss some solutions.

In this episode, industry experts discuss the challenges of affordable housing and the role of banks and government programs in addressing these issues. They highlight the inefficiencies of current programs, such as low-income housing tax credits, and propose a comprehensive, targeted approach similar to a Marshall Plan to increase affordable housing supply. The conversation also explores local government initiatives, innovative building techniques, and the complex dynamics of community acceptance. The episode concludes with insights into the personal impact of housing finance and the need for a multifaceted approach involving both public and private sectors.

Highlights and Issues

· Challenges in Affordable Housing

· Inefficiencies in Current Housing Programs

· Local Government Initiatives

· Innovative Housing Solutions

· Complexities of Homelessness and Housing

· Collaborative Approaches to Housing Affordability

Tom Fox

Commercial Real Estate and the Housing Crisis: Inflation, Future of Interest Rates and Financial Literacy

Wed, 24 Jul 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with some of the most innovative thinkers on an issue. I recently had the opportunity to do so on a topic I have been thinking about for some time: the commercial real estate market post-COVID and the US housing crisis. Over this three-part series, we will introduce the problem and challenges around commercial real estate in the mid-2020s, the future of where (and how) employees work, and take a deep dive into the nation’s housing crisis and propose some solutions. In this special three-part series, I am joined by industry experts John Petrovski, Mike Flanagan, Bart Peterson, Walter Calhoun, Andrew Gay, and Gilbert Paiz to delve into the current state of commercial real estate. In episode 2, we deeply dive into the impact of low interest rates post-2008 crash, advocating for higher fed funds rates to maintain economic stability. We also touch on inflation and how it is impacting the market.

Commercial real estate investment has long been lucrative, attracting investors with significant returns and diversification potential. Low interest rates previously created favorable borrowing conditions and boosted market values, but recent rate hikes have led to market corrections and investor uncertainty. Investors should consider entering the commercial real estate market during these corrections, as they present unique opportunities to acquire income-producing properties like office buildings, strip centers, and mini storage units. They highlight alternative investment vehicles like ETFs and mutual funds as lower-barrier entry points. They also emphasize financial literacy, highlighting the importance of long-term investing and cautious selection of financial advice. The episode concludes with thoughts on how the housing market affects different demographics and the need for innovative solutions.

Highlights and Issues

The Impact of Low Interest Rates
Financial Literacy and Long-Term Investing
The Role of Financial Advisors as Educators
Current inflation is a culprit

Tom Fox

Commercial Real Estate and the Housing Crisis: The Shifting Landscape of Commercial Real Estate

Tue, 23 Jul 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with some of the most innovative thinkers on an issue. I recently had the opportunity to do so on a topic I have been thinking about for some time: the commercial real estate market post-COVID and the US housing crisis. Over this three-part series, we will introduce the problem and challenges around commercial real estate in the mid-2020s, the future of where (and how) employees work, and take a deep dive into the nation’s housing crisis and propose some solutions. In this special three-part series, I am joined by industry experts John Petrovski, Mike Flanagan, Bart Peterson, Walter Calhoun, Andrew Gay, and Gilbert Paiz to delve into the current state of commercial real estate. In Episode 1, we deeply dive into the impact of rising interest rates and regulatory pressures on the market, the cultural shift towards remote work, and the potential for repurposing commercial properties.

The remote work trend has profoundly influenced the commercial real estate market, leading to a notable decrease in office space demand and sparking urban revitalization efforts. They ask whether the 20% decline in property values is a temporary phase rather than a precursor to a market crash. They note that the market’s dynamics can significantly differ based on specific buildings and locations, and he underscores the importance of being prepared for higher interest rates and down payment requirements. Investors should focus on long-term goals and diversify their portfolios to navigate these turbulent times effectively, ensuring sustained success in the evolving commercial real estate landscape. Their conversation underscores the importance of adaptability and diversification amid economic fluctuations.

Highlights and Issues

Current State of Commercial Real Estate
Impact of Work From Home
San Francisco’s Real Estate Transformation
Investment Strategies in Commercial Real Estate
Tourism and Hospitality in Indianapolis
Market Reactions and Long-Term Investment
Inflation and Interest Rates

Tom Fox

Anne van de Heetkamp - Exploring Global Trade Intelligence and AI Integration in Supply Chain Management

Tue, 16 Jul 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals must be ready for and embrace it. In this episode, Tom Fox visits Anne van de Heetkamp, Vice President of Product Management at Descartes, and discusses global trade compliance and the integration of AI in supply chain management.

They discuss Anne’s extensive career in global trade, Descartes’s comprehensive suite of supply chain management tools, and Anne’s specific role in the Global Trade Intelligence pillar. Key topics include the challenges companies face in regulatory compliance, the role of AI in mitigating supply chain disruptions, and the importance of data quality in leveraging advanced technologies for risk management. The conversation spans current automation levels, future AI evolution, and practical approaches to enhancing data transparency and compliance processes within the supply chain framework.

Key Highlights:

Anne’s Professional Journey
Global Trade Intelligence at Descartes
Microservices and Data Privacy
AI and Supply Chain Disruptions
Data Quality Issues in Compliance
Future of AI in Supply Chain Management

Resources:

Anne van de Heetkamp on LinkedIn

Tom Fox

Arthur Mueller on Harnessing AI to Transform Financial Crime Compliance

Wed, 10 Jul 2024 11:42:13 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. In this episode, Tom Fox visits with Arthur Mueller, a thought leader in compliance and financial crime prevention. We take a deep dive into the topic of financial crime prevention and the use of generative AI in this edition of Innovation in Compliance.

Arthur Mueller has over 20 years of experience in anti-financial crime programs across various institutions. He explains his current role at WorkFusion, where he leverages AI and machine learning to enhance compliance programs. The discussion encompasses the evolution of AML practices, the role of digital workers like Tara in automating routine tasks, and the benefits of AI in improving risk management, efficiency, and worker satisfaction in financial services. Arthur provides real-life examples of how AI can help mitigate risks, streamline operations, and enhance employee productivity and retention.

Key Highlights

Evolution of AML and Financial Crime Programs
WorkFusion's Role in Financial Crime Prevention
Digital Workers and AI in Compliance
Adverse Media Screening and Automation
Introducing Tara: The Digital Payment Screening Analyst
The Future of AI in Financial Crime Compliance

Resources:

Arthur Mueller on LinkedIn

Tom Fox

Lisa Levy - Succession Planning and The Evolving Workforce: From Millennials to Gen Z

Tue, 25 Jun 2024 10:37:36 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it.

In this episode, Tom Fox visits with Lisa Levy, a thought leader renowned for her expertise in addressing succession planning challenges. We take a deep dive into this topic on this edition of Innovation in Compliance.

Lisa believes that succession planning in 2024 is more important than ever due to the complexities introduced by having five generations in the workforce, each with diverse expectations and work ethics. Lisa advocates for embedding succession planning into company culture as a strategic, intentional exercise that involves understanding employees' skills, aspirations, and institutional knowledge to nurture and grow talent internally. She champions the use of technology, such as AI tools, to personalize growth plans and emphasizes the need for continuous evaluation, transparency, and communication to implement a successful succession planning framework, ensuring organizational resilience and smooth leadership transitions.

We discuss how the younger generations, including millennials and Gen Z, have shifted the employment paradigm by seeking roles that align with their values. Lisa reflects on their own journey of becoming 'wholly unemployable' over 15 years and highlights how Gen Z entered the workforce during the pandemic, taking on gigs like Uber and DoorDash as traditional roles were shut down. This generational shift shows a move towards prioritizing personal fulfillment over conventional job security.

Key Highlights:

Lisa Levy on her Unemployable Journey
Millennials and Value-Driven Careers
The Paradigm Shift in Employment
Gen Z's Workforce Entry During the Pandemic

Resources:

Lisa Levy on LinkedIn

The Preferred Disruption and Innovation Catalyst

Tom Fox

Jennifer Arnold on Optimizing Financial Crime Detection with Minerva

Tue, 18 Jun 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. In this episode, Tom Fox visits with Jennifer Arnold, a seasoned anti-money laundering (AML) professional. Jennifer is a co-founder of Minerva, the sponsor of this episode. Minerva is an innovative investigation and screening platform.

Minerva is an invaluable tool for financial investigators, enabling quick and efficient data analysis to support informed decision-making. She discusses Minerva’s capability to search for critical data, such as adverse media and criminal activity, enhancing the investigator’s role through automation and speed. By combining the expertise of skilled investigators with advanced data science, Minerva significantly maximizes the effectiveness of AML investigations in today’s data-rich environment.

We take a deep dive into how Minerva integrates AI into its processes for detecting financial crime. The technology employs simple data aggregation to target relevant data sources, performing entity resolution for a nuanced and accurate view of clients. This approach minimizes false positives, streamlines work for the Financial Intelligence Unit and ensures that information examined is meaningful and precise.

Key Highlights:

Introduction to Minerva’s AI Integration
Data Aggregation and Intelligence
Entity Resolution and Contextual Data
Accurate Client Risk Assessment
Reducing False Positives

Resources:

Jennifer Arnold on LinkedIn

Tom Fox

Lori Darley on Conscious Leadership

Tue, 11 Jun 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it.

In this episode, Tom Fox interviews Lori Darley, a former professional dancer and current leadership coach.

Lori shares her career evolution from dance to founding Conscious Leaders, a coaching firm specializing in leadership development. She discusses the principles of self-awareness, personal responsibility, and the clearing process, which are central to her coaching philosophy.

Lori also emphasizes the importance of intentional leadership in fostering a positive corporate culture and touches on her experience in the compliance arena. Additionally, she talks about her book, ‘Dancing Naked,’ which explores her journey and insights as a conscious leader.

Key Highlights:

Lori Darley’s Professional Journey
What is Conscious Leaders?
The Clearing Process Explained
Conscious Leaders Wisdom Circle
Impact on Corporate Culture
Generational Tensions and Coaching Benefits

Resources:

Lori Darley on LinkedIn

Tom Fox

Harnessing AI in Life Sciences with Matt Lowe from Master Control

Tue, 04 Jun 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it.

Curious about Compliance as a Service and AI integration? If so, this episode is for you as Tom Fox interviews Matt Lowe, Chief Strategy Officer at MasterControl.

Matt shares his professional background, details MasterControl’s role in the quality management and life sciences markets, and discusses the company’s incorporation of AI in their software solutions.

The conversation delves into how AI is transforming compliance and quality assurance in the life sciences, the benefits and challenges of implementing AI, and the future outlook of AI in the industry.

Matt also touches on risk-based approaches to AI deployment and the evolving discussions around AI in industry consortia.

Key Highlights:

Incorporating AI in Compliance Training
Generative AI in Quality Management
Quality Assurance and Compliance
AI’s Role in Compliance and Risk Management
Implementing AI in Life Sciences
Future of AI in Life Sciences

Resources:

Matt Lowe on LinkedIn

Tom Fox

Paige Hanson and Brandon Woolf on Compliance as a Service and Affordable GRC Software for SMBs

Tue, 28 May 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Curious about Compliance as a Service and AI integration? Well, this episode is for you, as I have Paige Hanson and Brandon Woolf, co-founders of SecureLabs, discuss not only how AI technology can revolutionize compliance but also how the use of AI systems in Compliance as a Service is set to revolutionize the regulatory landscape.

Paige Hanson and Brandon Woolf are seasoned cybersecurity professionals. Hanson’s perspective, shaped by her role in developing a national training program for law enforcement and co-founding SecureLabs, emphasizes the importance of integrating security and compliance within organizations to foster a security-first culture and facilitate cross-departmental communication. She envisions a future where advanced AI systems enhance security environments and advocate for auditable processes for small to medium-sized enterprises.

Woolf, with his background in diverse cybersecurity roles, advocates for the integration of security and compliance within an organization. He highlights the importance of having a wide range of frameworks available to cater to the diverse needs of different industries and clients and sees a growing trend, especially for SMBs, in compliance as a service due to increasing security threats.

Key Highlights:

SecureLabs: Affordable GRC Software for SMB Compliance
Enhancing Organizational Culture Through Security Integration
Cybersecurity Compliance Benefits through Auditable Processes
Compliance Audits: Minimizing Fines Through Documentation
AI-driven Compliance Solutions for Enhanced Security

Resources:

Paige Hanson on LinkedIn

Brandon Woolf on LinkedIn

Tom Fox

Making Compliance Training Memorable: Gamechanger 4 – Make Learning Playful

Fri, 24 May 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with one of the innovative thinkers in compliance, Carsten Tams to find out what is on his mind regarding compliance. Tom Fox recently had the opportunity to do so on the topic of making compliance training memorable. Over this short, five-part series, we will introduce the problem and challenges and then provide you with four proven strategies for success in your compliance training.

In this concluding Episode 5, we discuss how making ethics and compliance training playful can enhance learning.

Our learning brain likes games. When people shift into a playful state of mind, they immerse themselves more deeply into the learning activity. Their mood brightens, their mind opens up, and they are intensely focused and more receptive to new information. Playful learning supports a deeper understanding of concepts, better recall of knowledge, and better transfer of skills to novel problems.

They explore the concept of the ‘Magic Circle’ in gaming, which engenders an immersive, playful state of mind that fosters openness and engagement. By employing game-based learning experiences like the ‘Ethics Kit Find Your Path’ card game, the discussion showcases how ethical scenarios can be addressed in an interactive, fun way.

Through the use of commitment, action, and resource cards, employees engage in collaborative problem-solving related to their organization’s ethical dilemmas. The episode emphasizes the importance of experiential, social, and strength-based learning, arguing that an engaging user experience (UX) in training not only makes learning enjoyable but also more effective in reinforcing ethical behaviors within organizations.

Highlights and Key Issues Discussed:

Introducing Playful Learning in Ethics and Compliance
The Magic Circle: A Concept for Playful Learning
Implementing Playful Learning: The Ethics Kit Card Game
Benefits and Outcomes of Playful Learning Experiences
Expanding Playfulness Beyond Games: Engaging Training Delivery
Key Takeaways from the Series

Resources:

Suggested Readings

Zosh, J. M., Hopkins, E. J., Jensen, H., Liu, C., Neale, D., Hirsh-Pasek, K., Solis, S. L., & Whitebread, D. (2017). Learning through play: a review of the evidence (white paper). The LEGO Foundation, DK.
Parker, Rachel & Thomsen, Bo & Berry, Amy. (2022). Learning Through Play at School – A Framework for Policy and Practice. Frontiers in Education. 7. 10.3389/feduc.2022.751801.

Carsten Tams on LinkedIn

Tom Fox

Making Compliance Training Memorable: Gamechanger 3- Make Learning Social

Thu, 23 May 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with one of the innovative thinkers in compliance, Carsten Tams to find out what is on his mind regarding compliance. I recently had the opportunity to do so on the topic of making compliance training memorable. Over this short five-part series we will introduce the problem and challenges and then provide you with four proven strategies for success in your compliance training. In this Episode 4, we discuss making learning social and collaborative so that learners work together to search for understanding, meaning, or solutions.

Social learning refers to learning with each other, from each other, and about each other. Social Learning Theory tells us that a lot of learning consist of observing and emulating others. Collaborative learning also affords participants with the opportunity to gain unique insights and skills. Cooperative learning allows participants to develop their social-emotional and interpersonal skills. They can practice ethical voice, simply by discussing an ethical situation with each other.

Tom and Carsten explore the concept of social learning, referencing theories by Lev Vygotsky on social constructivism and Albert Bandura on vicarious learning and self-efficacy, to explain how behaviors and ethical values are acquired through social interaction. They emphasize that learning ethics and compliance can be more effective in a social context, whether it is through discussing ethical dilemmas, observing others' behaviors, or learning from shared experiences. The dialogue also touches on the importance of building social capital through ethical discussions, which helps in crafting solutions to ethical challenges as a team. Furthermore, they argue that every aspect of work has an ethical dimension and that recognizing the ethical implications of seemingly minute actions can significantly contribute to an organization's ethical resilience. The episode concludes with anticipation for the next episode focusing on making compliance training fun.

Highlights and Key Issues Discussed

· Introduction to Social Learning in Ethics and Compliance

· Exploring Social Learning Theory

· The Impact of Social Learning on Ethical Behavior

· Social Learning's Role in Organizational Culture

· Practical Examples of Social Learning in Action

· Deep Dive into Safety and Ethics in the Workplace

Resources

Articles and Books

· Boyd, R., Richerson, P. J., & Henrich, J. (2011). The cultural niche: Why social learning is essential for human adaptation. Proceedings of the National Academy of Sciences, 108(Supplement_2), 10918–10925. doi:10.1073/pnas.1100290108

· Reed, M., Evely, A. C., Cundill, G., Fazey, I., Glass, J., Laing, A., Newig, J., Parrish, B., Prell, C., Raymond, C., & Stringer, L. C. (2010). What is social learning? Ecology and Society, 15(4), [r1].

· Marjan Laal, Seyed Mohammad Ghodsi, Benefits of collaborative learning, Procedia - Social and Behavioral Sciences, Volume 31, 2012, Pages 486-490, ISSN 1877-0428, https://doi.org/10.1016/j.sbspro.2011.12.091.

· Bandura, A. (1977). Social learning theory. Englewood Cliffs, NJ: Prentice Hall.

· Bauman, Z. (2000). Special essay. Am I my brother’s keeper? European Journal of Social Work, 3(1), 5–11. doi:10.1080/714052807

Carsten Tams on LinkedIn

Tom Fox

Making Compliance Training Memorable: Gamechanger 2- Make it Experiential

Wed, 22 May 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with one of the innovative thinkers in compliance, Carsten Tams to find out what is on his mind regarding compliance. I recently had the opportunity to do so on the topic of making compliance training memorable. Over this short five-part series we will introduce the problem and challenges and then provide you with four proven strategies for success in your compliance training. In this Episode 3, we discuss the concept of experiential learning as a gamechanger to enhance overall learning scope, motivation, retention and transfer; emphasizing its importance over conventional learning methods.

Experiential learning means learning by doing. When we are passive learners in front of a screen, clicking on the forward button or checking boxes, learning remains shallow. Experiential ethics learning is not simply about feeding abstract information about an ethics topic into learners’ minds. It is instead about the tight coupling of thinking with doing. An experiential learning activity is about posing a problem that is relevant to the learner. It is then up to the learner to tap into their existing knowledge, to use their ingenuity and creative problem-solving skills to find a feasible solution for the problem at hand.

Using practical examples, Carsten explains how experiential learning engages learners in problem-solving and hands-on experiences, leading to better retention and application of knowledge. They explore the historical roots of the concept, drawing from thinkers like Aristotle, Confucius, John Dewey, and modern cognitive research. The discussion also covers ways to implement experiential learning in organizational settings, addressing potential concerns about documenting these methods for regulatory compliance.

Highlights and Key Issues Discussed

· Introduction to Experiential Learning in Compliance and Ethics Training

· Exploring the Basics of Experiential Learning

· Applying Experiential Learning in Compliance and Ethics

· Historical Context and Theoretical Foundations of Experiential Learning

· Practical Implementation and Documentation for Compliance Professionals

Resources

Carsten Tams on LinkedIn

Emagence Consulting

For Additional Reading

· Dewey, J. (1938). Experience and education. New York: Simon and Schuster.

· Kolb, D.A. (2015). Experiential Learning: Experience as the Source of Learning and Development, 2nd Ed. New York, NY: Pearson.

· Burch, G. F., Giambatista, R., Batchelor, J. H., Burch, J. J., Hoover, J. D., & Heller, N. A. (2019). A Meta‐Analysis of the Relationship Between Experiential Learning and Learning Outcomes. Decision Sciences Journal of Innovative Education, 17(3), 239–273. doi:10.1111/dsji.12188

Tom Fox

Making Compliance Training Memorable: Gamechanger 1-Focus on Strengths

Tue, 21 May 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with one of the most innovative thinkers in compliance; Carsten Tams, to find out what is on his mind regarding compliance. I recently had the opportunity to do so on the topic of making compliance training memorable. Over this short five-part series we will introduce the problem and challenges and then provide you with four game changing strategies you can employee for success in your compliance training. In this Episode 2, we discuss the concept of focusing on strengths within compliance and ethics training, as opposed to traditional deficit-based methods that highlight potential misconduct.

When we instruct people about prohibited behaviours, and how the company detects and discipline misconduct, employees often feel mistrusted and alienated. They tune out. This is deficit-based learning. It approaches the learner as a risk factor or potential delinquent. It aims to constrain unwanted behaviour. When employees can learn how to effectively shape and safeguard the ethical workplace they aspire to, they feel inspired and tune in. This is strength-based training. It approaches the learner as a valued partner in maintaining integrity. It assumes that people have capabilities, It aims at eliciting and strengthening the positive ethical faculties already present in most people.

Tom and Carsten urge a shift in perspective so that learners are viewed as valued partners, drawing upon the principles of self-affirmation theory and strength-based approaches found in various sectors like healthcare and education. This approach aims to engage learners by acknowledging and enhancing their capabilities, ethical values, and problem-solving skills, thus fostering a sustainable ethical culture within organizations. Examples of successful applications of this approach, including innovative training methods and programs like UNESCO’s card game and the 'Giving Voice to Values' curriculum, are highlighted. The conversation underscores the importance of designing training that not only prevents misconduct but also supports and develops employees' strengths, thereby enhancing overall company culture.

Highlights and Key Issues Discussed

· The Problem with Deficit-Based Training Approaches

· The Power of a Strength-Based Approach

· Real-World Applications and Success Stories

· Practical Steps Towards Strength-Based Training

· Building a Sustainable Ethical Culture

Resources

Books and Articles

Saleebey, D. (Ed.). (2009). The Strengths Perspective in social work practice (5th ed.). Boston: Allyn and Bacon.
Pulla, Venkat. (2012). What are Strengths based Practices all about?
Banaji, M., & Dobbin, F. U. (2023, September 17). Why DEI training doesn’t work—and how to fix it. The Wall Street Journal. Retrieved March 11, 2024
Dobbin, F., & Kalev, A. (2022). Getting to diversity: What works and what doesn’t. The Belknap Press of Harvard University Press.

Carsten Tams on LinkedIn

Tom Fox

Making Compliance Training Memorable: The Problem

Mon, 20 May 2024 05:00:00 -0000

There is not much I enjoy more than sitting down with one of the most innovative thinkers in compliance; Carsten Tams, to find out what is on his mind regarding compliance. I recently had the opportunity to do so on the topic of making compliance training memorable. Over this short five-part series we will introduce the problem and challenges and then provide you with four game changing strategies you can employee for success in your compliance training. In this Episode 1, we provide the lay of the land, explain when ethics training needs some fresh ideas, some of the challenges ethics training is facing and conclude with a summary of the solutions do we see.

Tom and Carsten take a deep dive into why traditional E&C training often fails to engage employees and lacks impact on their behavior, despite significant investments. This episode sets up the problem by exploring the historical context of E&C training, the difference between European values-focused and American rules-regulation approaches, and how these methods have evolved.

Their discussion highlights several barriers to effective training, including training being seen as a checkbox exercise, the deficit-focused nature, passive learning methods, isolation, and a lack of playfulness. They also touch on the promising findings that training can be effective when it delivers a positive user experience, emphasizing the need for innovative approaches to improve engagement and behavioral impact. The podcast series aims to explore solutions and strategies for making E&C training more engaging and effective, grounded in four proven principles of learning design.

Highlights and Issues

· Introduction to the Series on Ethics and Compliance Training

· Identifying the Problem with Current Ethics and Compliance Training

· Exploring the Ineffectiveness of Traditional Training Approaches

· The Four Engagement Killers in Compliance Training

· Towards a More Effective Training Approach: Preview of Upcoming Episodes

Resources

Articles

Dvorak, N. (2021, November 10). 4 Hard Truths About Ethics and Compliance Training
Fosway Group. (2023). Digital Learning Realities 2023
Fredeen, I. (2019, June 19). Do Your Expectations Align with Reality — Why Compliance Training Needs More Attention

Carsten Tams on LinkedIn

Tom Fox

Steve Brown on AI Integration for Evolving Compliance Challenges

Tue, 14 May 2024 05:00:00 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Today, I visit with Steve Brown, Managing Director, Head of Business Development at StarCompliance, sponsor of this podcast. We take a deep dive into utilizing AI, machine learning, and generative AI for compliance prevention, detection and much more.

Steve Brown has maintained a lengthy career in the compliance industry, currently holding the position of Head of Business Compliance and Business Development at StarCompliance. Throughout his career of over two decades, he has served in important roles in investment banking compliance and advised global firms on risk and regulatory issues.

StarCompliance, a company that specializes in employee compliance software across 117 countries. They delve into the importance of compliance culture within corporations, the role of technology in enhancing compliance efforts, and the unique perspective Brown brings to technology solutions from his extensive compliance background. They also touch upon the significance of a comprehensive compliance solution and the future of compliance technology, including the potential applications of AI, machine learning, and data analytics to anticipate and navigate regulatory challenges.

Key Highlights:

Global Ethics Compliance Solutions by Star Compliance
AI Integration for Evolving Compliance Challenges
Data-Driven Compliance Culture Enhancement Solutions
Ethical Culture through Integrated Compliance Analytics

Resources:

Steve Brown on LinkedIn

Tom Fox

Sue Bingham on Fostering Trust and Transparency in Organizational Culture

Tue, 07 May 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it.

Today, Tom Fox visits Sue Bingham, Founder and Principal of HPWP Group. She helps visionary, courageous leaders create a high-trust culture of adult communication and high expectations that results in attracting and retaining truly great people.

Sue Bingham has a unique perspective on compliance in the workplace, shaped by her vast experience and passion for nurturing positive work environments. Anchored in the principles of trust, value, and respect, she advocates for a shift from the conventional approach to compliance, which often entails a litany of rules, to one that promotes positive assumptions about employees.

Bingham believes that while compliance is crucial for legal requirements and operational changes, it should not be at the expense of treating employees as valuable adults deserving of respect and dignity. Her conviction that a culture of trust and positive assumptions can drive behavioral change at work is reflected in her book “Creating a High-Performance Workplace,” a testament to her commitment to fostering effective leadership and high-performing workplaces.

Key Highlights:

Trust-Based Approach for High Performance Culture
Fostering Trust and Valuing Employees for Success
Developing Commitment and Accountability in the Workplace
Balancing Compliance and Commitment in Organizations

Resources:

Sue Bingham on LinkedIn

HPWP Group

Creating the High Performance Work Place on Amazon.com

Tom Fox

Matt Kunkel and Nicholas Kathmann on Dynamic GRC Systems with AI-driven Controls

Tue, 30 Apr 2024 11:03:00 -0000

Innovation comes in many forms, and compliance professionals must be ready for and embrace it. Today, I visited with Matt Kunkel, CEO of LogicGate, and Nick Kathmann, CISO at LogicGate, to consider how a dynamic GRC can help drive efficiency, compliance, and profitability.

With a background in business analysis and self-taught coding, Kunkel identified a need for a more comprehensive and user-friendly approach to governance, risk, and compliance (GRC) solutions, leading to the creation of Logic Gate. The platform was designed to meet businesses’ evolving needs without requiring constant developer intervention, utilizing a flexible data model and advanced graph database technology for superior efficiency.

Kathmann, with over 20 years of experience in security and compliance, stresses the importance of industry expertise in delivering effective solutions, focusing on ensuring the platform meets the highest security standards and adapts to changing business requirements seamlessly. Kunkel and Kathmann’s perspectives highlight the crucial role of innovative technology in simplifying GRC processes and addressing the complex regulatory, risk, and compliance needs of organizations.

Key Highlights:

Adaptive Logic Gate Platform for GRC
Harnessing Data for Strategic Compliance Oversight
Real-time Risk Optimization for Business Growth
Cyber Risk Alignment Between CISO and CEO
Executive Level Engagement for Cybersecurity Strategy
Tailoring Risk Communication to Stakeholder Priorities
Dynamic GRC Systems with AI-driven Controls

Resources:

Matt Kunkel on LinkedIn

Nick Kathmann on LinkedIn

Tom Fox

Staci Wright on Compassionate Workplace Solutions: The Heart Profit Movement

Tue, 16 Apr 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Staci Wright, a leader in the heart-profit movement.

Staci Wright is a seasoned entrepreneur with a diverse portfolio of six successful businesses, ranging from service-based to product-based ventures, established over the past two decades. Her perspective on the “heart profit movement” is rooted in her belief in the power of compassion, care, and connection in the workplace to not only enhance productivity but also address important societal issues.

This perspective is born from her experience leading “IP2Market,” a company that merges manufacturing patented products with a focus on building brands that prioritize employees’ welfare.

As the founder of the Heart Profit movement, Staci has implemented initiatives like onsite childcare, meals, and mental health coaching in her workplaces, embodying her view that a supportive environment allows employees to flourish rather than merely survive. This approach to business, she believes, fosters a more compassionate era where profit does not come at the expense of employee care.

Key Highlights:

Footrest-Inspired Self-Care Products for Bath Time
Compassionate Workplace Culture Initiative
Employee Wellbeing Initiatives in Manufacturing
Cultivating Compassionate Work Environments for Success
Compassionate Workplace Solutions: Profit with Heart

Resources

Staci Wright on LinkedIn

Tom Fox

Susan K. Younger: Relationship Architect

Tue, 09 Apr 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it.

Today, Tom Fox visited Susan K. Younger, a self-styled ‘relationship architect. Find out how her strategies will help you to drive your corporate culture.

Susan K. Younger, an expert with a diverse background in architecture and massage therapy, has carved a unique path in her career by integrating practices from both fields. She views transformative leadership as a dynamic process to adapt and evolve in accordance with changing times. Her perspective is influenced by her unique professional journey, from retail architecture to a holistic approach to body structures and environmental spaces.

Susan believes in the importance of openness to new ideas and perspectives, considering different viewpoints, and willingness to modify processes for better outcomes. For her, the essence of transformative leadership lies in staying curious and receptive, thereby driving positive change within organizations.

Key Highlights:

What is a relationship architect?
Interpersonal Structure Builder
Cultural Values in Multinational Transformative Leadership
Proactive Contributors Fostering Positive Work Culture
Understanding Value Perspectives for Compliance Engagement
Enhancing Workplace Collaboration Through Generational Values

Resources:

Susan K. Younger on LinkedIn

Susan K. Younger website

Tom Fox

Glenn Andrew on Allstar Leadership

Tue, 02 Apr 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it.

Today, Tom Fox visited Glenn Andrew on his initiative, Allstar Leadership.

Glenn Andrew is an accomplished professional with an extensive background in ocean engineering and business leadership, marked by his initial experience in submarine building and subsequent progression into leadership roles.

Andrew subscribes to the belief that self-leadership is a fundamental process that individuals must master before they can effectively lead others. He views self-leadership as a continuous journey, not a final destination, emphasizing the development of skills such as managing overwhelm, clarifying goals, and honing emotional intelligence.

His views are influenced by his professional experiences and his personal transformation, including the recent achievement of losing 53 pounds, a testament to his conviction in the role of physical health in effective self-leadership.

He underscores the importance of continuous learning, effective communication, vision-sharing, and a focus on long-term impact in both personal and professional spheres as the cornerstones of successful leadership.

Key Highlights:

Enhancing Leadership Through Self-Management Journey
Physical Well-being for Effective Leadership
Leadership Impact through Lifelong Learning Journeys
Biological-Based Communication Style Assessment Tool

Resources:

Glenn Andrew on LinkedIn

Tom Fox

Matt DeLauro on Enhanced Efforts Against Financial Crimes

Tue, 26 Mar 2024 05:00:00 -0000

Innovation takes many forms, and compliance professionals must be ready for and embrace it.

Today, Tom Fox visited with Matt DeLauro, SEON’s Chief Revenue Officer. Matt discussed the SEON software solution for fraud risk and anti-money laundering.

Matt DeLauro is a financial industry veteran with over two decades of experience specializing in developing and implementing software solutions for various financial entities. With a focus on financial services and fintech, he currently serves as the chief revenue officer at SEON, a company dedicated to fraud prevention and anti-money laundering (AML) technology.

DeLauro’s perspective on AML regulations stems from his deep understanding of the fraud community’s interconnected nature and the increasing importance of AML measures due to factors like international conflicts and national security threats.

He emphasizes the need for real-time detection services and robust compliance controls in the face of evolving threats, highlighting the impact of sanctions and sanctioned individuals on the need for enhanced compliance.

Ultimately, DeLauro views AML as a critical tool in combating financial crimes and preserving the integrity of the global financial system.

Key Highlights:

Enhanced Efforts Against Financial Crimes
Real-time Fraud Detection in Financial Services
Automating SAR Generation with Machine Learning
Real-time Fraud Detection through Device Fingerprinting
Sub secondary Detection of Fraudulent Transactions in Real-Time

Resources:

Matt DeLauro on LinkedIn

Tom Fox

America’s Story at 250 with America’s Storyteller, Jeff Gould

Tue, 19 Mar 2024 11:05:34 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited with Jeff Gould, who is America’s storyteller, on his upcoming project for America’s semi-quincentennial birthday celebration in 2026, America’s Story 250.

Jeff Gould is lauded as America's storyteller. He is honing the story of America at 250 in 2026 through his project, America at 250. Gould's perspective on American history is one of profound reverence and recognition for the country's narrative, viewing it as a remarkable tale among governmental histories.

His perspective is heavily influenced by the opportunities he sees for individuals to combat injustice and foster a fairer system, a theme ingrained in his work with America 250. He places substantial emphasis on acknowledging the flaws and mistakes of historical figures yet, concurrently, underscores the potential that the country and its people hold for growth and progress. Through this lens, Gould sees American history as a symbol of hope and freedom, and thus, he constantly challenges individuals to uphold and perpetuate these values for future generations.

Key Highlights:

Celebrating America's 250-year Journey
Reviving American Heritage Through America’s Story
Democratic Ideals: From Tyranny to Resilience
Founding Fathers' Longevity in Constitutional Design
Leaders who have shaped American identity throughout history

Resources:

Jeff Gould on LinkedIn

I Like That Story

America’s Story 250

Tom Fox

Onno Koelman on Mastering The Art of Effective Leadership

Tue, 12 Mar 2024 05:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Onno Koelman to talk about leader development up and down the organization as well as through a multi-generational workforce.

Onno Koelman is a seasoned professional with a robust background in leadership development and training and the founder of Dynamic Leader Development. Koelman’s perspective on leadership development and training is centered on dynamic growth and adaptation, emphasizing the importance of vertical development. His experiences working closely with organizations, including collaborating with key leaders such as a Chief Technology Officer, have shaped his belief that leadership training should go beyond traditional methods and instead focus on developing a more sophisticated way of filtering the world and being less reactive. He also highlights the importance of clarity, a supportive climate, and the right competence within teams to build high-performing teams. Furthermore, Koelman acknowledges the complexity of leading multigenerational teams and suggests that leaders should understand and cater to the different motivations and responses of team members from different generations.

Key Highlights:

Vertical Growth in Adaptive Leadership Development
Transitioning to Management: Developing Coaching Skills
Balancing Task-Oriented and Relationship-Based Leadership Model
Fostering Clarity, Support, and Competence in Teams
Influential Shadow: Understanding Leaders’ Impact

Resources:

Onno Koelman on LinkedIn

Dynamic Leader Development

Tom Fox

Keith Laska - Bitcoin: Investment or Monetary System?

Tue, 05 Mar 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Keith Laska to talk about his work in the realm of bitcoin and as a blockchain educator.

Keith Laska, a professor at Fordham University and founder of Learn Bitcoin, says that Laska’s perspective on bitcoin is that it can serve as both an investment and a monetary system, depending on the individual’s location and use case.

In the United States, he sees bitcoin as a high-growth investment that can outpace inflation, while in countries with high inflation rates like Argentina, Turkey, or Lebanon, he views bitcoin as a more stable and reliable monetary system compared to their local currencies.

This dual perspective is shaped by his extensive experience and dedication to staying at the forefront of the evolving field of bitcoin and blockchain.

Key Highlights:

Evolution of Bitcoin from 2009 to ETFs
Blackrock’s Successful Spot Bitcoin ETFs Approval
Enhancing Compliance with Blockchain Contracts and AI
Fluency in Bitcoin: Educating Future Industry Professionals

Resources:

Keith Laska on LinkedIn

Tom Fox

From Martial Arts to Business Success: Ernesto Gerardo’s Journey

Tue, 27 Feb 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Ernesto Gerardo, a serial entrepreneur who is helping veterans with finance and housing.

Ernesto Gerardo is a seasoned professional with a diverse background in martial arts, business, and coaching. His perspective on his journey from martial arts to real estate investment and veteran coaching is shaped by his unique career trajectory, starting as a martial artist and gym owner, transitioning into the business world, and now running multiple successful ventures. Ernesto leverages his expertise in real estate investment and entrepreneurship to coach and educate clients, including veterans and aspiring entrepreneurs. He is passionate about empowering veterans through his Military Millionaires program, providing resources and support in areas such as real estate investment, financial planning, mental health services, and job placement.

Join Tom Fox and Ernesto Gerardo on this episode of the Innovation in Compliance podcast to learn more about Ernesto’s journey and his insights on real estate investment and veteran coaching.

Key Highlights:

From Martial Arts to Business Success
Leveraging Personality Traits for Real Estate Success
Optimizing Veteran Benefits for Financial Success
Empowering Veterans to Build Wealth and Stability

Resources:

Ernesto Gerardo on LinkedIn

The Military Millionaires

Tom Fox

Jay Rosen on Navigating Ethics and Compliance Challenges Through Self - Monitoring

Tue, 20 Feb 2024 12:16:00 -0000

Innovation comes in many forms, and compliance professionals must be ready for and embrace it. Today, I visited with well-known compliance professional Jay Rosen to discuss how companies can improve their compliance programs through self-monitoring.

Jay Rosen is a seasoned professional with a background in investment banking and a keen interest in ethics and compliance programs. Rosen’s in-depth analysis of FCPA enforcement actions over the past ten years shaped his perspective on ethics and compliance programs. He believes companies should consider their internal setup before hiring a third party for assistance. He suggests that while an outside perspective can sometimes lead to a deeper investigation, a mature ethics and compliance program with sufficient in-house resources can also be effective. Rosen emphasizes the importance of objectivity in these programs and proposes a compromise of working with a fractional monitor if the company lacks the necessary headcount. He sees the increasing use of data analytics and self-reporting as key factors in improving ethics and compliance efforts within organizations.

Resources:

Jay Rosen on LinkedIn | Twitter

Tom Fox

Jeff Grant on The 400th Meeting of The White Collar Support Group

Tue, 13 Feb 2024 11:53:33 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Jeff Grant, a compassionate leader and the founder of a white collar support group, a platform dedicated to assisting individuals prosecuted for white collar crimes and their families.

Jeff’s perspective on the importance of such support groups is shaped by his extensive experience going through the full white collar criminal experience, including jail, disbarment, release, and recovery. He has organized over 400 meetings, creating a safe space for individuals to share their experiences and challenges. Jeff views these groups as a vital resource, filling a significant gap in the criminal justice system by providing knowledge, empathy, and compassion to those who have been isolated and stigmatized. His advocacy for the rights and leniency of individuals prosecuted for white collar crimes is driven by his desire to bring their complex human tragedies to light and promote noncustodial sentences for low-level and nonviolent crimes. Through his work, Jeff continues to expand the impact of these support groups, viewing them as a lifeline for those navigating the challenges of white collar crimes.

Key Highlights:

The 400th Meeting
Supporting Families of White Collar Criminals
Transforming Lives Through Spiritual Guidance
Supporting White Collar Crime Victims and Advocacy

Resources:

Jeff Grant on LinkedIn | Twitter

Tom Fox

Dr. Karen Jacobson on Uncovering The Impact of Behavior

Tue, 30 Jan 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Dr. Karen Jacobson, a renowned expert in organizational leadership and communication.

Dr. Jacobson brings a unique perspective to her work, shaped by her diverse experiences ranging from serving in the military in Israel to running chiropractic offices in New York and Arizona. Dr. Jacobson’s holistic approach to organizational leadership and communication is rooted in her belief that work positioning, repetitive movements, and physical challenges are all interconnected and can impact the overall functioning of an organization. Drawing from her experiences in war, military, healthcare, and even competitive amateur ballroom dancing, she emphasizes the importance of core human connection skills such as conflict reduction, effective communication, and motivation. Her background as a chiropractor also gives her insights into understanding people and their behavior, including habits that affect posture and confidence. Join Tom Fox and Dr. Karen Jacobson on this episode of Innovation in Compliance.

Key Highlights:

Understanding behavioral styles is crucial for effective communication in the workplace.
Adapting communication for different generations and cultural differences is essential for effective workplace communication.
Effective leadership outside the United States requires understanding and respecting different cultures and customs.
Understanding personal strengths and leading with them can lead to more effective leadership.

Resources:

Karen Jacobson

Tom Fox

Steve Vincze on Building Trust: Overcoming Challenges as an Outsider

Tue, 16 Jan 2024 06:00:00 -0000

Steve Vincze is a seasoned professional with a rich background as an in-house corporate commercial compliance lawyer, specializing in building trust and implementing compliance programs in businesses. His perspective on the subject is rooted in the belief that developing a human connection is key to building trust and implementing successful compliance programs. Drawing from his experience, including being recruited by Tap Pharmaceuticals to implement their first compliance program, he emphasizes the importance of modeling the behavior he wants from others and creating an environment where people feel comfortable sharing. He views compliance programs as tools to empower individuals rather than restrict them, and he strives to change the perception of compliance by demonstrating that it can be a tool for confidence and success. Join Tom Fox and Steve Vincze on this episode of the Innovation in Compliance podcast to learn more about his unique approach.

Key Highlights:

Establishing Trust through Human Connection
Experienced Professionals Providing Comprehensive Consulting Solutions
Expert Compliance Program Implementation Services
The Impact of Artificial Intelligence on Data Security

Resources:

Steve Vincze on LinkedIn

Trestle Compliance

Tom

Caroline Shleifer: Revolutionizing Regulatory Intelligence with Technology

Tue, 09 Jan 2024 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Caroline Shleifer, founder and CEO of RegAsk. Caroline Shleifer is a seasoned professional with a rich background in healthcare, law, and regulatory affairs, boasting a PharmD PhD and a health law degree. Her perspective on "emerging technologies enhancing regulatory intelligence and compliance" is shaped by her extensive experience in the EU, US, and Asia and her role as the founder of RegAsk, a company that leverages technology to address compliance challenges. She believes that technologies such as AI, machine learning, blockchain, and data analytics are revolutionizing regulatory monitoring, enabling faster and more accurate interpretation of regulatory information, and fostering a more proactive approach to compliance. Her goal with RegAsk is to digitize and streamline the regulatory intelligence process, reducing the risk of non-compliance and fostering innovation. Join Tom Fox and Caroline Shleifer as they delve deeper into this topic on this episode of Innovation in Compliance.

Key Highlights:

• Proactive Compliance through Regulatory Intelligence Automation

• Streamlining Regulatory Compliance with AI

• Leveraging Data Analytics for Proactive Compliance

• Revolutionizing Compliance with Emerging Technologies

Resources:

Caroline Shleifer on LinkedIn

Tom Fox

Jag Lamba on Simplifying Data Analysis with AI

Tue, 02 Jan 2024 06:00:00 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but also embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Jag Lamba, founder and CEO of Certa.

Jag Lamba, the CEO and founder of Certa, is an engineering expert who has led his team in developing AI tools for streamlining procurement and compliance processes. Lamba's perspective on these tools is that they are a game changer, particularly for non-procurement users who often struggle with navigating new tools and forms. To address this, Certa has integrated an email chat bot for request intake, making the process more user-friendly and familiar. Lamba believes that this approach will result in increased buy-in from business users and improved efficiency in procurement and compliance processes. His dedication to solving real problems with AI sets Certa apart as a leader in the industry. Join Tom Fox and Jag Lamba on this episode of Innovation in Compliance to learn more about Lamba's innovative approach to streamlining procurement and compliance processes.

Key Highlights:

Streamlined AI Design with Natural Language
Enhancing Organizational Agility with Certa Assist
Instant Report Generation with Insights AI
Email Chat Bot for Simplified Request Intake

Resources:

Jag Lamba on LinkedIn

Tom

Ed Parcaut - From Phone Sales to Global Connections

Wed, 27 Dec 2023 06:00:00 -0000

Ed Parcaut, a dynamic individual who transitioned from phone sales to a successful real estate radio show host, has a unique perspective on his journey. Parcaut discovered his knack for connecting with people through his voice during his 18-year tenure in phone sales. When presented with the opportunity to host a local talk radio show, he initially questioned the relevance of radio in the digital age, but soon recognized its enduring popularity.

He launched his radio show, "Real Estate Jerky," which began as a platform for real estate and mortgage discussions but later expanded to include community topics. Parcaut also recognized the potential of podcasting and began uploading his radio show as a podcast to reach a wider audience. He firmly believes in the power of audio platforms in promote businesses and foster connections. Join Tom Fox and Ed Parcaut as they delve deeper into this topic on the next episode of the Innovation in Compliance podcast.

Key Highlights:

Ed's Voice-Driven Journey to Global Connections
Promoting Homeownership and Community Engagement
Ed's Expertise in Real Estate Market Profitability
Insights into Housing Affordability and Trends
The Power of Repurposing Content for Podcasting
California's Property Tax Protection Law

Resources:

Ed Parcaut on LinkedIn

Tom

Paul Trulove on The Future of Authentication: Password Less and Secure

Thu, 21 Dec 2023 06:00:00 -0000

Paul Trulove is a seasoned cybersecurity expert with a strong background in identity management, currently serving as the CEO of Secure Auth. With 15 years of experience in the field, Trulove is a strong advocate for the evolution towards password-less authentication in cybersecurity. He sees a shift away from traditional username and password authentication towards more secure and user-friendly methods that leverage device-level capabilities and biometrics. Trulove emphasizes the importance of organizations embracing and funding these changes and the need for collaboration across different industries to ensure a comprehensive and secure authentication framework. Join Tom Fox and Paul Trulove on this episode of the Innovation in Compliance podcast to delve deeper into this fascinating topic

Key Highlights:

Secure Auth: Making Authentication Secure and User-Friendly
The Evolution Towards Password-Less Authentication
Identity-Driven Zero-Trust Cybersecurity Approach
The Rise of Password-Less Authentication Technology
The Evolution of Authentication and Access Management

Resources:

Paul Trulove on LinkedIn

Tom

Mohamed Lazzouni on The Role of Biometrics in Data Management and Compliance

Tue, 19 Dec 2023 06:00:00 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. My guest in this episode is Mohamed Lazzouni, Chief Technology Officer at AWARE.

Mohamed Lazzouni, a distinguished individual with a robust background in physics and solid-state physics, currently serves as the Chief Technology Officer at Aware. Lazzouni firmly believes in the potential of behavioral biometrics to enhance security and compliance, particularly in the financial services industry. He asserts that biometrics can be used to verify customer identities during online transactions, thereby eliminating the need for physical visits to a branch. Furthermore, he sees the analysis of biometric data such as face recognition, voice prints, and fingerprints to ensure the registered identity of a customer is trustworthy. Lazzouni also highlights the role of biometrics in data management and compliance, ensuring that personally identifiable information is collected, stored, and managed securely and in compliance with relevant laws and regulations. He is particularly excited about the potential of behavioral biometrics, such as unique gestures and interactions with devices, to further enhance security and provide new opportunities for businesses and individuals. Join Tom Fox and Mohamed Lazzouni on this episode of Innovation in Compliance to delve deeper into this fascinating topic.

Key Highlights:

Exploring Nature at a Unique Scale
Leveraging Unique User Interactions for Security
Enhancing Identity Verification with Biometric Technology
Biometric Security Solutions for System Integrators
Biometric Security Revolution: Face and Voice Recognition

Resources:

Mohamed Lazzouni on LinkedIn

Tom

Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond: Part 5 – Alexander Cotoia on Professional Development and Mentorship for the Compliance Professional

Fri, 15 Dec 2023 06:00:00 -0000

Welcome to a special series sponsored by Diligent, where we look down the road at key issues in 2024 and beyond. In this series, I will visit with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. In this concluding Part 5, we discuss professional development and mentorship for compliance professionals with Alexander Cotoia.

Alex Cotoia is with the Volkov Law Group and has transitioned from a traditional legal background into the compliance arena. He strongly believes in the importance of continuous professional development for compliance professionals, emphasizing the need for mentorship and growth opportunities, particularly for those in leadership positions. Alex’s perspective is shaped by the dynamic regulatory climate and the increasing extraterritorial impact of legislation and regulation, which underscore the urgency of continuous development in the compliance field. He also highlights the significance of acquiring soft skills, such as negotiation, building relationships, and strategic planning, in addition to the legal aspects of compliance. Alex values collaboration and believes that reaching out to other compliance professionals for guidance and mentorship can benefit professional growth. Join Tom Fox and Alex Cotoia as they delve deeper into this topic on the next episode of the Diligent Podcast.

Key Highlights:

Navigating the Dynamic Regulatory Landscape for Compliance Professionals
Developing Essential Soft Skills for Compliance Professionals
Continuous Growth and Development in Compliance
The Importance of Compliance in Career Development

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com

Compliance professionals adapting to change: Industries, Regulations, and Beyond: Part 4-Yee Chow on Navigating the Current ESG Landscape

Thu, 14 Dec 2023 06:00:00 -0000

Welcome to a special series where we look down the road at key issues in 2024 and beyond, sponsored by Diligent. In this series I will visit with Nicolas Latham, Renee Murphy, Jessica Czeczuga; Yee Chow; and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape and professional growth and mentorship in compliance. In this Part 4, we navigate the current ESG landscape with Yee Chow.

Yee Chow is a seasoned professional in the sustainability space, currently serving as the Director of Solution Engineering and Consulting at Diligent. With over 16 years of experience, Chow has witnessed the evolution of the chief compliance officer's role in ESG compliance. Chow's perspective on this evolution is that it has become a significant and integral part of corporate agendas. Previously, ESG was seen as a side topic for companies to gain more credentials and marketing, but in recent years it has become a major focus for the majority of corporations globally. This shift has led to changes in the roles of chief compliance officers and internal management, with ESG now being elevated to their level of responsibility and accountability. Chow believes that this shift is necessary and beneficial for companies in the future. Join Tom Fox and Yee Chow on this episode of the Diligent Podcast to delve deeper into this topic.

Key Highlights

· Elevated ESG Compliance Leadership: CCO's Evolving Role

· Mandatory Reporting on ESG Factors

· Integrating ESG into Board Meetings and Discussions

Ready for Purpose Driven Compliance? Diligent equips leaders with the tools they need to build, monitor and maintain a culture of open, transparent ethics and compliance. For more information and to book a demo, visit Diligent.com

Join us tomorrow where we conclude our series with a review of professional development and mentoring for compliance professionals.

Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond: Part 3 – Jessica Czeczuga on the Role of a Board of Directors in Training and Communications

Wed, 13 Dec 2023 06:00:00 -0000

Welcome to a special series sponsored by Diligent, where we look down the road at key issues in 2024 and beyond. In this series, I will visit with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. In Part 3, we review the role of a Board of Directors in compliance training and communications with Jessica Czeczuga.

Jessica Czeczuga is a seasoned corporate training and compliance professional, currently serving as the Principal Instructional Designer at Diligent. Jessica’s perspective on the importance of Board oversight in corporate training and compliance is shaped by her extensive experience and deep understanding of compliance programs. She emphasizes the crucial role of the Board in setting the tone for the organization’s culture, advocating for active communication from the Board about the importance of training to all employees. Jessica also suggests that the Board should be more significant in discussions about your organization’s compliance efforts, ensuring it meets its stated commitments. She views the Board as another group within the organization that requires tailored training and active involvement in promoting a culture of compliance. Join Tom Fox and Jessica Czeczuga as they delve deeper into this topic.

Key Highlights:

Driving Compliance and Training Messaging
Fostering Alignment Through Board Involvement
Assessing the Impact of Multinational Training

Join us tomorrow as we consider navigating the current ESG landscape.

Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond: Part 2 – Renee Murphy on Managing Conflicts at the Board

Tue, 12 Dec 2023 06:00:00 -0000

Welcome to a special series sponsored by Diligent, where we look down the road at key issues in 2024 and beyond. In this series, I will visit with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. Part 2 considers how an organization can manage conflicts of interest with Renee Murphy on the Board of Directors.

Renee Murphy has a rich compliance, governance, and risk management background. Having served as both an internal and external auditor and currently the Chief Evangelist of Diligent, she brings a unique perspective to managing board-level conflicts of interest and implementing ESG practices. Renee believes that conflicts of interest at the board level can have serious implications and emphasizes the importance of identifying and addressing these conflicts to prevent financial misconduct. She also advocates that boards prioritize disclosing their ESG practices and carbon emissions, as stakeholders will increasingly demand this. Her expertise and insights are shaped by her diverse experiences, including her role as a lead analyst at Forrester Research and her work with Fortune 500 companies. Join Tom Fox and Renee Murphy as they delve deeper into these topics on the next episode of the Diligent Podcast.

Key Highlights:

Board Members Sitting on Multiple Boards
Conflicts of Interest at the Board Level
ESG Reporting for Long-Term Risk Management
The Role of Compliance in Board Governance

Join us tomorrow as we consider the role of the Board of Directors in compliance training, messaging, and communications.

Compliance Professionals Adapting to Change: Industries, Regulations, and Beyond: Part 1 – Nicholas Latham on Compliant Communications

Mon, 11 Dec 2023 06:00:00 -0000

Welcome to a special series sponsored by Diligent, where we look down the road at key issues in 2024 and beyond. In this series, I will visit with Nicholas Latham, Renee Murphy, Jessica Czeczuga, Yee Chow, and Alexander Cotoia. Over this series, we will consider compliant communications in regulated industries, managing conflicts of interest at the Board level, the Board’s role in compliance training and communications, navigating the current ESG landscape, and professional growth and mentorship in compliance. In this Part 1, we consider compliant communications in regulated industries with Nicholas Latham.

Nicholas Latham is an accounting professional with a strong accounting and risk management background, currently serving as a Client Partner at Diligent Corporation. His perspective on accounting and risk assessment is shaped by his extensive experience in the financial industry, particularly in the collections department of a US bank. Nicholas believes that organizations must implement and adapt frameworks such as COSO and ISO 31,000 to manage and mitigate risks effectively. He also emphasizes the need for a holistic view of risk and control across the entire organization rather than siloed departments, and he believes these frameworks can help provide a comprehensive understanding of the organization’s risk landscape. Join Tom Fox and Nicholas Latham on this episode of the Diligent Podcast as they delve deeper into Latham’s expertise in governmental accounting and risk assessment.

Key Highlights:

Risk and Control Expertise in Professional Background
Assessing and Mitigating Risk in Organizations
Holistic View of Organizational Operations and Risk

Join us tomorrow, where we will consider managing conflicts of interest at the Board of Directors.

Ann Gynn on Building an Audience: The Content Entrepreneur

Tue, 05 Dec 2023 06:00:00 -0000

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Ann Gynn, a content creator specialist.

Ann Gynn is a seasoned content entrepreneur with a rich journalism, marketing, and public relations background, currently serving as the editor at The Tilt and the Creator Content Entrepreneur Expo (CEX). Gynn's perspective on "content entrepreneurship: balancing creation and business operations" is rooted in her belief that content entrepreneurs can build their audience and run their own media companies, independent of traditional mainstream media outlets.

She emphasizes the importance of creating content and focusing on the business side of entrepreneurship, such as marketing, growing an audience, and monetizing the content. Gynn believes that many content creators make the mistake of spending too much time on content creation and not enough on marketing and business operations, and she offers resources and services through The Tilt to help them navigate and succeed in this aspect. Join Tom Fox and Ann Gynn on this episode of the Innovation in Compliance podcast to delve deeper into this topic.

Key Highlights

Building an Audience: The Content Entrepreneur
Maximizing Success Through Business Savvy
Neglecting Business Side: Key Content Entrepreneurship Mistakes
The Knowledge-Based Content Entrepreneur Expo (CEX)

Resources:

Ann Gynn on LinkedIn

G Force Communications

The Tilt

Content Entrepreneur’s Expo

Tom

Igor Volovich on Moving Towards Data - Driven, Risk - Based Compliance

Tue, 28 Nov 2023 06:00:00 -0000

Igor Volovich brings a unique perspective to the table regarding the importance of executive accountability and proactive risk governance in cybersecurity. Volovich emphasizes the crucial role that executives play in ensuring compliance, controls, and security posture decisions, and criticizes the current model of firing and hiring Chief Information Security Officers as ineffective. He believes that risk governance should be a holistic business function, rather than separate departments handling different types of risks, and encourages boards of directors to question and challenge reports on compliance and risk posture. Drawing from his extensive experience and deep understanding of the field, Volovich advocates for a real-time convergence of compliance, security, and risk management. Join Tom Fox and Igor Volovich on this episode of the Innovation in Compliance podcast to delve deeper into these insights.

Key Highlights:

Maintaining Compliance Integrity through Executive Accountability
Misrepresentation of Compliance in Penn State
Moving Towards Data-Driven, Risk-Based Compliance
Data-Driven Risk Management for True Compliance
Incentivized Whistleblowing and Cybersecurity Accountability
Elevating Risk Governance for Effective Cybersecurity
Real-Time Compliance and Data-Driven Automation

Resources:

Igor Volovich on LinkedIn

Tom

The Future of Communication in Financial Compliance: Part 5 – Human Compliance

Fri, 17 Nov 2023 06:00:00 -0000

This week, I have a special five-part podcast series sponsored by Verint on the Future of Communication in Financial Compliance. My guest in this series is Phil Fry, VP and GTM of Financial Compliance Strategy at Verint. Over this series, we will take a deep dive into the current status of communications in financial institutions, how to be or not be compliant, analysis and insight into the area, and how to avoid accentuating the negative and the human element in compliance. In this fifth and final podcast, we look down the road of financial institution communications compliance.

Phil Fry, the VP and General Manager of Financial Compliance Strategies at Verint, brings over forty years of experience in the financial compliance industry and a deep understanding of the challenges financial firms face in adhering to regulations amidst evolving communication modes. He has a rich background in supporting a global trading floor, giving him a unique perspective on data loss and compliance challenges. His perspective on “human-centric compliance in the era of AI and digitalization” is shaped by his belief in focusing on individuals and their communications rather than separate communication tools.

He advocates for strategic alignment between vendors, compliance teams, and technology, emphasizing the need for data completeness, integrity, and control in compliance communications platforms. Fry sees the potential of generative AI and machine learning in simplifying compliance processes but also acknowledges the complexity of managing and monitoring policies in the digital age. Join Tom Fox and Phil Fry as they delve deeper into these topics on this final episode of the Future of Communication podcast.

Key Highlights:

The Importance of Individual Communication in Compliance
Creating a Sustainable Compliance Environment with Technology
Leveraging Technology for Streamlined Compliance

Resources:

Phil Fry on LinkedIn

For More Information check out Verint.

The Future of Communication in Financial Compliance: Part 4 – Accentuate the Negative?

Thu, 16 Nov 2023 06:00:00 -0000

This week, I have a special five-part podcast series sponsored by Verint on the Future of Communication in Financial Compliance. My guest in this series is Phil Fry, VP and GTM of Financial Compliance Strategy at Verint. Over this series, we will take a deep dive into the current status of communications in financial institutions, how to be or not be compliant, analysis and insight into the area, and how to avoid accentuating the negative and the human element in compliance. In this fourth podcast, we ask if you must accentuate the negative.

Phil Fry, the VP and General Manager of Financial Compliance Strategies at Verint, brings over forty years of experience in the financial compliance industry and a deep understanding of the challenges financial firms face in adhering to regulations amidst evolving communication modes. He specializes in the voice regulatory compliance capture world, particularly emphasizing the financial industry. He firmly believes in the importance of data quality in financial industry compliance, stressing the need to capture and record all trade-related communications, regardless of the time, place, or platform they occur on.

Fry argues that incomplete or missing data can hinder compliance efforts and investigations and that it is crucial to identify and categorize any gaps in the data to reduce false positives and improve trade surveillance. He also discusses the importance of linking conversations to gain insights into communication patterns and improve investigations. His extensive experience in the field shapes Fry’s perspective, and he is dedicated to solving legacy issues related to third-party identification and linking conversations together for improved investigations. Join Tom Fox and Phil Fry on this episode of the Future of Communications podcast as they delve deeper into the importance of data quality in financial industry compliance.

Key Highlights:

Data Gaps and Communication Patterns in Finance
Biometric Speaker Detection and Analysis
Data Quality: The Key to Reliable Analysis

Resources:

Phil Fry on LinkedIn

For More Information check out Verint.

The Future of Communication in Financial Compliance: Part 3 - Data Analysis and Insight

Wed, 15 Nov 2023 06:00:00 -0000

This week, I have a special five-part podcast series sponsored by Verint on the Future of Communication in Financial Compliance. My guest in this series is Phil Fry, VP and GTM of Financial Compliance Strategy at Verint. Over this series, we will take a deep dive into the current status of communications in financial institutions, how to be or not be compliant, analysis and insight into the area, and how to avoid accentuating the negative and the human element in compliance. In this third podcast, we take a deep dive into data analysis and insights.

Phil Fry, the VP and General Manager of Financial Compliance Strategies at Verint, brings over forty years of experience in the financial compliance industry and a deep understanding of the challenges financial firms face in adhering to regulations amidst evolving communication modes. He specializes in enhancing surveillance systems through data analysis and risk management. His perspective on this topic is shaped by his commitment to bridging the gap between what is captured and what is perceived to be captured, with a focus on proactive compliance.

Fry believes that surveillance teams can make proactive and smarter decisions by utilizing early analytics and risk analysis on captured data, focusing on high-risk conversations. He also emphasizes incorporating additional metadata points, such as time, geography, and communication patterns, to enhance surveillance capabilities. Fry’s initiatives, which include plans to add emotion detection and real-time call translation capabilities, aim to provide valuable data and insights to various corporate disciplines. Join Tom Fox and Phil Fry on this episode of the Future of Communications podcast to learn more about his innovative approach to improving surveillance systems.

Key Highlights:

Bridging the Gap: Pre-surveillance Insights
Improving Surveillance Efficiency through Data Analysis
Uncovering Valuable Intelligence from Spoken Interactions

Resources:

Phil Fry on LinkedIn

For More Information check out Verint.

The Future of Communication in Financial Compliance: Part 2 – To Be or Not To Be Compliant

Tue, 14 Nov 2023 06:00:00 -0000

Phil Fry, the VP and General Manager of Financial Compliance Strategies at Verint, brings over forty years of experience in the financial compliance industry and a deep understanding of the challenges financial firms face in adhering to regulations amidst evolving communication modes. He believes the shift towards these models has increased the need for digital compliance solutions, as communication and collaboration have become predominantly digital.

Fry emphasizes the importance of capturing data from Unified Communications (UC) tools and enhancing them with AI-based features to support businesses in maintaining compliance. He introduces the concept of “human compliance,” which involves monitoring a regulated user’s interactions across channels and locations to prevent misconduct. Fry’s perspective is shaped by his experience at Verint, where he saw the company’s investment in AI technology to enhance compliance features. Join Tom Fox and Phil Fry on this episode of the Future of Communications podcast to learn more about the need for comprehensive and proactive digital compliance solutions in the context of hybrid work models.

Key Highlights:

The Impact of Hybrid Working on Business and Compliance
Revolutionizing Communication Capture in the Digital Age
Verint’s Comprehensive Financial Markets Website

Resources:

Phil Fry on LinkedIn

For More Information check out Verint.

The Future of Communication in Financial Compliance: Part 1 – Current Status

Mon, 13 Nov 2023 06:00:00 -0000

This week, I have a special five-part podcast series sponsored by Verint on the Future of Communication in Financial Compliance. My guest in this series is Phil Fry, VP and GTM of Financial Compliance Strategy at Verint. Over this series, we will take a deep dive into the current status of communications in financial institutions, how to be or not be compliant, analysis and insight into the area, and how to avoid accentuating the negative and the human element in compliance. This first podcast considers the current communications status in financial institutions.

Phil Fry, the VP and General Manager of Financial Compliance Strategies at Verint, brings over forty years of experience in the financial compliance industry and a deep understanding of the challenges financial firms face in adhering to regulations amidst evolving communication modes. Fry’s perspective on “adapting financial compliance solutions to evolving communication modes” is shaped by the significant transformations in the financial compliance environment due to factors such as COVID, hybrid working, and the adoption of Generative AI.

Fry acknowledges the complexities of using different communication modes and the increasing challenges for compliance solutions to keep pace. Phil emphasizes the need for a holistic compliance solution to capture the entire communications environment and highlights Verint’s pioneering efforts in utilizing generative AI-driven transcription, communications, pre-surveillance, and speech analytics capabilities. Join Tom Fox and Phil Fry on this episode of the Future of Communication podcast as they delve deeper into this topic.

Key Highlights:

Transforming Financial Compliance in the Digital Age
Verint’s Holistic Compliance Solution for Financial Institutions
Regulatory Fines and Compliance Solutions

Resources:

Phil Fry on LinkedIn

For More Information check out Verint.

Jamie Hoyle on Finding the Needle in a Haystack for Communications Compliance

Tue, 07 Nov 2023 06:00:00 -0000

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. One of those areas is financial services communications compliance. My guest in this episode is Jamie Hoyle, VP of Product at MirrorWeb Jamie Hoyle is a seasoned software engineer and technology executive with a strong background in compliance and communication surveillance. He currently serves as the VP of Product at MirrorWeb, where he leverages his expertise in capturing and utilizing metadata from native APIs and platforms to provide valuable business intelligence in communication surveillance.

Jamie’s perspective on the topic of “MirrorWeb: a surveillance platform for digital communication compliance” is that communications compliance is a crucial aspect of regulatory enforcement actions, which are only increasing. He emphasizes the importance of capturing insights from emerging platforms and technologies and scaling these surveillance platforms to meet the requirements of both regulated and non-regulated businesses. Join Tom Fox and Jamie Hoyle on this episode of the Innovation in Compliance podcast to learn more about Jamie’s insights and experiences.

Key Highlights:

Insightful Compliance Solutions for Digital Communications
The "Needle in a Haystack" of Communications Compliance
The Rise of Individual Accountability in Compliance
Communications Surveillance and Compliance Solutions

Resources:

Jamie Hoyle on LinkedIn

Tom

David CM Carter on Unlocking Your Ultimate Potential through the Entelechy Academy

Tue, 31 Oct 2023 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to not only be ready for it but embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is David CM Carter, founder of the Entelechy Academy.

David Carter is a seasoned entrepreneur and business expert with a diverse background in corporate finance and investment banking. He has worked in seven different countries over ten years, owned and operated golf and country clubs, and authored a book published in 138 countries. Carter's perspective on Entelechy Academy's approach to personalized professional development is that it democratizes the mentoring and coaching services previously only available to a select few.

He sees the academy as his legacy project, combining all his career experiences into one final endeavor focusing on character development to help individuals achieve their full potential. Carter emphasizes the importance of return on investment and offers a transformative phase that includes ongoing data analytics, expert facilitation, and personalized learning journeys. Join Tom Fox and David Carter on this episode of the Innovation in Compliance podcast to learn more about his unique perspective.

Key Highlights:

Unlocking Your Ultimate Potential through the Entelechy Academy
Character Competence and Workforce Engagement
360 Degree Feedback and Personalized Development Insights
Optimizing Performance and Productivity with AI
Building a Character-Driven Workforce for Success
Transformative Writing Journey: From Surgery to Worldwide Publication

Resources:

David CM Carter on LinkedIn

Tom

Tyler Barron on Streamlining Banking Compliance

Tue, 17 Oct 2023 05:00:00 -0000

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Tyler Barron, Chief Revenue Officer at Encapture, who visits with me about innovation in banking compliance.

Encapture is a machine learning platform streamlining back-office processes for banks and lenders, particularly compliance and data reporting. Using document automation and machine learning, Encapture improves efficiency and reduces risk in the document lifecycle. The platform ensures accurate data submission to regulatory authorities and provides audit trails for regulatory purposes. Internal referrals are a powerful marketing tool that allows for an easier transition into becoming an approved supplier. The future of banking compliance lies in bringing intentional insight and value to financial institutions. Encapture aims to deliver year-over-year value and be seen as mission-critical to its client’s businesses. With increasing regulatory pressure, the need for efficient technologies like Encapture’s will continue to grow.

Encapture: Streamlining Document Lifecycle
Encapture platform: Providing audit trails for compliance
Internal Referrals
The Future of Banking Compliance
Simplifying Compliance for Banks

Resources

Tyler Barron on LinkedIn

Tom Fox

2023 Global Business Ethics Survey: Part 5 – Improving Ethics and Compliance Programs: Insights from 2023 GBES

Fri, 13 Oct 2023 05:00:00 -0000

The Global Business Ethics Survey (GBES) conducted by the Ethics & Compliance Initiative (ECI) provides valuable insights into workplace ethics and compliance from the perspective of employees. Tom Fox recently had the opportunity to visit with ECI CEO Pat Harned on the 2023 GBES. This survey has become a reliable benchmark for organizations to compare their workplace culture with third-party research, allowing them to identify areas for improvement and address potential risks.

Over the past 30 years of GBES research, ECI has identified and proven that certain “outcome” metrics are indicative of the well-being of workplaces from an ethics & compliance perspective. In this, the largest and latest update to the GBES body of research, employees in 42 countries around the world told us that there is reason for concern.

In Part 5 of a five-part podcast, we why companies need a strong ethical culture and high-quality compliance program.

Pat Harned, CEO of ECI (Ethics & Compliance Initiative) and a leading expert in workplace ethics and compliance programs, has extensive experience in the field and has led the 2023 Global Business Ethics Survey. Pat firmly believes that workplace ethics concerns are a significant issue and that compliance programs are necessary to address these concerns. Her perspective is shaped by alarming data showing high levels of pressure, increased observations of misconduct, and worrying rates of retaliation in the workplace. Pat advocates for the implementation of high-quality ethics and compliance programs, emphasizing the importance of manager engagement, regular reminders of reporting resources, anti-retaliation programs, and holding all employees accountable for ethical behavior. She also recommends regular assessments of these programs and their impact to ensure their effectiveness. Join Tom Fox and Pat Harned as they delve deeper into these issues in the upcoming episode of the 2023 GBES podcast.

Key Highlights:

Ethics and Compliance Challenges in Global Workplaces
Creating a Culture of Retaliation-Free Workplaces
Evaluating Organizational Performance with Global Benchmarks

Resources:

Blog Post on the 2023 GBES, Part 5

2023 Global Business Ethics Survey: Part 4 – The Importance of a Strong Ethical Culture

Thu, 12 Oct 2023 05:00:00 -0000

The 2023 GBES strongly advocates for the establishment of a robust ethical culture in businesses. Pat Harned’s insights reveal that many employees need to operate within a strong ethical culture, and they stress the need for businesses to not only meet minimum standards but also strive for high-quality programs that transform company culture and operations. Pat believes that leaders should model ethical behavior and actively promote program activities that positively influence conduct and minimize the risk of non-compliance. Join Tom Fox and Pat Harned as they delve deeper into this topic on the 2023 GBES podcast episode.

Key Highlights:

Building a Strong Ethical Culture in Business
Transforming Organizational Culture through Ethics and Compliance
What is a high-quality compliance program?

Join us in Part 5, where we discuss how a compliance professional can use this information in their corporate compliance program.

Resources

Blog Post on the 2023 GBES, Part 4

2023 Global Business Ethics Survey: Part 3 – The Pervasive Issue of Retaliation in the Workplace

Wed, 11 Oct 2023 05:00:00 -0000

The 2023 GBES showed that within workplace ethics, retaliation, and whistleblower protection issues, retaliation is a pervasive issue in the workplace, with a significant number of individuals who report misconduct experiencing some form of retribution. The GBES revealed that retaliation remains unacceptably high, with many victims of harassment or discrimination choosing not to report due to fear of further retaliation. Pat emphasizes the importance of educating supervisors and coworkers to recognize and address retaliation, as well as supporting and educating employees who come forward about what retaliation might look like and how to handle it. Join Tom Fox and Pat Harned as they delve deeper into these issues on the 2023 GBES podcast.

Key Highlights:

Pressure to Compromise Workplace Standards
Lack of Support for Whistleblowers
What is retaliation?

Join us in Part 4, where we ask ‘what is an ethical culture”?

Resources:

Blog Post on the 2023 GBES, Part 3

2023 Global Business Ethics Survey: Part 2 – Addressing Workplace Misconduct

Tue, 10 Oct 2023 05:00:00 -0000

Pat’s views on workplace misconduct have been shaped by her belief in the importance of a strong relationship between employees and their supervisors, which she sees as crucial to encouraging reporting of misconduct and ensuring satisfaction with the outcome. She advocates for training managers to respond supportively to reports and emphasizes the need for organizations to educate employees on the importance of reporting misconduct internally rather than resorting to social media or external agencies. With her extensive research and expertise, Harned has made significant contributions to promoting ethical practices in the workplace. Join Tom Fox and Pat Harned as they delve deeper into this topic on the 2023 GBES podcast.

Key Highlights:

Increasing Rates of Workplace Misconduct and Managerial Response
Global Reporting Trends in Corrupt Countries
The Impact of Supportive Managers on Reporting

Join us in Part 3, where we consider some disturbing findings on retaliation.

Resources

Blog Post on the 2023 GBES, Part 2

2023 Global Business Ethics Survey: Part 1 – GBES: A Snapshot of the Global Workforce Ethics

Mon, 09 Oct 2023 05:00:00 -0000

Pat Harned is a seasoned compliance professional committed to fostering ethical conduct in the business sector. As the CEO of ECI, Pat has a unique perspective on the global business ethics survey: insights into workplace ethics and compliance, shaped by her 16 years of involvement with the survey. She finds the recent survey results deeply troubling, pointing out several issues, such as high levels of employee pressure to compromise standards, increased misconduct, persistent retaliation, and a low percentage of employees reporting a strong ethical culture in their workplaces. Pat underscores the significance of a robust ethics and compliance program and is confident that the survey data can offer valuable benchmarks and recommendations for organizations aiming to enhance their programs. Join Tom Fox and Pat Harned as they delve deeper into this topic in the upcoming episode of the 2023 GBES podcast.

Key Highlights:

Insights into Workplace Ethics and Compliance
The Crucial Role of Diverse Respondents
Alarming Workplace Ethics and Compliance Trends

Join us in Part 2, where we consider the findings of the observation of workplace misconduct.

Resources:

Blog Post on the 2023 GBES, Part 1

The Podcasting for Business Conference

Tue, 03 Oct 2023 05:00:00 -0000

Innovation comes in many areas, and compliance professionals need to not only be ready for it but embrace it. One of those areas is podcasting. Tom Fox’s guest in this episode is Megan Dougherty, co-founder of One Stone Creative.

They discussed the upcoming Podcasting for Business Conference. In this virtual conference, scheduled for November 13-15, there will be a deep dive into strategies and best practices for effective business podcasting. Additionally, the Conference will cover a wide range of important factors that impact the success of a business podcast, including interviewing techniques, collaboration with remote teams, podcast reach, guest selection, and real-life examples of podcasts connecting brands with audiences. To conclude the conference, Megan will present her annual State of Business Podcasting Report, which provides valuable insights and data on best practices for podcasting businesses.

Key Highlights:

Translating Complex Information for Podcast Audiences
Maximizing Podcast Reach with Strategic Guest Selection
Podcast Power: Real-Life Brand-Audience Connections
Insights and Strategies for Business Podcasting

Resources:

Megan Dougherty on LinkedIn

One Stone Creative

Podcasting for Business Conference

Tom

Breaking the Silence: How Speaking Up Enhances Corporate Cultures – Tom Fox on the ROI of a Speak Up Culture

Fri, 29 Sep 2023 05:00:00 -0000

Welcome to a special five-part podcast series on enhancing corporate culture through a great speak-up regime. This podcast series is sponsored by Case IQ. Over this series, Tom Fox will visit with Sharlyn Lauby, Jakub Ficner, Kenneth McCarthy, and Meric Bloch on the different facets of a great speak-up regime and how each of those facets will improve your corporate culture. They will tackle such topics as the indicia of a great corporate culture, the importance of triage and internal investigations in improving corporate culture, non-retaliation and protections for those who speak up, tying your entire system of speaking up to improving culture, and conclude with some thoughts on how an entire system of speaking up drives corporate culture to be better run and, at the end of the day, more profitably. In this concluding Part 5, Tom Fox discusses the ROI of a true culture of speaking up.

Strong reporting systems and a robust corporate culture must be balanced in business efficiency. One great academic paper demonstrates how companies with robust whistleblower and reporting systems enjoy greater profitability, increased workforce productivity, and fewer material lawsuits. Tom has seen firsthand the transformative power of a culture of speaking up. He emphasizes that it’s about having a hotline and an entire system with employee engagement. This culture of ‘SpeakUp’ can provide actionable information to prevent, detect, and remediate issues before they become legal violations and can contribute to a functioning and ethical corporate culture. A culture of trust and empowerment ultimately leads to motivated employees who can contribute to business efficiency and greater profitability. Join Tom Fox on this Breaking the Silence: How Speaking Up Enhances Corporate Culture podcast episode to delve deeper into this fascinating topic.

Key Highlights:

Academic research
Q2C and P2P
Material differences

Resources:

Breaking the Silence: How Speaking Up Enhances Corporate Cultures – Meric Bloch on How a Speak Up Culture Improves Compliance

Thu, 28 Sep 2023 05:00:00 -0000

Welcome to a special five-part podcast series on enhancing corporate culture through a great speak-up regime. This podcast series is sponsored by Case IQ. Over this series, Tom Fox will visit with Sharlyn Lauby, Jakub Ficner, Kenneth McCarthy, and Meric Bloch on the different facets of a great speak-up regime and how each of those facets will improve your corporate culture. They will tackle such topics as the indicia of a great corporate culture, the importance of triage and internal investigations in improving corporate culture, non-retaliation and protections for those who speak up, tying your entire system of speaking up to improving culture, and conclude with some thoughts on how an entire system of speaking up drives corporate culture to be better run and, at the end of the day, more profitably. In Part 4, Tom Fox visits Meric Bloch on how a robust speak-up culture will improve your compliance program.

Meric Bloch is an expert in workplace investigations with a rich background in helping corporate clients establish effective investigation programs. He is currently serving as an adjunct professor at Fordham University Law School. Meric strongly emphasizes the importance of workplace investigations and fostering a culture of employee compliance. He believes that merely setting up a hotline and establishing policies is insufficient; companies must actively engage with employees to understand their motivations for speaking up or remaining silent. Meric also underscores the need for accountability and a critical evaluation of the effectiveness of compliance programs. His experiences with multinational companies have shaped his understanding of their challenges, particularly the fear of being perceived as incompetent and the difficulties in reporting. Join Tom Fox and Meric Bloch on this episode as they dive deep into improving your compliance program through a speak-up culture.

Key Highlights:

Enhancing Corporate Investigations for Compliance and Accountability
The Impact of Cooperation on Reporters
The Impact of Meaningful Speak Up Culture

Resources:

Meric Bloch on LinkedIn

Winter Investigations

Breaking the Silence: How Speaking Up Enhances Corporate Cultures – Jakub Ficner on How Triage and Investigations Can Drive a Culture of Speak Up

Wed, 27 Sep 2023 05:00:00 -0000

Welcome to a special five-part podcast series on enhancing corporate culture through a great speak-up regime. This podcast series is sponsored by Case IQ. Over this series, Tom Fox will visit with Sharlyn Lauby, Jakub Ficner, Kenneth McCarthy, and Meric Bloch on the different facets of a great speak-up regime and how each of those facets will improve your corporate culture. They will tackle such topics as the indicia of a great corporate culture, the importance of triage and internal investigations in improving corporate culture, non-retaliation and protections for those who speak up, tying your entire system of speaking up to improving culture, and conclude with some thoughts on how an entire system of speaking up drives corporate culture to be better run and, at the end of the day, more profitably. In Part 3, Tom Fox visits with Jakub Ficner on the importance of your triage protocol and investigative process to foster a culture of speaking up.

Jakub Ficner has over 15 years of experience in the internal investigative space and is currently the Director of Partnership Development at Case IQ. He strongly advocates for the importance of the triage process and technology in organizational compliance. Jakub emphasizes the need for a rigorous reporting, triage, and investigation process, even before receiving a complaint or allegation. He believes that effective means of documenting and tracking investigative processes are crucial for establishing accountability and defensibility in compliance processes. Drawing from his extensive experience, Jakub highlights the significance of having a documented process, especially for multinational companies with compliance officers in various regions. He recommends using technology, such as a case management solution, to ensure accountability, defensibility, and easy information retrieval. Join Tom Fox and Jakub Ficner on this episode as they delve deeper into these topics of triage and investigations.

Key Highlights:

The importance of effective triage
Improving Response Time and Setting Expectations
Effective Compliance Documentation and Tracking
Using Technology to Establish Accountability and Defensibility

Resources:

Jakub Ficner on LinkedIn

Breaking the Silence: How Speaking Up Enhances Corporate Cultures – Kenneth McCarthy on Non-Retaliation and Protections for Those Speak Up

Tue, 26 Sep 2023 05:00:00 -0000

Welcome to a special five-part podcast series on enhancing corporate culture through a great speak-up regime. This podcast series is sponsored by Case IQ. Over this series, Tom Fox will visit with Sharlyn Lauby, Jakub Ficner, Kenneth McCarthy, and Meric Bloch on the different facets of a great speak-up regime and how each of those facets will improve your corporate culture. They will tackle such topics as the indicia of a great corporate culture, the importance of triage and internal investigations in improving corporate culture, non-retaliation and protections for those who speak up, tying your entire system of speaking up to improving culture, and conclude with some thoughts on how an entire system of speaking up drives corporate culture to be better run and, at the end of the day, more profitably. In Part 2, Tom Fox visits with Kenneth McCarthy on the importance of non-retaliation and protections for those who speak up.

Kenneth McCarthy is a seasoned professional with a diverse background in government and entrepreneurship and a wealth of experience in handling whistleblowers, including sexual harassment cases. Kenneth’s perspective on addressing sexual harassment retaliation and encouraging reporting in workplaces is rooted in his belief in the importance of non-retaliation protocols and processes. He emphasizes the need to create a safe and supportive environment for individuals to report concerns, particularly in cases of sexual harassment. Drawing from personal experiences, he has seen the damaging effects of retaliation on individuals’ willingness to speak up and the potential legal and reputational implications for employers who fail to protect whistleblowers. Join Tom Fox and Kenneth McCarthy as they delve deeper into this topic in this episode.

Key Highlights:

Systemic Retaliation in Sexual Harassment Cases
Creating a Safe Reporting Environment
The Crucial Role of Empowered Bystanders
Encouraging Bystanders: Protecting and Supporting Witnesses

Resources:

Kenneth McCarthy on LinkedIn

Integrity by McCarthy

Breaking the Silence: How Speaking Up Enhances Corporate Cultures – Sharlyn Lauby on What is a Speak Up Culture?

Mon, 25 Sep 2023 05:00:00 -0000

Welcome to a special five-part podcast series on enhancing your corporate culture through a great speak-up regime. This podcast series is sponsored by Case IQ. Over this series, Tom Fox will visit with Sharlyn Lauby, Jakub Ficner, Kenneth McCarthy, and Meric Bloch on the different facets of a great speak-up regime and how each of those facets will improve your corporate culture. They will tackle such topics as the indicia of a great corporate culture, the importance of triage and internal investigations in improving corporate culture, non-retaliation and protections for those who speak up, tying your entire system of speaking up to improving culture, and conclude with some thoughts on how an entire system of speaking up drives corporate culture to be better run and, at the end of the day, more profitably. In Part 1, Tom Fox visits Sharlyn Lauby to consider what a speak-up culture is.

Sharlyn Lauby is a seasoned human resources professional with over 15 years of experience in various industries, including theme parks, hotels, and airlines. She strongly advocates for fostering a speak-up culture in the workplace, a perspective shaped by her extensive experience in organizational development and her role as the former vice president of human resources for a global consulting firm. Sharlyn believes that a speak-up culture is characterized by open and effective communication, where employees feel comfortable expressing their concerns and sharing their ideas. She emphasizes the importance of listening as a key leadership trait, the need for policies to protect employees from retaliation, and the crucial role of middle managers in creating a supportive environment. Join Tom Fox and Sharlyn Lauby as they delve deeper into this topic in this episode.

Key Highlights:

Open communication and employee empowerment
Creating a Speak-Up Culture to Drive Positive Outcomes
The Power of Fair Processes in Organizations

Resources:

Sharlyn Lauby on LinkedIn

ITM Group

Telos | Telos Corporation on Twitter

Unlocking Success: The Crucial Role of Culture in Compliance: Part 5 – Alexander Cotoia on the Continuous Improvement of Culture

Fri, 22 Sep 2023 05:00:00 -0000

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In this concluding Part 5, we visit with Alexander Cotoia to discuss a strategy to enhance your compliance program in the future constantly.

Alexander Cotoia, a regulatory compliance manager and consultant at the Volkov Law Group, has a rich background in commercial litigation and has spent a significant part of his career in an in-house role at Virgin Galactic. Alexander strongly emphasizes the importance of compliance culture in organizations, believing that a culture promoting compliant behavior reduces the likelihood of ethical lapses or legal violations. He argues that creating a culture of compliance is not only ethically sound but also makes good business sense in today’s era, where consumers are well-informed and employees prioritize alignment with organizational values. Alexander suggests that organizations should reinforce their values and highlight the economic benefits of compliance to gain employee buy-in and engagement, emphasizing the need for continuous improvement, conducting root cause analysis, and involving various stakeholders to address cultural issues effectively. Join Tom Fox and Alexander Cotoia as they dive deep into how to continuously improve your compliance program in this episode of Unlocking Success: The Crucial Role of Culture in Compliance Best Practices podcast episode.

Key Highlights:

Cultivating CEO Involvement for Compliance Success
Improving Corporate Culture through Effective Monitoring
Cultivating Compliance Culture through Stakeholder Collaboration

Unlocking Success: The Crucial Role of Culture in Compliance: Part 4 – Michael Parker on Monitoring Culture

Thu, 21 Sep 2023 05:00:00 -0000

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 4, we visit with Michael Parker to discuss a strategy to monitor your culture in the future.

Michael Parker is a seasoned compliance professional with extensive experience cultivating and sustaining a business compliance culture. He does not believe there is a one-stop, universal approach to establishing a compliance culture, emphasizing the necessity of providing options and guidance to employees rather than merely imposing rules. Michael underscores the importance of continuous engagement and communication in managing compliance culture risks and the crucial role of leadership in setting the tone for compliance and fostering an ethical culture throughout the organization. He also acknowledges the significance of incentives in promoting compliance. Still, he stresses that incentivizing employees should be customized to individual circumstances and include a clear understanding of the consequences of non-compliance. Join Tom Fox and Michael Parker as they delve deeper into how to monitor your compliance program after you have created a culture management strategy in this episode of Unlocking Success: The Crucial Role of Culture in Compliance Best Practices podcast episode.

Key Highlights:

Building a Compliance-Focused Leadership Culture
Leveraging Technology for Compliance Monitoring and Training
Driving Compliance Culture Through Executive Leadership

Join us tomorrow in our concluding episode, where we continuously consider how to improve culture in the future.

Unlocking Success: The Crucial Role of Culture in Compliance: Part 3 – Jessica Czeczuga on Creating a Strategy to Manage Culture

Wed, 20 Sep 2023 05:00:00 -0000

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 3, we visit with Jessica Czeczuga on how to develop a strategy to manage your culture risk.

Jessica Czeczuga is a seasoned professional with over two decades of experience in training and development, specializing in areas such as finance, quality, compliance and ethics, leadership, and communication training. Jessica brings a unique perspective to the compliance space, emphasizing the pivotal role of managers in shaping and reinforcing company culture. She believes that managers, the most influential group within an organization, should be adequately trained to align with the desired culture and equipped with the necessary tools to communicate and reinforce cultural values effectively. Jessica also advocates for collaboration between compliance professionals and HR to improve culture, leveraging their counseling skills and creating clear processes for reporting and addressing culture-related issues. Join Tom Fox and Jessica Czeczuga as we dive deeply into this topic in this Unlocking Success: The Crucial Role of Culture podcast episode.

Key Highlights:

· The Impact of Managers on Company Culture

· Collaborative Partnership: HR and Compliance Driving Reporting

· The Role of Managers in Shaping Culture

Join us tomorrow, where we consider how to monitor culture going forward.

Unlocking Success: The Crucial Role of Culture in Compliance: Part 2 – Viktor Culjak on Assessing Culture

Tue, 19 Sep 2023 05:00:00 -0000

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 2, we visit with Viktor Culjak to discuss assessing culture.

Viktor Culjak is a chartered accountant with a strong finance, audit, and risk consulting background. Currently serves as the Director of Customer Success and Services at Diligent. With a decade of experience in the Big Four and a focus on governance, risk, and compliance (GRC) objectives, Viktor firmly believes in assessing and managing organizational culture as a risk factor. He views culture as a dynamic risk that can have significant consequences if not properly managed and advocates for standardized and benchmarked culture assessments to provide valuable insights for risk management. Viktor emphasizes the need for practical guidance on implementation, highlighting the significance of tone at the top and other artifacts such as policies, procedures, and feedback mechanisms in culture assessments. Join Tom Fox and Viktor Culjak as we delve deeper into assessing culture on this episode of the Unlocking Success: The Crucial Role of Culture podcast.

Key Highlights:

· Assessing and Auditing Organizational Culture

· Creating a Culture of Effective Communication

· Evaluating Culture Alignment for Continuous Improvement

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture.

For more information and to book a demo, visit Diligent.com

Join us tomorrow, where we consider how to create a culture management strategy.

Unlocking Success: The Crucial Role of Culture in Compliance: Part 1 – Yvette Hollingsworth-Clark on What is Culture?

Mon, 18 Sep 2023 05:00:00 -0000

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 1, we ask what culture is with our special guest, Yvette Hollingsworth-Clark.

Yvette Hollingsworth-Clark, a seasoned professional in the financial services industry, currently holds the position of Chief Compliance Officer for State Street Corporation. With a robust background in risk management, Yvette has cultivated a deep understanding of the significance and measurement of corporate culture in the financial sector. She asserts that corporate culture should not be solely managed by the compliance function but rather owned by the C-suite and executed in various forms. Yvette emphasizes the need for specific metrics to monitor and promote desired cultural values, such as integrity. She believes culture can be measured through metrics such as the number of risk decisions overruled, challenged, or implemented correctly. She also highlights the importance of considering stakeholders such as customers, clients, and third parties when assessing corporate culture. Join Tom Fox and Yvette Hollingsworth-Clark on this episode to delve deeper into this topic.

Key Highlights:

Measuring and Managing Corporate Culture in Finance
Shaping Corporate Culture: Board’s Key Role
The Nuances of Assessing Organizational Culture

Join us tomorrow, where we consider how to assess your culture.

Dr. Laura Purdy on Revolutionizing Healthcare: The Power and Potential of Telemedicine

Tue, 12 Sep 2023 05:00:00 -0000

Telemedicine in the Army has become crucial in providing healthcare to remote and deployed soldiers. Dr. Laura Purdy, a family medicine physician with a military background, has been at the forefront of this innovation. Telemedicine allows doctors to provide care remotely, improving access to healthcare in rural areas with limited services. However, the insurance industry's lack of understanding hinders acceptance of telemedicine. Dr. Purdy encourages patients to try telemedicine, especially cash pay services, for more control over their healthcare choices. Scaling up a telehealth company requires careful consideration of being cash pay or accepting insurance. Regulatory challenges in telehealth include physician licensing, state laws, legal standards, and controlled substances. The future of telemedicine involves seamless integration of virtual and in-person care. Dr. Purdy's company, AfD Health System, aims to provide accessible care and educational content through Instagram and a developing website. Overall, telemedicine has the potential to revolutionize healthcare delivery, but it requires greater acceptance, understanding, and comprehensive regulation.

Key Highlights

· Telemedicine in the Army

· Telemedicine: Improving Access to Healthcare

· Challenges in Telehealth Regulation

· The Future of Telemedicine

· AfD Health System

Resources

Dr. Laura Purdy on LinkedIn

Tom Fox

Oshri Cohen on the Role of a CTO in Compliance

Tue, 29 Aug 2023 05:00:00 -0000

The role of a Chief Technology Officer (CTO) in compliance and data governance is explored in this podcast episode between Tom Fox and Oshri Cohen. They discuss the varying responsibilities of a CTO based on company size, with larger organizations focusing on strategic planning while smaller organizations have the CTO as the head engineer. The importance of the CTO in managing risks, particularly in industries like healthcare and finance, is emphasized, along with the role of the board in providing oversight. The conversation also delves into the significance of data strategy, compliance, and data governance, emphasizing the need for collaboration between the CTO and the Chief Compliance Officer (CCO). Technical due diligence and the establishment of a data commission within organizations are suggested as strategies for effective data governance. Overall, the conversation highlights the crucial role of the CTO in ensuring compliance and protecting sensitive information.

· The Role of a CTO in Compliance

· Data Strategy and Compliance

· Data Governance Challenges

· Data Governance and Startups

· Risks in System Audits

Resources

Oshri Cohen on LinkedIn

Tom Fox

Chris Lehman on Navigating the Wild West: Digital Compliance Strategies

Tue, 22 Aug 2023 05:00:00 -0000

The conversation focuses on the shift in communication channels from email to platforms like Slack and social media, highlighting the human factor as the biggest risk in compliance strategies. Lehman emphasizes the need for companies to prioritize compliance and good corporate governance in these new communication channels. To manage risk, companies should treat digital compliance as a risk management process, gaining visibility into employee communication tools, establishing policies, training employees, and utilizing technology.

We also highlight the tension between compliance teams and line of business teams, emphasizing the need for compliance teams to be enablers and strategic partners. The conversation references recent SEC enforcement actions and the importance of taking action to enforce compliance. Overall, digital compliance and governance are crucial in the modern business landscape, and utilizing technologies like monitoring tools and natural language understanding can help businesses stay secure and compliant in the digital age.

Highlights Include:

· Safeguard Cyber: Securing Digital Communications

· Managing Risk in Digital Compliance

· Managing Risk in Compliance

· Digital Compliance and Governance

Resources

Chris Lehman on LinkedIn

Tom Fox

Travis Howerton on Automating Security & Compliance

Tue, 08 Aug 2023 05:00:00 -0000

In this episode, Tom welcomes back Travis Howerton and they explore the importance of NIST 800-53 Rev. 5, the latest version of the National Institute of Standards and Technology's security guidance for organizations. With new controls to address privacy and a heightened focus on supply chain and third-party risk, this version of the NIST standard is essential for organizations to access government contracts and revenue and is increasingly important to protect organizations from cyberattacks. Automation is also becoming increasingly necessary to help organizations meet these standards, highlighting the need for continuous improvement of security measures. This episode goes in-depth on NIST 853 Rev Five, making it a must-listen for organizations looking to stay secure and compliant.

The US government is increasingly turning to automation and AI to meet its security and compliance standards. With the transition of FedRAMP from guidance to law, companies are now required to use it and meet certain cybersecurity standards to do business with the US government. NIST 800-53 Rev. 5 addresses regulatory change around privacy with GDPR and other things and includes new control families and changes to existing ones.

As the government continues to revise its standards, the need for automation is becoming increasingly important. The National Institute of Standards and Technology (NIST), a standards body within the federal government, is working with the Open Security Controls Assessment language (OSCAL) team to develop standards. NIST has interacted closely with the OSCAL team, creating an open-source repo on GitHub and building communities of interest. Additionally, NIST works with other government agencies, tool providers, and industry to develop standards.

FedRAMP provides clarity of goal for vendors and customers but is expensive and time consuming to achieve. Cybersecurity is no longer a cost center, but a requirement to do business with the US government. The Department of Defense requires companies to meet certain cybersecurity standards to do business with them. Other agencies are taking similar stances in regard to cybersecurity. Companies are now required to have a compliance program to do business with them. Cybersecurity is now seen as one of the top risks to businesses, causing legal risk, revenue loss, and embarrassment.

Key Highlights

· NIST 800-53 Rev. Five

· NIST and FedRAMP

· Cybersecurity Requirements

· Cybersecurity Regulations

· Continuous Improvement of Standards

Resources

Travis Howerton on LinkedIn

Tom Fox

Messaging Compliance in a Shifting Regulatory Landscape: Part 5- Stay Ahead of Regulations

Fri, 30 Jun 2023 05:00:00 -0000

Is messaging compliance giving your compliance function headaches. Welcome to a special 5 part podcast post series messaging compliance in a shifting regulatory landscape, sponsored by Global Relay. Over this series I have visited with Chip Jones Executive Vice President, Compliance and Business Development at Global Relay; Alex Viall, Director, Regulatory Intelligence at Global Relay; Rob Mason, Director, Regulatory Intelligence at Global Relay; Jennie Clarke, Head of Content at Global Relay; and Raewyn Danvers, Sales Manager in Business Development for the Global Relay App. We have considered the the US and UK regulartory framework for messaging apps, consider if business innovation being stifled by regulatory action, preview the Global Relay Report: Compliant Communications in 2023, and look down the road on how to stay Ahead of regulation with the compliant communications in one app. In our concluding Part 5, I visit with Raewyn Danvers, Sales Manager in Business Development for the Global Relay App on how to stay ahead of regulations.

In this fifth episode in a 5-part series, host Tom Fox and guest Raewyn Danvers discuss how compliance professional can stay ahead of regulatory compliance technology trends. In their conversation, Raewyn highlights the growing significance of mobile messaging in compliance, especially with millennials and Gen Z entering the workforce. They also discuss the pros and cons of using corporate devices versus bring your own device (BYOD) policies in the workplace, before introducing Global Relay as a solution for managing and archiving communication data in a compliant manner. As a long-term partner in compliance, Global Relay offers dedicated onboarding specialists and account representatives to ensure customers stay on top of the latest technology trends. Interested in learning more? Check out Global Relay's website for a demo today!

Key Highlights

· Trends in Mobile Messaging Compliance Technology

· Adapting to Technology for Workforce Retention

· Corporate Devices v. BYOD

· Global Relay's Technology Integration and Data Management

For more information go to Global Relay.

Messaging Compliance in a Shifting Regulatory Landscape: Part 4- Global Relay Industry Insights Report

Thu, 29 Jun 2023 05:00:00 -0000

Is messaging compliance giving your compliance function headaches. Welcome to a special 5 part podcast post series messaging compliance in a shifting regulatory landscape, sponsored by Global Relay. Over this series I will visit with Chip Jones Executive Vice President, Compliance and Business Development at Global Relay; Alex Viall, Director, Regulatory Intelligence at Global Relay; Rob Mason, Director, Regulatory Intelligence at Global Relay; Jennie Clarke, Head of Content at Global Relay; and Raewyn Danvers, Sales Manager in Business Development for the Global Relay App. Over this series, we will consider the the US and UK regulartory framework for messaging apps, consider if business innovation being stifled by regulatory action, preview the Global Relay Report: Compliant Communications in 2023, and look down the road on how to stay Ahead of regulation with the compliant communications in one app. In this Part 4, I visit with Jennie Clark on the recently released Global Relay Report: Compliant Communications in 2023.

In this fourth episode in a 5-part series, host Tom Fox has a fascinating interview with Jennie Clark, Head of Content at Global Relay. They discuss the recently released report on compliant communication and fines faced by companies. Discover how they gathered information from customers and industry experts to contextualize these findings. Find out why 59% of respondents from regulated industries, particularly financial services, have banned apps such as WhatsApp and WeChat. Explore the more creative solutions discussed in the report, including the idea of corporate-issued devices rather than BYOD. Gain insights into communication compliance challenges and how education and training around compliance culture can help employees understand the consequences of non-compliance. Don't miss out on this insightful conversation on Global Relay Industry Insights Report.

Key Highlights

· Global Relay's "Compliance Communications 2023" Report

· Regulating Communication Channels in Businesses

· Communication Compliance Challenges and Business Opportunities

For more information go to Global Relay.

To obtain a copy of the Insights Report, Compliance Communications 2023, click here.

Join us in our concluding episode where we discuss Compliant Communications in One App

Messaging Complinace in a Shifting Regulatory Landscape: Part 3- Regulatory Changes on the Horizon for UK Firms

Wed, 28 Jun 2023 05:00:00 -0000

Is messaging compliance giving your compliance function headaches. Welcome to a special 5 part podcast post series messaging compliance in a shifting regulatory landscape, sponsored by Global Relay. Over this series I will visit with Chip Jones Executive Vice President, Compliance and Business Development at Global Relay; Alex Viall, Director, Regulatory Intelligence at Global Relay; Rob Mason, Director, Regulatory Intelligence at Global Relay; Jennie Clarke, Head of Content at Global Relay; and Raewyn Danvers, Sales Manager in Business Development for the Global Relay App. Over this series, we will consider the the US and UK regulartory framework for messaging apps, consider if business innovation being stifled by regulatory action, preview the Global Relay Report: Compliant Communications in 2023, and look down the road on how to stay Ahead of regulation with the compliant communications in one app. In this Part 3, I visit with Rob Mason on the current and upcoming UK regulatory landscape.

In this third episode in a 5-part series, Tom Rob Mason, Director of Regulatory Intelligence at Global Relay. In this episode, Rob shares his experience, having worked with Lloyds Banking Group, UBS and the UK's conduct regulator. The podcast delves into current UK regulatory priorities, data protection issues, and the importance of operational risk management, compliance and surveillance in the banking industry. Hear Rob's insights on the evolution of the remit of the FCA, the role of monitoring communication effectively without breaching data privacy, Brexit and data protection issues, and the need for closer monitoring to avoid scandals. If you want to learn from industry experts and how to manage risk and compliance, tune in to UK Regulatory Landscape.

Key Highlights

Latest UK Regulatory Priorities
Comparison of FCA and SEC Regulations
Data Protection and Operational Resilience in the UK
Impace of the Merger of Credit Suisse and UBS
Closing Remarks and Website Invitation

For more information go to Global Relay.

Join us in our next episode where we look at the Global Relay Report: Compliant Communications in 2023.

Messaging Compliance in a Shifting Regulatory Landscape: Part 2- Is Business Innovation Being Stifled by Regulatory Actions?

Tue, 27 Jun 2023 05:00:00 -0000

Is messaging compliance giving your compliance function headaches? Welcome to a special 5 part podcast post series, messaging compliance in a shifting regulatory landscape, sponsored by Global Relay. Over this series I will visit with Chip Jones Executive Vice President, Compliance and Business Development at Global Relay; Alex Viall, Director, Regulatory Intelligence at Global Relay; Rob Mason, Director, Regulatory Intelligence at Global Relay; Jennie Clarke, Head of Content at Global Relay; and Raewyn Danvers, Sales Manager in Business Development for the Global Relay App. Over this series, we will consider the the US and UK regulartory framework for messaging apps, consider if business innovation being stifled by regulatory action, preview the Global Relay Report: Compliant Communications in 2023, and look down the road on how to stay Ahead of regulation with the compliant communications in one app. In this Part 2, I visit with Alex Viall to explore the interestion of regulation and innovation.

In this second episode in a 5-part series, Tom visits with UK regulatory compliance expert, Alex Viall, in this thought-provoking podcast as they discuss the dynamics between business innovation and regulatory compliance. Discover how the evolution of technology is causing a generational shift in communication and how this impacts businesses in the industry. Hear about the importance of capturing conversations and messages for law enforcement purposes and the need for policies and procedures to manage risks effectively. Don't miss the expert insights on practical solutions, training, and monitoring policies to stay compliant. Tune in now and learn why banning communication isn't the answer, and how a proactive attitude can lead to better risk management and regulatory compliance.

Key Highlights

· Balancing Innovation and Compliance in Messaging

· Challenges of Ephemeral Messaging in Business

· Communications Compliance and Training for Business Conversations

· Overcoming Ineffectiveness of Communication Bans

For more information go to Global Relay.

Join us in our next episode where we look at the current UK regulatory landscape for messaging apps.

Supply Chain Cyber Risk Management with Steve Horvath

Tue, 27 Jun 2023 04:01:00 -0000

Imagine a world where your organization is constantly at the risk of a cyber-attack, yet no solution seems fully secure. In this episode of Innovation In Compliance, host Tom Fox and guest Steve Horvath explore the complex landscape of supply chain cyber risk management. They explore the high-profile breaches of Home Depot and Target, as well as the critical importance of frameworks like the NIST Cybersecurity Framework. Steve delves into the challenges faced by organizations, the need for effective risk management strategies, and the evolving landscape of cybersecurity in public and private sectors.

Steve Horvath is a seasoned cybersecurity expert who has spent nearly two decades at Telos, a prominent cybersecurity firm focused on protecting government and industry networks. Since joining Telos in 2006, Steve has been instrumental in developing cybersecurity strategies and services for various elements of the U.S. federal government, including the intelligence community and the Department of Defense. Today, he leads the way in driving compliance and risk management initiatives with a focus on innovative solutions like Xacta.

You’ll hear Tom and Steve discuss:

Telos' platform, Xacta, began as a web-based application focused on facilitating the rigorous compliance activities of federal standards, and has since evolved into a sophisticated platform for managing cybersecurity risks.
Cybersecurity risk is unique and highly challenging, and unlike other forms of risk, it doesn't lend itself to transference. Insurance policies won't save an organization from a devastating cyber attack.
Many organizations, particularly public ones, need to shift their mentality from accepting some level of risk to striving for robust cybersecurity operations that minimize risk as much as possible.
Education at the board level about the threats and implications of cybersecurity is a crucial yet often overlooked factor. The conversation around this is gaining traction, with initiatives such as the SEC's rule about having a board member with a cybersecurity background.
The Home Depot and Target hacks brought widespread attention to cybersecurity risks, highlighting the need for organizations to be proactive in managing threats and vulnerabilities.
The NIST Cybersecurity Framework provides a practical and easily understood framework for organizations to assess and improve their cybersecurity posture. It enables effective communication between security operators and the board, fostering a common language and understanding.
Supply chain cybersecurity is a critical concern, particularly for software and IT hardware sourcing. Having a software bill of materials and understanding the ingredients within the software helps organizations assess their exposure and potential vulnerabilities.
Network attack services refer to understanding an organization's attack surface and identifying potential points of ingress or exfiltration of data. Mitigating risks, such as phishing attacks, requires robust security education programs for users.
Creating an actionable cyber intelligence strategy involves having the right stakeholders and roles within the organization, selecting a suitable framework (such as NIST or ISO standards), and ensuring continuous validation and improvement of cybersecurity measures.

KEY QUOTE:

“You really have to do exceptional cybersecurity operations, and the best way to influence cybersecurity operations… is having some teeth behind a set of conditions and compliance requirements that guide you toward making the best decision…" - Steve Horvath

Resources:

Steve Horvath on LinkedIn | Twitter

Messaging Complinace in a Shifting Regulatory Landscape: Part 1- The Future is Now: U.S. Regulatory Compliance

Mon, 26 Jun 2023 05:00:00 -0000

Is messaging compliance giving your compliance function headaches? Welcome to a special 5 part podcast post series, messaging compliance in a shifting regulatory landscape, sponsored by Global Relay. Over this series I will visit with Chip Jones Executive Vice President, Compliance and Business Development at Global Relay; Alex Viall, Director, Regulatory Intelligence at Global Relay; Rob Mason, Director, Regulatory Intelligence at Global Relay; Jennie Clarke, Head of Content at Global Relay; and Raewyn Danvers, Sales Manager in Business Development for the Global Relay App. Over this series, we will consider the the US and UK regulartory framework for messaging apps, consider if business innovation being stifled by regulatory action, preview the Global Relay Report: Compliant Communications in 2023, and look down the road on how to stay Ahead of regulation with the compliant communications in one app. In this Part 1, I visit with Chip Jones on the current US regulatory landscape for messaging apps.

In this first episode in a 5-part series, Tom visits with Chip Jones, Executive VP of Compliance and Business Development at Global Relay. They discuss the challenges of maintaining communication compliance in various industries, with a focus on off-channel communications, particularly in the financial services industry. Chip shares insights on the recent collective settlement issued by the SEC, which sends a clear message to firms about the importance of adhering to internal policies on communication retention and supervision. Learn about how Global Relay is helping firms monitor their communications to detect fraudulent activities and avoid compliance issues. Don't miss this informative podcast, which ends with a teaser for the next episode on the impact of regulatory action on business innovation.

Key Highlights

· The Challenges of Regulatory Compliance in the US

· SEC enforcement actions on communication violations

· Monitoring Electronic Communications in Financial Services

· Off-channel Communications Consequences

For more information go to Global Relay.

Join us in our next episode where we ask the question: Is business innovation being stifled by regulatory action?

Part 5 - David Greenberg on the Role of the Board

Fri, 23 Jun 2023 05:00:00 -0000

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this concluding Part 5, we consider the role of the Board of Directors in a compliance program with David Greenberg.

In this episode, Greenberg discusses the board’s legal obligations, emphasizing their duty to exercise reasonable oversight over potential misconduct and failures of compliance with law and policy. The podcast also delves into the importance of integrating compliance programs into a company’s overall strategy and developing strong relationships with senior management, such as the chief legal officer or chief compliance officer. Listeners will learn the importance of finding the right committee to oversee compliance obligations and utilizing outside experts for insight and guidance. This conversation is essential for board members and executives who want to ensure accountability, initiate change, and drive organizational success. Don’t miss out on this informative and engaging episode of “The Role of the Board” episode.

Key Highlights:

Legal obligations and oversight for corporate boards
Importance of integrating compliance into the company culture
Board Oversight and Relationship Building with CCO
The Significance of Outside Perspectives for Boards

Notable Quotes:

“There is a strong obligation on boards to exercise reasonable oversight over all potential misconduct and failures of compliance law and policy should a reasonable board has known and taken steps…should that body have known and should it have done more than it did.”

“Boards principally should be asking tough questions and following up on those questions.”

“Anything that is not integrated into the real levers and machinery of the business will not be successful.”

“That chief compliance officer who knows the head of the audit committee or compliance committee or governance committee is much more able and comfortable picking up the phone and saying to the chair, Houston, we’ve got a problem.”

For more information go to Diligent.com

Part 4 - Andrew Rincón on a Training Program for 3rd Parties

Thu, 22 Jun 2023 05:00:00 -0000

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 4, we discuss how to put together a training program for third parties with Andrew Rincon.

Join Tom Fox in an exciting episode about building a stronger culture of compliance through targeted and effective training as he interviews Andrew Rincón. Discover how the compliance industry has evolved and how technology has significantly improved compliance programs. Find out how efficient compliance processes create goodwill for compliance professionals and make them true partners of the business with the help of technology and reliable due diligence partners. Andrew Rincón shares Diligent’s screening and monitoring options for third-party suppliers and the customized anti-bribery and anti-corruption training, available in multiple languages, also perfect for bite-sized, animated micro-learnings. Tune in to learn how to educate distributors and internal gatekeepers on compliance and useful resources for compliance professionals, only on a training program for 3rd parties.

Highlights Include:

The Role of Compliance with Distributors
Efficient Due Diligence for Distributors
Diligent’s Anti-Bribery and Sanctions Screening Solutions
Compliance Training & Internal Controls for Distributors

NOTABLE QUOTES:

“And commission sales agents are certainly recognized as, if not the highest, a high risk, under the FCPA and other compliance regimes.”

“One area the thinking has evolved on, and it sounds like your career and my career, is that due diligence alone is insufficient.”

“So being as efficient as a process. And nowadays, everything moves at the speed of light.”

“But nowadays, with the amount of information that gets published every single day throughout the world, where there’s so much content out there.”

For more information, go to Diligent.com

Join us tomorrow as we conclude our series with a look at the role of the Board of Directors in a compliance program.

Part 3 - Jessica Czeczuga on Defining the Effectiveness of Compliance Training

Wed, 21 Jun 2023 05:00:00 -0000

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 3, we consider the always challenging topic of defining training effectiveness with Jessica Czeczuga.

In this episode, Tom sits down with Kevin McCoy, a customer success manager at Diligent, to talk about the importance of targeted training in compliance. They dive into the importance of engaging employees through microlearning and Diligent’s unique use of cartoon-animated videos to make the content accessible to different audiences. They also discuss the significance of translating the training into different languages and tailoring it to specific risk areas for different teams. The podcast emphasizes that training leadership and the board in compliance is crucial, and they touch on risk-based training for individuals with a significant impact on the company’s financials. This episode is a must-listen if you want to discover the best strategies for planning and analyzing training to achieve desired outcomes and where to find more information about Diligent training solutions. Join them for the next episode on training effectiveness and improving compliance today.

Key Highlights:

Targeted Training in Compliance & Ethics
Effective and Targeted Training Translation
Training and Leadership in High-Risk Industries
Effective Training Planning and Execution

Notable Quotes

“It’s very important then to have your content translated into different languages.”

“There’s a lot of progress has been made over the years with machine translation and also AI is getting very popular, but we still use human-based translators.”

“But within the board or within leadership within the company, he was almost untouchable. It was like he built up fear in the organization, and people were actually afraid to ask questions.”

“The really important thing is to have versatile different types of training.”

For more information, go to Diligent.com.

Join us in our next episode, where we define the effectiveness of compliance training.

Part 2 - Kevin McCoy on the Value of Targeted Training

Tue, 20 Jun 2023 05:00:00 -0000

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 2, we consider the importance of targeted training Kevin McCoy.

Key Highlights:

Targeted Training in Compliance & Ethics
Effective and Targeted Training Translation
Training and Leadership in High-Risk Industries
Effective Training Planning and Execution

Notable Quotes

“It’s very important then to have your content translated into different languages.”

“There’s a lot of progress has been made over the years with machine translation and also AI is getting very popular, but we still use human-based translators.”

“But within the board or within leadership within the company, he was almost untouchable. It was like he built up fear in the organization, and people were actually afraid to ask questions.”

“The really important thing is to have versatile different types of training.”

For more information, go to Diligent.com.

Join us in our next episode, where we define the effectiveness of compliance training.

Digital Commerce-Authentication and Access Management with Paul Trulove

Tue, 20 Jun 2023 04:01:00 -0000

In this rapidly evolving digital world, identity is at the heart of our personal and professional lives. On this week's episode of Innovation In Compliance, Tom Fox and guest Paul Trulove, CEO of SecureAuth, explores the world of digital commerce, specifically delving into the realms of authentication and access management. Paul shares his insights on the evolution of the identity and access management space, the role of authentication in our daily lives, and the Zero Trust Initiative.

Paul Trulove is an expert in the identity and access management space, with an illustrious career spanning over 15 years. In his early career, he joined the startup SailPoint Technologies, where he helped the company evolve into a leading figure in identity governance and administration. Paul has seen and contributed to the changes within the industry up to this point where identity risk management has become a core element of our digital lives. Currently, as the CEO of SecureAuth, he oversees the company's focus on authentication and access management.

You’ll hear Tom and Paul discuss:

Paul describes what authentication and access management entails and how it impacts our daily digital interactions.
SecureAuth is revolutionizing the authentication landscape, focusing on passwordless authentication and multi factor authentication to enhance security and reduce friction for end-users.
Continuous authentication is a new approach that significantly reduces the friction that a user experiences during authentication and offers varied authentication methods based on the level of risk.
Tom and Paul discuss the Zero Trust Initiative. This paradigm shift in security is based on the principle of trusting no one and verifying everyone, which has led to identity and access management becoming central to a zero-trust mindset.
Next generation authentication will lean heavily towards the principles of zero trust, passwordless authentication, and continuous authentication, Paul says. He predicts that the use of artificial intelligence and machine learning will greatly advance authentication processes, helping process more data in real time and make better decisions regarding access.
Paul suggests that authentication and access management has a large role in helping organizations comply with GDPR and other privacy requirements.
He views GDPR as a necessary step rather than a barrier to doing business in the EU, emphasizing that protecting consumer data is an essential cost of doing business.
Companies need to carefully consider their data collection, protection, and usage practices to maintain consumer trust and comply with regulations.

KEY QUOTES:

“Authentication and access management is a core discipline on how we let people get access to the things that they need access to in applications, data, repositories, platforms, infrastructure. Really you use authentication probably 10, 15, 20 times a day as you log into various systems... Everything that we do in our digital lives today is kind of bound by authentication. It is just a validation of who I am as a person and what I'm supposed to have access to on the back end." - Paul Trulove

"Next generation authentication is going to continue to bind to that zero trust mindset of no longer implicitly trusting someone who says they are who they say they are. We're going back to a model that says every single time you interact with a digital asset, I want to have a high level of assurance you are who you say you are." - Paul Trulove

"But between now and 2030, people are going to have to plan ahead for what kinds of data they are collecting, how they're collecting it, and ultimately how they're protecting it and utilizing that. Otherwise they are going to run afoul of not just regulations, but maybe consumer trust. " - Paul Trulove

Resources:

Paul Trulove on LinkedIn

SecureAuth

Part 1 - Kunal Agrawal on the Importance of Ongoing Communications

Mon, 19 Jun 2023 05:00:00 -0000

Get ready to learn about Building a Stronger Culture of Compliance Through Targeted and Effective in a 5 part podcast post series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 1, we consider the importance of ongoing communications with Kunal Agrawal.

In this episode, Tom Fox visits Kunal Agrawal, the Director of Customer Success at Diligent, about the importance of ongoing communications. Kunal shares his extensive background in technology and customer success and explains how his team helps customers with their day-to-day challenges. The podcast focuses on the significance of ongoing communication in compliance, and Kunal stresses the importance of maintaining a consistent cadence in communication to keep the momentum going. The podcast speakers discuss the use of humor in communication and how it differs based on cultural differences. They also emphasize the importance of understanding guidelines to prevent the compromise of sensitive information. This podcast is packed with valuable insights that will help you improve compliance in your organization. To listen to the full episode, head over to diligent.com!

Key Highlights:

The importance of communication cadence in compliance
Importance of Communication Cadence
Effective Communications for Compliance Professionals
Compliance with Sensitive Information

Notable Quotes:

“But you take a little bit different approach, and you help clients think about the ongoing part of ongoing communications. And frankly, I’ve never met anyone who talked about that approach.”

“I think having a certain workflow and, as you said, a cadence is equally important. The number one priority is your annual training, which is extremely important, and you need to do it.”

“If there is a pattern to a cadence, then people know what to expect and when.”

“If something goes wrong and if any single person in the organization doesn’t understand the guidelines, and in the processes around this, it can reveal compensation data or even health care data and compromise so much information in the world, which can land into hands of the people you don’t want them to get access to.”

For more information go to Diligent.com.

Join us in our next episode where we consider the value of targeted training.

Perspective is Power with Zoe Routh

Tue, 13 Jun 2023 04:01:00 -0000

Leadership is not about position, but perspective. On this episode of Innovation In Compliance with Tom Fox, guest Zoe Routh shares how her deep connection with the wilderness informs her leadership principles and the importance of shared experiences and real interactions. She and Tom delve into her central belief that perspective is power, how to cultivate an explorer mindset, and the importance of adaptability in a rapidly changing world.

Zoe Routh is a leadership development expert based in Australia. Her career began in the great outdoors, leading canoe trips at a summer camp in Canada, where she discovered her passion for understanding human dynamics in a wilderness setting. This led her to Outward Bound Australia, where she spent nine years honing her leadership and personal development skills. For more than 35 years, Zoe has been working in this field, folding her love for wilderness adventure into her leadership programs. She is the author of multiple books and is dedicated to examining the future of leadership and how we can best prepare for what's next.

You’ll hear Tom and Zoe talk about:

The powerful impact of an “explorer mindset" on individuals, teams, and organizations. Zoe encourages actively seeking new inputs and different perspectives.
The significance of mapping in leadership: you can use personal maps to understand individual behavior preferences, team maps to appreciate collective dynamics, and idea maps to chart out problems and possibilities.
Experiences in the outdoors can foster authentic communication, real connections, and contribute to a heightened leadership consciousness.
Adapting involves adopting new behaviors, ideas, and beliefs to meet future challenges. Zoe remarks that it’s important to shift from constantly being in disaster recovery mode to being proactive and adapting to potential changes. This includes anticipatory thinking and developing the skills to better prepare for the future.
By seeing challenges and opportunities from multiple perspectives, we can avoid a tunnel vision approach to problem-solving and goal pursuit.
Using a root cause analysis as part of leadership training can teach leaders to dig into the causes of a problem and find opportunities for change within an organization, by tracing effects, identifying causes, and suggesting interventions.
Zoe explains the use of tools such as Values Mapping to understand the diversity, complexity, and maturity of values within a team, and the Culture Compass to determine the behaviors that are acceptable and those that aren't in a team dynamic.
Zoe discussed her new book, The Olympus Project, which is a near-future science fiction book set in a climate ravaged environment. The central concept of the book revolves around a new industry of "world designers" who create human environments to contend with the changing climate. It explores larger themes of leadership and community building in a challenging environment and looks at how we can create environments and systems to facilitate leadership development and community harmony.

KEY QUOTES:

“One of the things that I believe very strongly that we need to embrace is that perspective is power in leadership. What I mean by that is when we see more, we can lead better." - Zoe Routh

"Adapting is about adopting new behaviors, new ideas, new values and beliefs so that we can better meet what's coming for us on the horizon." - Zoe Routh

"So between those two things, the Values Mapping and the Culture Compass, we have a way of doing things that will help advance our goals and our mission while keeping the people safe, intact and productive and healthy and happy at work. And that's really what we want, right? We spend so much time at work, it's so important that we feel happy and safe and that we enjoy what we're doing." - Zoe Routh

Resources:

Zoe Routh on the Web | LinkedIn | Twitter | Facebook | Instagram

Zoe Routh Leadership Podcast | The Olympus Project | People Stuff

Passion, Podcasting and Perspective with Eli Marcus

Tue, 06 Jun 2023 04:01:00 -0000

Exploring the most intriguing minds and their stories can motivate us. In this episode of Innovation In Compliance, host Tom Fox talks with Eli Marcus, a fellow member of the C-Suite Network and a prominent figure in the self-help sector. They delve into Marcus's career, his transition from the world's largest seminar company owner to a celebrated podcaster, and his unending quest for knowledge and personal development. They also dissect the intimate power of podcasting and the significance of asking the right questions.

Eli Marcus has a passion for self-help and motivation. Growing up as a "non-fiction self-help geek," Eli found solace and guidance in books, which later fueled his entrepreneurial spirit. He went on to establish the Seminar Center in New York City, which quickly became the world's largest seminar company, hosting iconic figures ranging from Michael Jackson to motivational speakers like Les Brown. Marcus has embraced the transformative power of podcasting and is the host of The Motivation Show, a popular podcast within the C-Suite Network.

You’ll hear Tom and Eli discuss:

Podcasting offers a unique intimacy, fostering a one-on-one bonding experience that often reveals insights about a person's journey, interests, and perspectives that might not emerge in other formats.
“The quality of your life is determined by the quality of the questions you ask,” Eli says. He encourages listeners to probe deeper and not shy away from asking challenging questions.
Success doesn't come from a one-off motivational boost. Instead, it's about constant learning, repetitive practice, and reaching a tipping point that significantly alters your perspective.
Eli’s approach to his podcast involves asking the questions that pique his curiosity most; he believes his audience will share this curiosity.
Passion is integral to making engaging podcasts, as it resonates with listeners even on an audio level.
Eli's favored guests are individuals who are well-known or have a large audience. However, he also looks for fascinating individuals, regardless of their following.
Learning deep things and understanding the perspectives of others can help you complain less and appreciate more.
The perspective of "Don't sweat the small stuff" is valuable, and most things, in reality, are small stuff, excluding significant life events like the death of a loved one.
Celebration and positivity even in times of grief can be a powerful coping mechanism.

KEY QUOTES:

“The quality of your life is determined by the quality of the questions you ask." - Eli Marcus

"I always wanted to stay in the self help game, right? How can I do this in the easiest way and just get started? And that's the beauty of being able to do the podcast." - Eli Marcus

"It's not like you drink water once and you're good for the rest of the year. The same thing with motivation or learning. You just got to keep learning over and over again. And sometimes what Malcolm Gladwell calls the tipping point, you need maybe 1000th time or repetition finally before it sinks in and it tips things over your way. " - Eli Marcus

Resources:

Eli Marcus on LinkedIn | Instagram | Twitter | Email

Cybersecurity Today and Tomorrow with Patrick Hynds

Tue, 23 May 2023 04:01:00 -0000

Cybersecurity isn't just the business of the future - it's the war of today. In this episode of Innovation In Compliance, Tom Fox and guest Patrick Hynds, CEO of Pulsar Security, delve into the world of cybersecurity and its implications for organizations of all sizes. From ransomware threats to the role of government in this expanding battlefield, Patrick discusses the evolution of cyber attacks, the importance of ongoing vigilance, and practical steps businesses can take to defend themselves. Patrick unpacks the concept of the 'Pyramid of Threats', and discusses why continuous network maintenance is crucial for cybersecurity. He also shares his predictions on the future of global cyber threats.

Patrick Hynds is a veteran-turned-technology entrepreneur with a distinct perspective on cybersecurity. An alumnus of the prestigious military academy at West Point, Patrick served as an infantry officer in the first Gulf War. His early affinity for programming, paired with the perspective gained from his military experience, propelled him into the field of technology. In 1996, he incorporated his company, Pulsar Security, which today is a leading provider of penetration testing services, enabling organizations to identify and address their vulnerabilities.

Tune in to hear Tom and Patrick talk about:

Cybersecurity is a necessity in today's interconnected world, impacting entities ranging from billion-dollar corporations to individual users.
Pulsar Security offers penetration testing or Red Team services, effectively operating as 'hackers for hire' to identify potential vulnerabilities in client organizations.
Cyberattacks are a persistent risk that need to be managed strategically, not just identified. It affects even the smallest organizations and individuals.
Pulsar Security's new product, Cyber Shield, is designed to help smaller organizations manage their cybersecurity at an affordable level.
There is a significant shortage of cyber engineers in the industry, with an estimated 3 million positions unfilled worldwide.
Awareness and education are key in enhancing cybersecurity. Simple actions like enabling two-factor authentication, managing passwords effectively, and regular patching can greatly improve security.
The role of government in the cyber realm is evolving, with agencies like SISA and NIST offering resources and guidelines to help organizations enhance their security posture.
Patrick and his team developed the "Pyramid of Threats" to help people envision the cybersecurity risks they face:
The bottom layer of this pyramid includes script kiddies who use easily obtainable scripts to exploit vulnerabilities in systems, often leading to data theft and sales on the dark web.
The next level up includes people with personal grudges who are tech-savvy enough to launch attacks. They tend to focus on specific targets, making them potentially more dangerous than the script kiddies.
The third layer of the pyramid consists of syndicates who are primarily financially motivated. They use similar tactics to script kiddies but tend to target systems with known vulnerabilities to launch ransomware attacks, steal identities, or mine Bitcoin.

KEY QUOTES:

"For these large organizations, we provide what's called penetration testing or Red Team services. We'll attack them on a regular basis, sometimes on a continuous basis, to see where their vulnerabilities are. Because you can't see your own vulnerabilities most of the time." - Patrick Hynds

"We've developed the thing called the Pyramid of Threats. …the Pyramid of Threats is meant to try to help people envision what the risks are, who's coming after you" - Patrick Hynds

"Unfortunately, I don't think people can forget about cybersecurity. That's never going to happen. It's not thinking about a media campaign. Companies don't have that luxury because the cat's out of the bag." - Patrick Hynds

Resources:

Patrick Hynds on LinkedIn | Twitter

Pulsar Security | Podcasts

Don't Lose the Learner with Asha Palmer

Tue, 16 May 2023 04:01:00 -0000

Asha Palmer is on a mission to revolutionize the ethics and compliance profession. She joins Tom Fox in this episode of Innovation in Compliance to discuss how marrying technology with ethics and compliance can lead to unprecedented strides in the profession. She shares her new role at Skillsoft, insights on leveraging technology to support learning objectives, and why it’s important to understand different learning styles for more effective training outcomes.

Asha Palmer is the Senior Vice President of Compliance Solutions at Skillsoft, where she leads the strategy and product roadmap, delivering transformative learning experiences. She has a wealth of experience from her previous roles, including her time in the U.S. Attorney's office, as well as working at Conversant and OneTrust. A seasoned compliance professional, Asha is applying the skills she's honed throughout her career to enhance the ethics and compliance profession.

You’ll hear Tom and Asha discuss:

Technology plays a crucial role in the scalability and sustainability of the ethics and compliance profession.
Asha advocates for an understanding of different learning styles to deliver more effective training and compliance communications.
It’s important to understand the ‘why' behind business operations to drive meaningful outcomes for both administrators and learners.
Trainers need to provide a varied learning experience to cater to different types of learners, fighting the forgetting curve and ensuring information retention.
Asha stresses the importance of delivering compliance training in a way that is tailored to the audience's comfort, language, and culture.
The speed of delivery can affect comprehension, especially for non-native English speakers. As such, training should be delivered at a pace that enables learners to retain and apply the information.
Asha discusses the challenge of delivering compliance learning globally. It involves adapting to various languages, cultures, and legal and regulatory requirements.
Skillsoft updates training modules in response to new or changing regulations, and emerging risks. Their strategy includes listening to customer needs and creating a roadmap to meet those needs.
It’s important to create a sustainable ethical and compliant culture within organizations. Asha encourages open conversation and learning from successes and failures in order to improve the effectiveness of ethics and compliance programs.

KEY QUOTES:

"I have a hashtag, don't lose the learner. Because if you lose the learner, you'll never get them back." - Asha Palmer

"One of the great things I've learned is that we can't be sustainable or scalable without the help and benefit of technology." - Asha Palmer

"We listen to our customers. I talk to customers a lot. As I said earlier, if there is something that they need to educate on that we haven't thought about, we go think about it and we think about how we can effectively then present learning and engagement so that they are able to educate their employee population on that." - Asha Palmer

Resources:

Asha Palmer on Skillsoft | LinkedIn

Skillsoft

The Role of Backup Systems in Cybersecurity Defense with Curtis Preston

Tue, 09 May 2023 04:01:00 -0000

According to Curtis Preston, Chief Technical Evangelist at Druva, cyberattacks are not a matter of "if," but "when." In this episode, Tom Fox. and Curtis dive into the importance of backup systems and cyber resilience to protect against ransomware and other types of cyberattacks. Curtis shares his insights on how to limit the blast radius of an attack, why you should assume a breach, and the need to have a playbook and a cyber response team in place. They also discuss the role of state-sponsored attacks in non-kinetic warfare and the need for increased cyber resilience as we approach 2030.

W. Curtis Preston has 30 years of experience in the backup and data protection industry. He started his career at MBNA, the second-largest credit card company in 1993, and has been specializing in backup servers ever since. He is currently the Chief Technical Evangelist at Druva, where he talks, writes, and hosts podcasts about data protection systems. Curtis is also known as ‘Mr. Backup’, a moniker that he adopted while writing his first book on backups.

You’ll hear Tom and Curtis discuss:

SaaS-based data protection systems are becoming increasingly important as more companies rely on SaaS infrastructures like Microsoft 365 and Google Workspace. Companies should not count on these providers to protect their data; they should consider using SaaS-based backup systems instead.
Curtis tells Tom, “There should be security interest, as well as technical and storage and network interest. All of those interests should be reflected in the implementation of such an important system as a data protection system.”
Ransomware attackers are now targeting backup systems directly, making it crucial for companies to modernize the security infrastructure of their backup systems. They can do this by using SaaS-based systems that come with modern security features such as multi-factor authentication, triggers and alerts, and the concept of least privilege.
The inefficiencies and difficulties of a typical on-premises backup infrastructure, such as overbuilding and overengineering, can be solved by using a SaaS-based system where companies only pay for what they are actually using.
Fire drills, or ransomware drills, can help companies develop “muscle memory” and test their incident response playbook before an actual attack occurs.
Role-based administration is important to limit the blast radius in case an administrator's account is compromised. Each person involved in the backup process should have specific roles and responsibilities.
State-sponsored attacks on American businesses, especially from Russia, are increasing. It's important to beef up defenses, assume breaches, and have a playbook ready to respond to ransomware attacks.
By 2030, cyber resilience and protection topics will increase as people become more aware of cyberattacks. Passwords will be a thing of the past, and people will have to live in a world of constant cyberattacks.

KEY QUOTES:

"Today, I think the average user is so used to equipment that just works, they don't really think as much about backup and recovery, I think, as we did back in the day." - Curtis Preston

"By the way, I do think by 2030, passwords will be a thing of the past." - Curtis Preston

"It's also having a robust backup plan in place with sufficient security protocols and that when you are attacked, not if when you are attacked, they can't take your star player out, and if it all does go down, you have a way to at least build back." - Curtis Preston

Resources:

Curtis Preston on LinkedIn | Twitter

Backup Central | Druva

Improving Third-Party Risk Management with Paul Valente

Tue, 02 May 2023 04:01:00 -0000

In today's interconnected world, businesses rely on third-party vendors for various products and services. While these partnerships bring great benefits, they also expose companies to a range of risks such as cyber threats, compliance issues, and reputational damage. In this episode, Tom Fox interviews Paul Valente, the co-founder and CEO of VISO Trust. Paul shares valuable insights into how businesses can mitigate risks posed by third-party vendors, the importance of continuous monitoring, and how VISO Trust's platform helps companies manage risks effectively.

Paul Valente is the CEO and co-founder of VISO Trust, a company that provides automated third-party cyber risk management solutions. Prior to founding VISO Trust, Paul was the Chief Information Security Officer (CISO) at several companies, including Restoration Hardware, Lending Club, and ASAPP. He is a longtime technologist and security professional with experience in highly regulated industries.

You’ll hear Tom and Paul talk about:

Companies have more sensitive data on other companies' infrastructure than they do internally, which increases risk and augments the need for a robust risk management strategy.
Boards have a duty of oversight to proactively monitor their third-party risk management programs. They should also keep abreast of emerging threats.
Automation is a key component in a third-party risk management solution for cybersecurity. The standard approach of using questionnaires to assess third-party security is slow, labor-intensive, and ineffective.
VISO Trust's patented first-to-market Document Intelligence removes friction for vendors and provides a comprehensive risk assessment that tells customers everything they need to know to make qualified risk decisions about their third-party relationships.
Compliance requires auditability.
How VISO Trust helps companies manage risk after the contract is signed.
Risk management and cybersecurity data is often siloed within an organization. VISO Trust helps centralize the information by providing a dashboard where customers can have complete understanding of their overall third-party risk, and allowing them to make that data available across the organization.

KEY QUOTES:

"There's companies today that have nothing internally - that are 100% cloud native. What that means typically is that there's many copies of their data essentially with various other companies, perhaps all over the world… That just increases what we call a tax service … which just means more risk." - Paul Valente

"I think [boards] need to be asking essentially what the risks are for their organization from a cybersecurity standpoint. They need to ask for those to be regularly reported on, regularly updated, and regularly tracked. …They also need to be aware themselves, both externally as well as relying on the executives within the company to keep them aware of emerging threats." - Paul Valente

"...our dashboards essentially allow you to list all of your third-party relationships in one single place and easily report on the status of assessments as well as report on inherent risk." - Paul Valente

Resources:

Paul Valente on LinkedIn | Twitter

VISO Trust

AI - a Horizontal Approach to Business Process with Brian Sathianathan

Tue, 25 Apr 2023 04:01:00 -0000

AI is a horizontal force that can be applied to every department and industry, from retail to banking, legal to HR. The market size for AI is projected to be over $680 billion by 2030, making it one of the most significant technological advances in modern history. Brian Sathianathan, Chief Digital Officer and co-founder of Iterate.ai, joins host Tom Fox on this episode of Innovation In Compliance to discuss the transformative power of low code software and AI for enterprise transformation.

Brian Sathianathan is the Chief Digital Officer and co-founder of Iterate.ai, a company that helps large enterprises innovate faster through low code software and AI. Sathianathan began his career as a technologist at Apple, working on their secret products and later starting his own video streaming startup. He then transitioned to venture capital work before founding Iterate.ai with his co-founder John Nordmark.

You’ll hear Tom and Brian discuss these ideas:

AI is a horizontal force that can be applied to every department and industry.
Low code software, such as Iterate.ai's drag and drop software, can help large enterprises innovate faster by building AI and IoT applications 17x faster than traditional methods.
AI can be used to scale up a business by improving personalization, image recognition, and even employee hiring and termination.
AI can also be applied to supply chain optimization, route optimization, and storage optimization.
The AI market is projected to be over $680 billion by 2030, making it one of the most significant technological advances in modern history.
Business process automation is becoming more popular as it allows for the removal of repetitive tasks, freeing up time for more creative work.
Low code automation started with BPO/BPA processes and eventually expanded to other areas like enterprise applications, consumer ads, and industrial solutions.
AI is applicable in BPO processes, particularly within banks, insurance, and finance institutions, where there is a lot of data and conversion from digital data into data that can actually be understood.
AI is being used in combination with rule-based or workflow systems, and there will be more code generation and workflow generation happening in the future.
Iterate.ai advises boards on use cases and business models to transform the business and eventually work with the senior leaders to get it going.

KEY QUOTES:

"Innovation is going to be everywhere and we wanted to have a company that helps large companies innovate a lot faster. …We realized that for large companies to innovate more aggressively and more effectively, they need software that actually is connected to all these ecosystems." - Brian Sathianathan

"The beautiful thing about AI is that it's what I call a horizontal force. When you have technologies, there are vertical forces that can be only applied in one area of the business or you have horizontal forces which can be applied across the entire area of the business." - Brian Sathianathan

"Using a platform like us, you can build a Lego blocks and build a workflow very gracefully, and you can apply AI at every point of the decision-making." - Brian Sathianathan

Resources:

Brian Sathianathan on LinkedIn | Twitter | Email

Iterate.ai

Building Trust Through Compliance with Girish Redekar

Tue, 18 Apr 2023 04:01:00 -0000

Building trust is a key component of any successful business, but in today's world, trust is increasingly linked to compliance. On this episode of Innovation in Compliance, Tom Fox hosts Girish Redekar, co-founder and CEO of Sprinto. Girish shares his insights on the overwhelming nature of compliance, the benefits of frameworks like SOC 2 and ISO 27001, and the importance of building trust through compliance.

Girish Redekar is the co-founder and CEO of Sprinto, a software company that provides an automated solution for achieving and maintaining compliance for other software companies. Girish is a software engineer by trade and has a wealth of experience in running and managing software businesses. Prior to founding Sprinto, he ran a software company called Recruiter Box, where he wrote a bulk of the early code and managed teams, as well as ran product marketing.

You’ll hear Girish and Tom discuss:

Going through the compliance process can help companies holistically view their organization and think about what it really takes to secure the data that they are handling on their customers' behalf.
Sprinto translates SOC 2 and ISO programs into specific security practices to run in your company and automate those practices, which can make it ten times faster and a lot less overwhelming.
Frameworks like SOC 2 and ISO 27001 provide a standardized form of building a security program that both companies and customers can trust. “What that means is that if I claim that I am SOC 2 compliant and I can provide documentation to the same, you as my customer can actually trust the documentation and have some assurance that I do indeed run these security practices,” Girish remarks.
The compliance stack is a list of tools that you would use to become compliant, or maintain a security posture.
Sprinto's security and compliance platform includes risk management, compliance management, vulnerability management, and incident management features.
A compliance command center allows you to look at all manner of security risks through “a single pane of glass”. The command center gives you one place where you can monitor what's happening in your company and how to mitigate it.
Girish notes that people are often the weakest link in a company's security and that security leaders worry about employees inadvertently sharing credentials or falling victim to social engineering attacks.
Concerns around cybersecurity are relatively similar across the globe.
Ransomware attacks were a major concern for security leaders in 2022, and cybersecurity insurance is becoming increasingly popular as a means of protecting against such attacks.

KEY QUOTES

"Think of SoC 2 and ISO… they're no different than SATs. …you write SATs, and you have like one score, and then that you can use across colleges. SoC 2 and ISO are not very different than that." - Girish Redekar

“It's pretty fascinating that a standard should emerge out of just the way people want to build trust in the way they do business.” - Girish Redekar

"...the way I think about a compliance command center is nothing but a single pane of glass where you get to see exactly what your security and your compliance posture is, where the gaps are." - Girish Redekar

Resources

Girish Redekar on LinkedIn | Twitter

Sprinto

Meeting Your Clients Where They Are with Barrett Mathews

Tue, 11 Apr 2023 04:01:00 -0000

Are you still relying on outdated communication methods to reach your clients and employees? If so, you might be missing out on a huge opportunity to connect and engage with them. In this episode of Innovation in Compliance, Tom Fox speaks with Dr. Barrett Matthews, a media expert who believes in meeting clients where they are and creating authentic content to increase engagement. Barrett offers valuable insights on how businesses can leverage media to expand their reach and connect with their audience.

Dr. Barrett Matthews is a media expert with a diverse background in broadcasting, writing, and production. He has worked with industry legends like Brent Musburger and Terry Bradshaw. He eventually created a business focused on helping others embrace and leverage the power of media. Barrett now works with entrepreneurs and corporations to help them develop an authentic media presence that meets their clients where they are.

Barrett and Tom discuss in this episode:

Media has evolved and is more accessible today than ever before. Entrepreneurs and corporations need to embrace media and create content that meets their clients where they are.
People consume information through a variety of media forms, so businesses need to create content in multiple formats (e.g., podcasts, books, social media, etc.) to reach a wider audience.
Authenticity is key in creating engaging media content. Clients don't necessarily buy the content itself, but rather the person behind it. Businesses should be open to showing their human side and not strive for perfection.
A documentary film can be a powerful way to showcase a business's authenticity and human side. By delving into why a business does what it does, potential clients can connect with the business on a deeper level.
Deliver your content on the platforms where your target audience is present; this is essential for your business to succeed.
Ego-based marketing is not effective as it only promotes what makes a business owner comfortable.
Build a strong brand by delivering on the promises you made to your customers, and exceeding their expectations. Your customers will refer your business to others, which can boost your brand recognition.
Podcasting is an excellent medium for those who are passionate about something because it's easier to talk about a topic than to write a book on it.
Barrett is involved in two initiatives called iChange Nations and Media Monarch, where he aims to promote civility worldwide and teach grassroots journalism to people in different countries.
Barrett has a video training program available on his website about how to use media to gain more clients.

KEY QUOTES

"If you think that you have clients all over the place, you need to meet them where they are. Meaning that if they listen to podcasts, you better have one. If they read books, you better have one, and so forth and so on." - Dr. Barrett Matthews

"People don't necessarily buy your content as much as they buy you when it comes to the media you put out." - Dr. Barrett Matthews

"Marketing is what you say about yourself to people. Your brand is what people say about you." - Dr. Barrett Matthews

Resources:

Barrett Matthews on LinkedIn | Instagram | Twitter | Facebook | Media Boss Podcast

Five Ways to Paying Clients

iChange Nations

Transformation by Surfing the Waves with Alex Schwartz and Nate Thompson

Tue, 04 Apr 2023 04:01:00 -0000

The traditional workplace as we know it is changing exponentially. This, accelerated by the COVID-19 pandemic, has forced companies to adapt to a new way of doing business. In this episode of Innovation In Compliance, Nate Thompson and Alex Schwartz, co-founders and hosts of The Disrupted Workforce, chat with host Tom Fox about the trends and challenges facing companies in this new era of work, including talent acquisition and retention, how AI will help identify talent pools, and the major shifts and disruptions happening in the workplace.

Alex Schwartz is a digital marketing and transformation solutions expert with over a decade of experience working with Fortune 500 companies. Prior to that, he worked in talent management in New York. Alex realized that there was a need to focus more on helping individuals navigate change and on creating better work cultures. He is passionate about looking at the future of work from a human-centered perspective.

Nate Thompson started his career as an engineer at Qualcomm. He ultimately left the technology space to focus on understanding organizational psychology and helping organizations reinvent themselves. Nate has spent the last 20 years specializing in organizational leadership and change. He went through a personal transformation after experiencing a “life crash”, which gave him the grit and resilience he needed to become a successful business leader. In March 2020, Nate and Alex launched their current platform.

You’ll hear Tom, Alex and Nate discuss these ideas in this episode:

The world is changing rapidly due to various factors, including the pandemic. Nate tells Tom, “We are at the slowest period right now that we will ever be going forward. In other words, right now, today life is going really fast, and it's only going to get faster, like significantly faster.”
“The way that you're even thinking about the world today has to start to evolve,” Nate remarks. The future of work mindset - as conceptualized by Alex and Nate - is crucial to navigate fast-paced change, and it's based around the idea of exploring, expanding, and evolving.
“The eleven days of clean audit health to failure [of the Silicon Valley Bank] really demonstrated to me the speed of which social media can bring change,” Tom remarks.
“Sometimes leaders and organizations aren't progressive, and they're battening down the hatches and trying to weather the storm. The only problem is that strategy will not help in this dynamically unfolding world. You have to be able to surf the waves, not get washed over, crashed upon,” Nate says.
Companies need to be proactive in building future of work programs, including creating talent mobility within the organization.
Thoughtful and empathetic communication is crucial in handling layoffs, upskilling, and reskilling of the employee base.
Talent acquisition and talent retention are among the most important issues for corporations in 2030 and beyond.
There is a global job shortage and talent shortage in the United States.

KEY QUOTES

“...strategy will not help in this dynamically unfolding world. You have to be able to surf the waves, not get washed over, crashed upon.” - Nate Thompson

"If you ignore this, you will be kind of run over by these waves of disruption. We believe, and try to wake people up and really lead them through." - Alex Schwartz

Resources:

Alex Schwartz on LinkedIn | Instagram

Nate Thompson on LinkedIn

The Disrupted Workforce

Igniting Purpose within Organizations with Christina Foxwell

Tue, 28 Mar 2023 04:01:00 -0000

How can you build a culture of trust and purpose in your organization? Tom Fox’s guest this week, Christina Foxwell, is an expert in helping companies unleash the purpose within each employee to build a sustainable business. In this episode, Tom and Christina explore the world of organizational transformation: Christina shares how her team helps companies put programs in place to measure outcomes and document results, satisfying stakeholders such as regulators and shareholders. She also emphasizes the importance of building a coaching culture, which can help transform company culture as well as the personal lives of employees.

Christina Foxwell is the Global CEO of Ignite Purpose, a company that aims to make a difference to one person's life a day so that they can make a difference to their world. She is a renowned leadership and transformation expert who has spent more than two decades working with organizations and executives to achieve their goals. At Ignite Purpose, Christina and her team specialize in partnering with organizations to create transformational change through culture change, leadership development, and team optimization. She is also a sought-after speaker and podcast host, using her platform to share insights and inspire leaders to unlock their full potential.

You’ll hear Tom and Christina talk about:

Building a culture starts with one person and then cascades into the organization.
Organizations need to foster connections among people and create communities where employees can bring their whole selves to work.
Trust is essential, and it starts with individuals trusting themselves before they can trust others.
In a hybrid work model, companies need to create opportunities for employees to come together, both physically and emotionally.
There is no cookie-cutter solution to building a culture of purpose and values. It requires a relentless effort to find the answer together.
Measurement and documentation are crucial for demonstrating outcomes to regulators, shareholders, and stakeholders.
Transformation requires a shift in culture, not just a tick-box approach.
Coaching executives on how they show up, including their thoughts, speech, and emotions, is critical to creating a coaching culture.
Creating a coaching culture helps to change the language of failure to learning, promoting purpose and engagement in the workforce.
Podcasting helped to build Christina’s courage and gave her a platform for sharing insights, for challenging and inspiring others.
The younger workforce wants to learn and develop differently, challenging organizations to think about how to reach them through different mediums.

KEY QUOTES

"Connection isn't just a physicality. It's an emotional choice to be connected. What we've got to do is we've got to give our people permission to make that emotional choice and teach them the gift of community and connection." - Christina Foxwell

"We change the language of failure to learning, which means we want people to show up." - Christina Foxwell

"We need to be able to open our mind...As a business owner, how do we reach people in different mediums to create the talent growth within the organization?" - Christina Foxwell

“For me, [podcasting] is about sharing insights and learning and maybe learning to have the courage to use my voice and to speak to people, to bring about new ideas.” - Christina Foxwell

Resources:

Christina Foxwell on LinkedIn | YouTube | Twitter | Facebook

Ignite Purpose

3rd Party Management: A risk-based approach - Part 5: Alexander Cotoia on Use Cases

Fri, 24 Mar 2023 05:00:00 -0000

Welcome to a special 5-part podcast series sponsored by Diligent. Over this series we will consider a risk-based approach to third-party risk management. Over this series I will visit with Michael Parker, the Director of Advisory and Consulting Services; Stephanie Font, Director of the Optimizations Group; Kairi Isse, Managed Services Group Manager; Adam Bailey, Senior Vice President, Product Management and Alexander Cotoia, Associate at the Volkov Law Group. In this Part 5, I visit with Alexander Cotoia, a Regulatory and Compliance Manager at the Volkov Law Group, to consider how recent FCPA enforcement actions point toward the use cases for a robust third-party risk management system.

In 2022, most FCPA-related enforcement actions involved third parties and required organizations to reprioritize third-party risk management. In this episode, we consider case studies involving ABB Limited, GOL Airlines, and Oracle, demonstrating the importance of understanding bribery and corruption schemes, making voluntary disclosures, and reassessing third-party risk management.

Key Highlights

· How can organizations reprioritize third-party risk management as a core compliance function?

· What strategies can organizations use to avoid FCPA violations and maximize cooperation credit?

· How can organizations effectively assess the risks posed by potential business partners?

Notable Quotes

1. "Don't put yourself in a position of being uncooperative with either the SEC or DOJ. Reassess your framework for third-party risk management holistically and hone in on the nature and quality of the collected information to objectively evaluate the totality of risks posed by a potential business partner to the organization."

2. "You really can't afford to be complacent, especially as we have a new emerging consideration suspecting sanctions and export controls that have become core enforcement priorities of the federal government."

3. "The critical question asked from a functional perspective is, is it adequate to objectively evaluate the totality of risks posed by a potential business partner to the organization?"

4. "You must understand that third-party risk, especially regarding anti-bribery and corruption concerns, is a universal constant."

Resources

Alexander Cotoia on LinkedIn

Check out Diligent’s 3rd party products and services here.

Third-Party Management: A risk-based approach - Part 4: Adam Bailey on Reporting

Thu, 23 Mar 2023 05:00:00 -0000

Welcome to a special 5-part podcast series, sponsored by Diligent. Over this series we will consider a risk-based approach toe third-party risk management. Over this series I will visit with Michael Parker is the Director of Advisory and Consulting Services, Stephanie Font, Director of the Optimizations Group; Kairi Isse, Managed Services Group Manager; Adam Bailey, Senior Vice President, Product Management and Alexander Cotoia, from the Volkov Law Group. In this Part 4, I visit with Adam Bailey, to look at the role of the Board in risk, audit, compliance, and ESG and the reporting from executive teams and GRC practitioners to take risks and seize chances.

Bailey has worked to help organizations better manage their risk by providing insight and clarity to boards of directors. He strived to enable executive teams and GRC practitioners to assess and manage strategic risks, ultimately connecting boards, practitioners and executives together to innovate and drive growth. With the complexity of third-party relationships continuing to grow, companies need to adopt a continual improvement approach to contend with unforeseen risks. A corporate compliance function is not just something nice to have but a must and a Board needs clear and relevant data to make the best decisions. Organizations need to use the necessary tools to ensure that Boards had the visibility to manage their third parties and make informed decisions.

Key Highlights

1. A compliance function must support leaders through it reporting work.

2. Companies can effectively manage third-party risk with a risk-based approach and robust processes.

3. Connecting Board, senior executives, and practitioners together to enable organizations to take risks and innovate is critical.

Notable Quotes

1. "The key to this effective risk management is truly the follow up, the ongoing follow up to ensure that all the controls are in place and if needed, are changed."

2. "Continuous blanket monitoring of all third parties with every risk asset you can think of is just not feasible and probably wouldn't deliver the outcomes that we need."

3. "We know that change is constant, regulators are looking for risk management policies and practices which continually improve and evolve over time."

4. "We need robust processes and systems in place to make sure that when you create your third-party profile, it's screened against sanctions lists, embargo watch lists, et cetera, to provide the rich data that's there."

Resources

Adam Bailey on LinkedIn

Check out Diligent’s 3rd party products and services here.

Third-Party Management: A risk-based approach - Part 3: Kairi Isse on Implementation and Maintenance

Wed, 22 Mar 2023 05:00:00 -0000

Welcome to a special 5-part podcast series, sponsored by Diligent. Over this series we will consider a risk-based approach toe third-party risk management. Over this series I will visit with Michael Parker is the Director of Advisory and Consulting Services, Stephanie Font, Director of the Optimizations Group; Kairi Isse, Managed Services Group Manager; Adam Bailey, Senior Vice President, Product Management and Alexander Cotoia, from the Volkov Law Group. In this Part 3, I visit with Kairi Isse, on the implementation of your third-party risk management program after the contract is executed.

Learning about the risk posed by third-party vendors to a company's compliance program can be an eye-opening experience. However through the use of an AI-based ongoing monitoring search tool with customizable features, auditable trails, for third-party risk management; an organization can ensure that their compliance programs are effective and reduce their risks of fines and reputational damage in the implementation stage after contract is executed.

Key Highlights

· How can modern companies effectively manage third party risk and protect their reputation?

· What are the best ways to monitor third parties in a stable vendor ecosystem?

· How can AI and machine learning make third party management more efficient and effective?

Notable Quotes

1. "The key to this effective risk management is truly the follow up, the ongoing follow up to ensure that all the controls are in place and if needed, are changed."

2. "The key to effective risk management is the ongoing follow up to ensure all the controls are in place and if needed, are changed."

3. "It's not the most data, it's the right data."

4. "Everything is audited in there; there's audits for the third-party profiles, there are audits for each of the cases."

Resources

Kairi Isse on LinkedIn

Check out Diligent’s 3rd party products and services here.

Third-Party Management: A risk-based approach – Part 2: Stephanie Font on Questionnaires and Due Diligence

Tue, 21 Mar 2023 05:00:00 -0000

Welcome to a special 5-part podcast series, sponsored by Diligent. Over this series we will consider a risk-based approach toe third-party risk management. Over this series I will visit with Michael Parker is the Director of Advisory and Consulting Services, Stephanie Font, Director of the Optimizations Group; Kairi Isse, Managed Services Group Manager; Adam Bailey, Senior Vice President, Product Management and Alexander Cotoia, Associate at the Volkov Law Group. In this Part 2, I visit with Stephanie Font, on the need for evaluation of potential third-party through questionnaires and determination of the necessary due diligence investigations to comply with regulations, while navigating using questionnaires to uncover the truth.

What is the importance of understanding regulations and risk factors when creating questionnaires to help with due diligence. Through understanding the risk model and what specific regulations the company needs to comply with, creating effective questionnaires to help with due diligence can become easier. Stephanie also found out that having a due diligence risk management system can automate some of the process and help flag any potential risk factors. With the help of questionnaires and due diligence, Stephanie was able to learn how to effectively document and investigate potential third parties.

Key Highlights

How questionnaires can be used to comply with regulations and inform a risk model.
How due diligence investigations can help to uncover risk factors in a potential third party.
How a third-party risk management system can automate parts of the process.

Notable Quotes

1. "Knowing what you're trying to comply with and thinking of those questions that are going to get you there is probably the top thing."

2. "Don't lose your common sense and listen if your gut tells you something's wrong."

3. "Documentation is key to create an internal audit trail and have something to show to regulators."

4. "Know your own risk model and build the risk model into the system to flag any potential risk factors."

Resources

Stephanie Font on LinkedIn

Check out Diligent’s 3rd party products and services here.

Is Data Fit for Purpose? with Malcolm Hawker

Tue, 21 Mar 2023 04:01:00 -0000

Is your company's data fit for purpose? In this episode of the Innovation in Compliance podcast, host Tom Fox welcomes Malcolm Hawker of Profisee, a company that creates MDM software, to discuss the importance of data quality, master data management (MDM), and data governance. They also explore how proper data management can drive exceptional results, reduce costs, and ensure compliance.

Malcolm Hawker is a seasoned data management and governance professional with over 30 years of experience. Malcolm spent 15 years in product leadership, including a stint as Chief Product Officer at a software startup in Austin, Texas. He also led an IT organization at a $2 billion publicly traded company. Malcolm has since specialized in data management, master data management, and governance, working as an analyst for Gartner before joining Profisee as the Head of Data Strategy. Malcolm's passion is helping organizations leverage data to drive results.

You’ll hear Tom and Malcolm talk about these ideas:

Data must be accurate, complete, timely, and unique to be fit for purpose within an organization's business processes.
Master data management (MDM) solves the "single version of the truth" problem, helping organizations maintain consistent and trustworthy data across various systems and departments.
Effective data governance involves creating and implementing policies and procedures related to data management to optimize value, reduce costs, and ensure compliance.
High-level, cross-functional, and functional levels all require tailored governance strategies.
A CDO should define how data governance drives the three levers of revenue, cost savings, and risk mitigation within an organization.
Corporate governance is typically the focus of boards of directors, while data governance is more of a functional or operating level concern.
Data privacy plays a significant role within data governance and must be addressed with robust policies and procedures.
Data governance can contribute to ESG initiatives, with one example being the reduction of carbon footprint through better data management and retention policies.
No matter where technology trends lead, the foundation of accurate, consistent, trustworthy, and fit-for-purpose data remains essential for successful decision making and operations.
"Modern younger business leaders are turning to LinkedIn, they're turning to YouTube, they're turning to podcasts for these types of insights [about business]. I need to be where the business leaders are." Malcolm shares best practices from a data management, data quality, and MDM perspective through his CDO Matters LIVE podcast.
Malcolm's experience at AOL during its rapid growth period on his approach to innovation.

KEY QUOTES

"Data quality is all about making sure that you have data that is fit for purpose, that can be used efficiently in operations within the business, can be accurate and consistent, and trustworthy within the analytics, the reports that are used by that organization.." - Malcolm Hawker

"My point here is that from a governance perspective, …the foundation of data quality, master data management - all the things that go into creating accurate, consistent, trustworthy, fit for purpose data - those things never go away." - Malcolm Hawker

"Modern younger business leaders are turning to LinkedIn, they're turning to YouTube, they're turning to podcasts for these types of insights. I need to be where the business leaders are." - Malcolm Hawker

Resources:

Malcolm Hawker on LinkedIn

CDO Matters LIVE Podcast

Profisee

Third-Party Management: A risk-based approach - Part 1: Michael Parker on Risk Mitigation

Mon, 20 Mar 2023 05:00:00 -0000

Welcome to a special 5-part podcast series, sponsored by Diligent. Over this series we will consider a risk-based approach toe third-party risk management. Over this series I will visit with Michael Parker is the Director of Advisory and Consulting Services, Stephanie Font, Due Diligence Service expert; Kairi Isse, Managed Services Group Manager; Adam Bailey, Senior Vice President, Product Management and Alexander Cotoia, from the Volkov Law Group. In this Part 1, I visit with Michael Parker on the need for risk mitigation to bring a third-party into a relationship with your organization.

Parker has worked in the compliance arena for six years, learning from his experience in government and tech. For a compliance program to be successful, executive leadership and there must be Board of Director buy-in for oversight as well. The goal of a third-party risk management platform is to protect the assets of the business and create a single source of truth. Through such a mechanism, third parties can be can screened for anti-bribery, anti-corruption, human trafficking, and much more. The Board needs visibility in order to make decisions and an audit log to show activity and diligence if ever needed. It is critical for all compliance function to stay up to date with regulations and keeping their third party platform consistently updated.

Key Highlights

How can a risk-based approach, coupled with a single source of truth and robust platform, help protect business assets and comply with changing regulations?
What is the German Supply Chain Act and how can companies ensure compliance related to human trafficking and human slavery?
How can companies use visual analytics to gain insights into their risk-based approach, and show evidence of due diligence in the face of an audit?

Notable Quotes

"Companies don't do bad things, people do. And as people do, the regulatory landscape changes and it can change quickly. So keeping up with those changes is critical to protecting your assets and mitigating risk."
"We need to increase our defensibility and increase our auditability if somebody comes knocking, we can show and illustrate that we have done our due diligence to mitigate any sort of risk of doing business with this third party."
"Companies don't do bad things, people do."
"Put a platform in place that is robust lends itself to a number of different benefits."

Resources

Michael Parker on LinkedIn

Check out Diligent’s 3rd party products and services here.

Compliance with Data Privacy with Bill Piwonka

Tue, 14 Mar 2023 04:01:00 -0000

Legal GRC focuses on the various activities and responsibilities that people who report to legal must carry out, such as data privacy and breach response. In this week’s show, Tom Fox reconnects with Bill Piwonka, Chief Marketing Officer of Exterro, to discuss compliance with data privacy. They discuss the concept of legal GRC, which is a subcategory of the larger umbrella of GRC. They also explore how Exterro's legal GRC software can help companies manage their data effectively and efficiently while ensuring compliance.

Prior to Bill Piwonka’s current position at Exterro, he had extensive experience running marketing teams for typically small software companies, helping build them as they grew. His knowledge of both startups and large multinational global organizations, including Intel and Oracle, has given him a unique perspective on the dynamics of different companies. As an expert in compliance and data privacy, Bill's insights and expertise are invaluable to organizations seeking to improve their compliance programs.

Key ideas you’ll hear Tom and Bill discuss:

Legal GRC is a subcategory of the larger umbrella of GRC that focuses on the various activities and responsibilities that people who report to legal must carry out, such as data privacy and breach response.
Understanding where your data is, who owns it, and what regulations apply to it is crucial to effective data management and compliance.
Data governance, data security, and data cleansing are key components of ESG, particularly in the G part, and the management of data is a mandatory step under ESG.
Having a data inventory and understanding what regulations apply to that data from a retention perspective and disposition is essential to minimizing risk and ensuring compliance with various regulations.
The key to minimizing risk and ensuring compliance is to have the processes and technology that enable you to constantly push the deletion button, in accordance with your retention policy.
Extero has broad capabilities in eDiscovery, privacy forensic investigation, incident response, and cybersecurity compliance. Its clients include a wide range of professionals, such as IT, legal ops, GC, compliance, privacy, and HR.
Regulatory obligations around data security and document turnover are a significant concern for organizations, and Extero's eDiscovery product can help clients comply with government agencies' requirements and store relevant information in their ESI vault.
Extero's consent product can help organizations with obtaining and revoking consent across any medium and demonstrate their compliance.
Legal departments are now recognizing the need for people, process, and technology to address issues that are now being enforced, especially on the privacy side. Process orchestration gives legal departments the ability to manage, measure, and optimize their processes and ensure defensibility.
Extero's marketing strategy is to provide high-quality educational content for the people who would ultimately use their products, such as benchmark surveys, case law alerts, and privacy alerts.

KEY QUOTES

"Legal has to be involved in all the different GRC activities." - Bill Piwonka

"You have to have the guts to push the deletion button. When you have the processes and the technology that enable you to constantly push that button, you're going to minimize your risk and you're going to ensure compliance across a whole swath of regulations." - Bill Piwonka

"If I can help somebody understand how to optimize a data subject access request process or how to conduct a document review more efficiently, and help them do their jobs more effectively - and I do that for five years - they are more productive, they're more efficient, and they like the content that we're creating." - Bill Piwonka

Resources:

Bill Piwonka on LinkedIn | Twitter

Exterro

The Secret Power of Meditation with Kara Goodwin

Tue, 07 Mar 2023 05:01:00 -0000

"Most successful executives are well aware of meditation and the secret power of it, and that it has a competitive advantage because it can change the way they're thinking, access more levels of creativity and intuition," says Kara Goodwin, a meditation expert and Tom Fox’s guest on the latest episode of Innovation In Compliance. Kara and Tom discuss the transformative power of meditation, the benefits it offers to individuals and companies, and how it can help people find balance and purpose in their lives. She also talks about how meditation can change your brain, reduce anxiety and depression, and unlock your creativity and intuition.

Kara Goodwin is a certified meditation teacher, and the host of The Meditation Conversation Podcast. With a corporate background in IT and sales, Kara's journey into meditation began when she moved to Italy and discovered the transformative power of this practice. Since then, she has been helping people develop their meditation practice through coaching, retreats, and online courses. Through her work, she seeks to help individuals and organizations find balance, purpose, and fulfillment in their personal and professional lives.

You’ll hear Kara and Tom discuss:

Meditation means something different to every person, but to Kara it's existing in a state that's beyond - beyond thoughts, beyond the body, beyond time, and beyond space. Meditation is getting to a state of higher consciousness, where the cycle of daily thoughts does not exist.
Developing a meditation practice changes the brain and the nervous system. It can also translate to a person's state outside of meditation, where they can have a higher perspective on things. It allows them to slow down and not get caught up in the minutiae of the day.
Being able to tell when you're off balance is simply taking mental stock of yourself. "It's just what's showing up for you in your world… It's becoming aware of how we feel and really even having a perspective that has a distance between what we feel and noticing what we feel," Kara says.
You can't solve problems when you're operating in the same mindset they were created in. "When we're in problem-oriented consciousness, we're not necessarily going to find the solution for that problem in the same level of consciousness where the problem is," Kara remarks. "It's by raising ourselves into a higher level of consciousness that we can have access to more creative solutions, more holistic solutions, more win scenarios."
Meditation is becoming an important component of mental health for businesses and companies. Kara uses the example of the NFL using meditation tactics to keep themselves calm in the high-stress environment they deal with. In addition, employers caring for their employees can also do more to create better working conditions. Caring for their employees in more holistic ways and seeing them as fully formed human beings, will impact the quality of their work.
Meditation helps nurture whole-brain thinking. Nurturing whole brain thinking and allowing yourself space allows for higher consciousness, which promotes productivity and activity.

KEY QUOTE

"When we're in problem-oriented consciousness, we're not necessarily going to find the solution for that problem in the same level of consciousness where the problem is." - Kara Goodwin

“[Meditation] is really getting into that state of a higher mind where we're not so focused on the little ins and outs and details of the day and the cycles of our thoughts.” - Kara Goodwin

Resources

Kara Goodwin | Twitter | Instagram

The Meditation Conversation Podcast

Creating the Insights Lab with Zachary Coseglia

Tue, 28 Feb 2023 05:01:00 -0000

In this insightful episode of the Innovation In Compliance podcast, Tom Fox welcomes Zachary Coseglia, the founder of the Ropes & Gray Insights Lab, to talk about the creation of the unique consultancy within the law firm. Zach dives into the challenges of building a team with diverse skill sets and backgrounds for a new function like the Insights Lab. He shares the value of data analytics for compliance, and how it can be used to improve investigations and understand patterns of behavior across the organization. Zach also highlights the complexities of working in-house, including managing relationships and understanding organizational intricacies.

With over a decade of experience in the pharmaceutical industry, healthcare, and life sciences, Zach Coseglia built a strong background in investigations, compliance analytics, and digital compliance. During his time as head of investigations in Asia Pacific for Pfizer, he came up with the idea to create an analytics and behavioral science consultancy within a law firm, which led to the birth of the Insights Lab.

Key takeaways from the episode include:

Building an analytics consultancy within a law firm or compliance department requires investment in technology and human capital. Zach brought together people with diverse skill sets, backgrounds, and experiences to build a team that reflects the needs of the consultancy being created. He combined subject matter expertise of compliance and data analytics to build the team for the Insights Lab.
Zach believes that to build a successful analytics consultancy within compliance, it's important to bring in people who have done this work in other industries. He stresses that they can bring unique perspectives and experiences that can drive innovation and progress within the organization.
The potential of data analytics to promote a better, stronger compliance program through identifying trends, patterns of behavior, and driving efficiencies.
Zach reflects on his experience working in-house and highlights the challenges of managing relationships and understanding organizational intricacies. He stresses the importance of effective relationship building and an intentional and strategic approach to building new capabilities or functions within an organization.
Compliance is a deeply human discipline that involves shaping human behavior through policies, procedures, training, and programs. Behavioral science, cultural psychology, and behavioral economics play a critical role in compliance and ethics work.
Compliance programs that only focus on rules are short-sighted.
Human-centered design is a powerful approach to building effective compliance programs that engage with people and amplify their voices.

KEY QUOTES:

"I think that there's a huge opportunity for us to embrace behavioral science, to embrace a more scientific point of view, to embrace the world of data in ways that actually advance our profession." - Zach Coseglia

“With all of the data we had available to us, we have this opportunity to understand human behavior in ways that go beyond just the rules.” - Zach Coseglia

“I have felt for a long time that compliance is being treated - has been treated - as this exclusively legal, regulatory, enforcement-related exercise oftentimes led by lawyers, when in fact, compliance is a deeply human discipline.” - Zach Coseglia

Resources:

Zach Coseglia at R&G Insights Lab | LinkedIn

Ropes & Gray Insights Lab | Podcast: There Has to Be a Better Way?

Leveraging Technology in Third-Party Risk Management with Jag Lamba and Jared Ezzell

Tue, 21 Feb 2023 05:01:00 -0000

Jag Lamba and Jared Ezzell from Certa, join Tom Fox on the Innovation In Compliance podcast to explore the essential elements of a thriving third-party risk management program. They emphasize the significance of minimizing reliance on third-party self-disclosures by utilizing technology and data. They also highlight the importance of integrating due diligence, training, and ongoing monitoring to create a comprehensive approach to risk management. The conversation extends to payment controls, charitable donations, and the integration of the program into the overall third-party risk management lifecycle.

Jag is the founder and CEO of Certa. Jared Ezzell is the Chief Customer Officer. Certa is a third-party lifecycle management platform for procurement, compliance, and ESG. Their no-code platform provides an easy and efficient way to digitize and manage the lifecycle of all suppliers, partners, and customers. Certa's automated onboarding, contract lifecycle management, and ESG management eliminate the procurement bottleneck, allowing companies to onboard third parties three times faster. With their cutting-edge technology, Certa is transforming the way businesses manage their third-party relationships, ensuring compliance and sustainability at every step.

Here are some key points Tom, Jag, and Jared talk about:

Jared talks about his professional background and his role at the company Certa, their products, and their customers.
The hallmark of an effective anti-bribery and anti-corruption compliance program is the concept of risk assessment.
Jared discusses the nine elements developed by Certa for an effective compliance program.
The three dimensions of a complete solution for compliance risk management are full spectrum risk management, the full life cycle of the third party, and the full spectrum of third parties.
A successful technology transformation project should be a modular rollout, with a focus on solving the highest pain point within three months and continuously phasing the rollout to avoid becoming overwhelmed.
Jag and Jared clarify that while the company doesn't play the role of creating the documentation, they provide input and help evidence the client's defensible positioning in support of the client's policies.
Jag tells Tom that the ongoing monitoring of third-party relationships requires companies to have data sources and processes in place, have a controls framework to act on information, and automate controls to handle egregious alerts.

KEY QUOTE:

“The ability to systematically enforce payment controls is a key common practice in successful third-party risk management." - Jared Ezzell

Resources:

Jag Lamba on LinkedIn | Twitter

Jared Ezzell on LinkedIn

Certa

Entrepreneurship and Risk Management with Adrienne Bellehumeur

Tue, 14 Feb 2023 05:01:00 -0000

Tom Fox’s guest in this episode of Innovation In compliance is Adrienne Bellehumeur. They discuss the significance of gap analysis in the design of internal controls, and why having a thorough understanding of design is critical to the success of gap analysis. They emphasize the importance of continuous improvement and avoiding a "pass-fail" approach to internal control programs. Adrienne also shares her five principles for creating high-value compliance programs.

Adrienne Bellehumeur is the Director and Co-owner of Risk Oversight, a firm specializing in internal controls, internal audit, and compliance programs. She has written a book called The 24-Hour Rule and Other Secrets for Smarter Organizations: Including the 6 Steps of Dynamic Documentation, which is set to be published on March 7th and is geared towards managers who are seeking solutions through documentation. This book aims to provide a fun and foundational approach to documentation for the modern knowledge workforce and is the first mass-market book on documentation best practices.

Some of the key points discussed during the show include:

Adrienne's background and current role at her company, Risk Oversight, which specializes in delivering services to mid-sized oil and gas companies in the engineering sectors.
The purpose of gap analysis is to identify areas for improvement in processes and controls to support operational effectiveness.
Adrienne's belief that internal controls should focus on good habits, accountability, and continuous improvement rather than just ticking boxes.
How Risk Oversight helps companies fulfill their obligation of oversight by providing entity-level control review and understanding best practices in governance.
The two best practices for board minutes, the "Goldilocks principle" and the "business judgment rule."
The Caremark doctrine in Delaware and the importance of documentation of major risk management decisions.
Adrienne's book The 24-Hour Rule, which is a mass-market book on documentation aimed at managers looking to solve problems through documentation and is applicable to various industries.

KEY QUOTATION:

“Risk management is about action.” – Adrienne Bellehumeur

Resources

Adrienne Bellehumeur | LinkedIn | Twitter

Risk Oversight | The 24-Hour Rule and Other Secrets for Smarter Organizations: Including the 6 Steps of Dynamic Documentation

Key Board Issues Going Forward with Christina Bresani

Tue, 07 Feb 2023 05:01:00 -0000

What are some of the challenges facing board members in providing meaningful oversight? Christina Bresani, head of William Blair’s Corporate Advisory Team, is here to share her take. Host Tom Fox and Christina are going to delve into the current state of the corporate world, touching on the challenges faced by boards of directors. They'll also discuss the increase of unsolicited offers and the importance of being prepared for them. This is a thought-provoking conversation that will shed light on the current landscape of the corporate world.

Christina Bresani is a seasoned investment banker with over 25 years of experience. She joined UBS right after graduation from Wellesley College where she studied economics and Spanish. After 20 years at UBS, she joined William Blair and currently leads the Corporate Advisory Team, a team that focuses on advising public companies on all things mergers and acquisitions.

Key points you’ll hear them discuss:

Christina tells Tom, “About 85% of the transactions that we're seeing right now start with an unsolicited proposal.” They are advising clients on being prepared for unsolicited proposals and valuations in an uncertain market.
How William Blair works with clients to optimize their portfolio and their process for evaluating selling or spinning off businesses.
ESG is a focus area for boards. It’s now considered a "must-have" and not a "nice-to-have". Boards and management teams focus on ESG as a day-to-day part of their decision-making process. Christina is happy to see companies take a more holistic oversight around ESG at the board level.
There has been an increase in shareholder activism and companies are worried about it and seeking help in preparing for it.
“Ultimately, what companies need to be thinking about is how to create shareholder value,” Christina tells listeners. This is what should be top of mind for boards going forward, she remarks.

KEY QUOTE:

“There are always intertwined relationships between boards and companies, and the real goal is to get all the brains together in a room to figure out if a deal makes sense for both sets of shareholders.” - Christina Bersani

Resources

Christina Bresani on LinkedIn

William Blair

The Digital Knowledge Graph with Evgeny Likhoded and Vladimir Ershov

Thu, 02 Feb 2023 05:01:00 -0000

This week’s guests are Evgeny Likhoded, CEO and founder, and Vladimir Ershov, Head of Data Science, of Clausematch. They join Tom Fox to talk about a groundbreaking new innovation, the Digital Knowledge Graph in open source. Learn how this game-changer is revolutionizing the way compliance is managed and what it means for industries, companies, and governments around the world.

Evgeny Likhoded is the CEO and founder of Clausematch, a global compliance and regulatory technology company. He started Clausematch to digitize and structure regulation and help regulators to innovate in the space. Jay has worked to solve a common problem in compliance - managing compliance documents and compliance content. He has brought all of the workflow and content management under one platform to provide compliance professionals a way to collaborate on content in real time.

Vladimir Ershov is the head of Data Science at Clausematch. He has been working in the field of data science for four years and previously worked at Apple. Vladimir is passionate about semantic linkage for law documents and was excited to join Clausematch four years ago to continue his work in this field.

You’ll hear them discuss:

The process of developing the Clausematch Knowledge Graph took a year with involvement from multiple teams and experts in the regulatory field.The process included discussions with regulatory experts, data preparation, model training and evaluation, and integration with Clausematch's tools.
The key idea behind Clausematch was to capture data in a structured form from the start, allowing for more to be done with the data.
Clausematch was pitched to several financial services regulators, including FCA and ADGM, as a platform for tagging regulation text through expert work and machine learning models.
The open source Knowledge Graph generated by Clausematch can be used by other companies and regulators to automatically analyze regulations.
The structured regulations can also be applied to a financial institution's internal compliance documents to identify gaps and contradictions in their policies.
The Knowledge Graph helps digitize the meaning of regulations.
The models can be used to look for patterns in regulations and to show regulators if internal policies are compliant with regulatory rules.
The ultimate goal is a world where every regulation is structured and consumable via API. The release of the Knowledge Graph in open source will help reach the goal faster.
Knowledge Graph technology is relevant to compliance technology. Historically, compliance solutions have been focused on formalizing rules and processes into a framework through manual means. Knowledge Graph technology automates the process of structuring data and extracts entities and obligations to form the framework.
Neural network models or reinforcement learning agents can be run on top of the extracted graph to look for compliance patterns.
The knowledge graph technology will be available on Clausematch.com and GitHub, and a scientific paper with more information will be released.
The graph structure is important in compliance due to the need for exact inference in compliance, unlike the correlation approach in language models like GPT.

KEY QUOTATIONS:

"There is a principal flow in the models like ChatGPT and other language models which are based on correlation approach... [but] in the compliance field we need causation, we need exact inference and that's why the graph structure is extremely important to be able to build the automation for the compliance." - Vladimir Ershov

Resources

Evgeny Likhoded | LinkedIn

Vladimir Ershov | LinkedIn

Clausematch

Knowledge Graph Information

Innovation Through Comprehensive UX with Ben Seals

Tue, 31 Jan 2023 05:01:00 -0000

Tom Fox hosts Ben Seals, CEO of Thomas Eye Group, on this episode of Innovation In Compliance. They delve into the company’s innovative approach to employee, customer, and business process experience. They also talk about how technology is changing how businesses operate and how it will impact healthcare in the future.

As the CEO of Thomas Eye Group, a full-service eye care provider, Ben Seals brings a wealth of experience to the table. With a background in operations, customer service, payor/provider contract relations, and acquisition integration, he has a diverse set of skills that he leverages to oversee the execution of the company's strategic vision. At Thomas Eye Group, the mission is to provide a lifetime of outstanding eye care, with a focus on sustainable growth that prioritizes patient care.

Here are some key points Tom and Ben discuss:

Ben talks about his professional background and his current role at Thomas Eye Group.
Thomas Eye Group was recently awarded with the ModMed Innovation Award, for their innovation in healthcare and patient-centric approach.
Ben tells Tom that they have improved customer communication by enabling patients to easily schedule and reschedule appointments online, streamlining the process and reducing time spent in the office.
With ModMed, doctors can access patient data through a single platform, which addresses the issue of disparate information across several systems, allowing them to make better, more informed decisions and engage with patients during face-to-face conversations.
Ben explains that ASC has improved customer experience by using the Modmed ASC platform. The need to transfer paperwork between different sites has been eliminated as it is fully integrated with the practice management system, allowing for seamless coordination of care and electronic consent forms to be shared with patients.
Ben explains ModMed Pay and Text to Pay and what methods were used to be able to improve efficiency in the payment process, both in pre-visit and in post visit payments.
By using a text message feature, patients are informed about their balance with insurance companies and asked for payments, resulting in a significant increase in the number of payments made.
Ben describes what new innovations he sees down the road for Thomas Eye Group and ModMed.

KEY QUOTATION:

“The ability to text patients real time, have a cadence of communication and ask for receipt of those payments delivered significant results for our revenue cycle team.” - Ben Seals

Resources

Ben Seals | LinkedIn

Thomas Eye Group

ModMed

Operationalizing Compliance: Part 5-Overwhelmed, yet? with Taylor Edwards

Fri, 27 Jan 2023 00:00:00 -0000

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In our Part 5 conclusion, I am joined by Taylor Edwards to discuss how compliance professionals can prevent from being overwhelmed by all of ‘this’. Highlights from this episode include:

· Unpack your program through critical examination.

· Know your history and understand how you got where you are.

· Face data but do not be paralyzed by it. .

· It’s about being real and accountable.

For more information go to TheBroadcat.com

Operationalizing Compliance: Part 4-Effectiveness, Redux with Alex Klingelberger

Thu, 26 Jan 2023 00:00:00 -0000

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 4, I am joined by Alex Klingelberger, CEO at Broadcat where we take a deep dive into effectiveness. Highlights from this episode include:

· Compliance training must stay away from patronizing training material.

· The DOJ pronouncements on clawbacks puts the pressure on senior management.

· Bilateral communications is a critical component of a best practices compliance program.

· Compliance engagement is more than between your compliance function and employees. It is when employees engage each other about compliance topics as well.

For more information go to TheBroadcat.com

Operationalizing Compliance: Part 3-Jaycee Dempsey on Operationalizing Compliance

Wed, 25 Jan 2023 06:00:00 -0000

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 3, I am joined by Jaycee Dempsey to discuss operationalizing your compliance program through employee engagement and participation. Highlights from this episode include:

· Compliance is a team sport.

· The DOJ pronouncements on clawbacks puts the pressure on senior management.

· Middle managers is where the rubber meets the road.

· Document Document Document

For more information go to TheBroadcat.com

Why Sustainability is the Business Opportunity with Richard Blundell

Tue, 24 Jan 2023 05:01:00 -0000

Tom’s guest on this week’s episode of Innovation in Compliance, Richard Blundell, discusses the risks and opportunities associated with growth in the insurance industry. They talk about how to finance a company's growth by understanding its risks. Business financing is trending towards sustainability, and Tom and Richard explore how companies can access capital by implementing sustainable practices and strategies.

A global environmental services and technology consultant with over 35 years of experience, Richard Blundell has extensive experience in senior executive management and consulting. Mergers and acquisitions, corporate and market development, and operations management are among his areas of expertise. His experience includes launching new businesses and managing growth-stage businesses around the world. He is also an advisor to the Prince of Wales Accounting for Sustainability charity.

Here are some key points Tom and Richard talk about:

Richard talks about his professional background and current role as an advisor on sustainability.
Richard believes that sustainability in business leads to lower costs, less waste, more resource efficiency, better quality jobs, better employee engagement, and more access to capital.
In addition to improving access to capital, sustainability can also improve performance in public markets, lower capital costs, and lower debt costs.
Richard highlights that materiality is a way for companies to determine priorities and goals for sustainability, decarbonization, and ESG by considering what is important for both the corporation and its stakeholders
Quoting Paul Wellman, Richard tells Tom that working toward social, environmental, and economic outcomes can invigorate and energize an organization.
Sustainability can be a life insurance policy for the planet.
Companies without decarbonization plans may not have access to financing from banks and other financial institutions as they do not understand the risks associated with growth and may not be seen as providing a benefit to society, Richard tells Tom.
Richard believes that the circular economy aims to eliminate waste by keeping inputs and outputs at their highest utility throughout their life cycle.
Companies like Interface and Nike are committed to sustainability and continue to innovate and stretch their targets as they learn more about driving efficiency and process in the decarbonization journey.

KEY QUOTE:

"If I am going to finance a company's growth, I want to finance a company that's in the insurance industry as well. I want to finance the company's growth by understanding the risks associated with that growth.” - Richard Blundell

Resources

Richard Blundell | LinkedIn

Operationalizing Compliance: Part 2-Compliance Program Design with Jennifer May and Xinia Pirkey

Tue, 24 Jan 2023 00:00:00 -0000

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 2, I am joined by Jennifer May and Xinia Pirkey to consider your compliance program design. Highlights from this episode include:

· Your communications should resonate with your employees.

· Aesthetic draws an employee in but content grabs their attention.

· Clarity and relevance are key elements.

· Document Document Document

For more information go to TheBroadcat.com

Operationalizing Compliance: Part 1 - Compliance Program Effectiveness with Jennifer May

Mon, 23 Jan 2023 00:00:00 -0000

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 1, I am joined by Jennifer May to consider what is compliance program effectiveness. Highlights from this episode include:

· What is and is not effectiveness?

· Identify silos and work through them.

· Compliance is not a closed book test.

· Document Document Document

For more information go to TheBroadcat.com

Frictionless and Engaging Compliance Training with Avi Singer

Tue, 17 Jan 2023 05:01:00 -0000

On this week’s episode, Tom’s guest Avi Singer talks about how to make it easier for employees to understand and complete compliance training. Compliance training refers to the process of educating employees on laws, regulations, and company policies that apply to their day-to-day job responsibilities. The goal is for everyone in an organization to have compliance training, and for it to be frictionless for employees to access and complete.

Avi Singer is the founder and CEO of Showd.me, a company that is helping organizations provide remote and on-demand compliance training solutions, specifically in the healthcare space. He is extremely passionate about highlighting the importance of compliance training, noting that it is often required in order for organizations to comply with regulations. He is described by his colleagues as a “bright professional who can understand complex business solutions and offer creative solutions to problems.”

Here are some key points Tom and Avi talk about:

Avi explains how he persuades clients to utilize resources from his company Showd.me to have their employees take its compliance training.
Avi believes compliance training should be easy to understand and pass a quiz on.
The government expects targeted compliance training to address issues like racial sensitivity or harassment, Avi explains to Tom.
Avi highlights the importance of bystander intervention and mandated reporting in potentially harmful situations and the best way to execute it in a clear and nuanced fashion.
If additional training or intervention is required, Avi says, companies should have an HR person who can help address investigations and create policies around compliance.
AVI discusses pronoun training, how it should be conducted in order to get the message to the right person, and how to ensure employees are addressed in an appropriate manner.
The goal is for everyone in an organization to have compliance training, and for it to be frictionless for employees to access and complete, Avi says.
Cost savings can be achieved by reducing liability and risk, as well as by making compliance part of the normal training process.

KEY QUOTE:

“You don't have to be perfect. I think that our training is not like, ‘Hey, you need to know the nuances of harassment or the nuances of what constitutes the mandatory reporter situation or what constitutes abuse’. It's more like, ‘The law says if you see this going on you have to do something’.” - Avi Singer

Resources

Avi Singer | LinkedIn | Twitter

showd.me

Data Transformation/Data Sovereignty with Dale Waterman

Tue, 10 Jan 2023 05:01:00 -0000

Tom’s guest in this episode of Innovation In Compliance is Dale Waterman, who popularized the phrase “data sovereignty” in the compliance space. The sovereignty of data, or data sovereignty, is the idea that the laws of the country where the organization is based still apply to the data regardless of where it moves across borders. He explains that both cloud computing and the Fourth Industrial Revolution technologies like AI and IoT drove the data sovereignty movement.

Dale Waterman is a Managing Director of Breakwater Solutions, a consulting firm with a focus on global data privacy, cybersecurity, information governance, and investigations. He is passionate about helping organizations implement digital transformation objectives by assessing and managing legal, regulatory, and compliance challenges. He helps organizations collect, use, manage and protect personal data in a pragmatic and compliant manner that enables data-driven business strategies.

Here are some key points Tom and Dale talk about:

Dale talks about his professional background and his role at Breakwater Solutions.
Dale defines data sovereignty, localization, and the impact on global data privacy and cybersecurity.
Dale and Tom discuss and compare how data sovereignty issues and privacy laws are viewed in MENA (Middle East, North Africa) as opposed to Europe and the United States.
Most of the problems with data sovereignty stem from mistrust of big tech and concerns about government access to data, specifically with the US government, Dale tells Tom.
To help organizations comply with ever-changing data sovereignty laws, Dale suggests that companies get to know data and laws, classification, data minimization, and management of third parties.
Dale highlights some key challenges your clients may face in the Middle East and North Africa in 2023.
Dale describes how Breakwater Solutions helps clients tackle issues like data sovereignty, cross-border data transfers, and evolving data protection laws.

KEY QUOTE:

“The sovereignty of data refers to the fact that no matter where the data moves across borders, ... you still apply the laws of the country where the organization is based.” - Dale Waterman

Resources

Dale Waterman | LinkedIn | Breakwater Solutions

The Disability Navigator with DeeJae Durante

Tue, 20 Dec 2022 05:01:00 -0000

Tom Fox's guest on this week’s show is DeeJae Durante. DeeJae is a livestream strategist and coach, helping individuals with disabilities get their messages out through marketing tools like podcasts and livestreams. She joins Tom to talk about creating accessibility for disabled individuals in the corporate world, and the true meaning of inclusion.

DeeJae's Mission

Tom asks DeeJae what started her on the path of disability advocacy. DeeJae gives an anecdote about watching her father navigate life after a traumatic brain injury. It sparked the advocacy within her. She is very passionate about helping businesses realize the importance of providing diversity options for people with disabilities, as well as being open and considerate of everyone.

The True Meaning of Inclusion

There is no inclusion without accessibility. It is impossible to be inclusive or diverse in an organization if there is no consideration for disabled people. DeeJae talks about helping businesses create systems that accommodate disabled people and building different types of accessibility. "That's why I really focus on accessibility and understanding what that concept is, because that will lead to inclusion," she tells Tom. Creating different options for individuals within the organization to access information is another key component of accessibility. "Communication is so fundamental, and accessibility to information is communication."

Accessibility Builds Loyalty

"By having a policy of accessibility and inclusion for disabled employees, you not only create a very loyal workforce, but you can actually make your business better," Tom remarks. This holds true for every aspect of business. Accessibility builds up social worth in your employees. Taking the initiative to be observant about the processes in your businesses and making sure that they are accessible to everyone is going to enhance your business. There is no excuse anymore, and there is no other option than to be accessible. "It's something that we really need to implement into our businesses and our processes as soon as possible. The sooner that we do that, the better off we're going to be and the more beneficial it will be to our business," DeeJae stresses.

Resources

DeeJae Durante | LinkedIn | Twitter

The Meta Contract with David Simon

Tue, 13 Dec 2022 05:01:00 -0000

David Simon is a Partner at Foley & Lardner in the firm’s litigation department and a member of their Government Enforcement/Compliance/White Collar Defense Practice Group, Antitrust Practice Group, and Health Industry Team. He specializes in investigations, corporate governance, and government enforcement defense law. He and Tom Fox discuss David's article "The G in ESG" and the role of compliance in ESG, specifically in the governance aspect of compliance.

The Meta Contract, Governance & Company Culture

An organization's meta contract represents what the company is truly about to the public. David tells Tom the meta contract is what the company does, who the company is, and what the company isn't. Governance comes into play by keeping the company on the right track and making sure that it operates in the way it said it would. Culture informs the way an organization adheres to its meta contract, and it starts from the corporate level. Who you hire, who you promote, policies, and internal protocols and procedures all play key parts in this.

Being Authentic

"One of the things that I see that I'm a little skeptical of is every organization trying to fit itself into the same ESG vision or model," David remarks. Every organization is different so there’s no one-size-fits-all ESG model. A company’s meta contract sets the expectations on how they present themselves to the world. True value lies in "being authentic and maintaining integrity over how you're presenting your organization, and what your values are, and who your stakeholders are, and how you rank them in terms of priority," David remarks.

ESG and Compliance

One of the great things about ESG is it allows compliance to broaden its thinking. A lot of times compliance is only focused on regulatory compliance, but David tells Tom that needs to change. "Compliance professionals need to think more broadly than just the laws and the regulatory framework, to more about what their organizational meta contract is, and they need to take steps to protect their organizations from violating it because it can be disastrous when they do," David says.

Resources

David Simon on LinkedIn

The G in ESG

The Right Training, for the Right Person at the Right Time with Roxanne Petraeus

Tue, 06 Dec 2022 05:01:00 -0000

Tom Fox's guest on this week’s show is Roxanne Petraeus. She is the CEO of Ethena, a compliance program for technology companies focusing on engagement and transparency. She and Tom talk about her career journey and what she and Ethena are bringing to the compliance sphere.

Ethena

The training Ethena offers covers everything related to compliance as a broad topic. The company seeks to answer ‘Why compliance?’ and goes deep on the concept of design. For example, how would you design your compliance solutions to prevent certain issues? What models would you look at that is similar? Roxanne tells Tom, "We just asked a fundamentally different design question: how do you iterate on the same model and make small tweaks but don't fundamentally change the way it's delivered or the key components of it?"

Employee Engagement and Engaging Training

Tom asks Roxanne how Ethena encourages employee engagement and employee training that is engaging. Employee training across any business has to be able to keep an employee's attention. "If someone has tuned out, no matter how good your content, they're not learning," Roxanne remarks. A way Ethena drives engagement is by implementing feedback. Employees are able to rate training, and this feedback tells the leaders what needs to be improved. "The reason we've made really good training is because we're forced to," Roxanne says. The employee rating data is tangible evidence of what Ethena is doing right and what it's doing wrong, so the content team can very quickly respond to that and make training better.

Train To Improve Culture

Training can't simply be seen as a part of a company's culture but also as something to improve a company's culture. The key to achieving this is to make training a valuable part of the employee experience. Training can help a company create a holistic and healthy workplace environment and show employees that the business is serious about improving.

Resources

Roxanne Petraeus | LinkedIn | Twitter

Ethena

The Agile Audit with Toby DeRoche

Tue, 29 Nov 2022 05:01:00 -0000

Tom Fox's guest on this week’s show is Toby DeRoche, a professional auditor and Senior Manager of Risk Management at Verizon. He and Tom talk about the importance of risk assessment and how it has changed in recent years.

Agile Audit

Agile Audit is simply auditing the things that matter at the current moment. It's an iterative approach, going through the entire audit lifecycle and compressing it down to the essentials. "We're saying, so here's everything that I could audit, but here's what's most important to the organization today," Toby tells Tom. "It's this continual cycle… giving you the answers to what's the most burning question you have related to risk and control in your organization today.”

Focus on The Highest Risk

If an audit plan isn't focused on relevant issues, or the highest risk, no one is going to care how well the auditing plan was executed. Focusing on low-risk issues wastes everyone's time. "We should be focusing on the things that are the highest risk and only those things," Toby says. If internal auditors aren't focused on management support, strategic objectives, and challenges, then they aren't doing their jobs.

Communicating Vs Reporting

Tom asks Toby to differentiate between communicating and reporting results as an internal auditor. Giving reports is not communication, he responds; it’s just regurgitating facts. "A much more effective way of getting the information across is to make it more digestible," Toby remarks, because it’s much more impactful, and people can more easily grasp what you're trying to say.

Looking Ahead

Companies in the future will have no choice but to use the concepts of risk assessment, continuous improvement, and continuous risk assessment. Auditing must be part of the company's objectives. "Anything that we're doing that's not focused on what matters to management and the highest risk to them achieving their goals right now, then we're completely missing the picture," Toby stresses.

Resources

Toby DeRoche | LinkedIn

Only Audit What Matters

Corporate Case Management in the Era of the DoJ's Monaco Memo: Episode 5 -Data Drives Prevention

Fri, 18 Nov 2022 06:00:00 -0000

Welcome to a special podcast series entitled, Corporate Case Management in the Era of the DoJ's Monaco Memo, sponsored by i-Sight Software Solutions. Over this five-part podcast series, I visit with Jakub Ficner, Director of Partnership Development at i-SIght. In this series we consider how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. In this concluding Part 5, we consider how data and data analytics are even more critical after the Monaco Memo and how using data can drive prevention as well as detection. Highlights include:

How does ongoing monitoring lead to continuous improvement and how does it relate to investigations?
How your investigative protocol can supplement ongoing monitoring.
How the outlays for your investigative process are a critical step going forward.
Employing root cause analysis, corrective actions, preventative action recommendations, can provide valuable data from a holistic perspective

For more information check out i-Sight here.

Corporate Case Management in the Era of the DoJ's Monaco Memo: Episode 4 -The Fair Process Doctrine

Thu, 17 Nov 2022 06:00:00 -0000

Welcome to a special podcast series entitled, Corporate Case Management in the Era of the DoJ's Monaco Memo, sponsored by i-Sight Software Solutions. Over this five-part podcast series, I visit with Jakub Ficner, Director of Partnership Development at i-SIght. In this series we consider how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. In this Part 4, we look consider the Fair Process Doctrine and how the Monaco Memo emphasized the requirements as laid out under the DOJ’s Evaluation of Corporate Compliance Programs and its Update. Highlights include:

What are DOJ expectations?
The stakeholders needed to be involved with determining, recommending, and implementing that outcome based on your investigation.
Why consistently applying the same disciplinary actions based on the nature of substantiated elements is critical.
What is the Fair Process Doctrine?
Following the Fair Process Doctrine is critical for the credibility of your investigative protocol.

For more information check out i-Sight here.

Corporate Case Management in the Era of the DoJ's Monaco Memo: Episode 3- Ethical Investigations

Wed, 16 Nov 2022 06:00:00 -0000

Welcome to a special podcast series entitled, Corporate Case Management in the Era of the DoJ's Monaco Memo, sponsored by i-Sight Software Solutions. Over this five-part podcast series, I speak with Jakub Ficner, Director of Partnership Development at i-Sight. In this series we consider how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. In this Part 3, we look at ethical investigations and how to allow your organization to meet the strictures of the Monaco Memo. Highlights include:

How did the Monaco Memo impact investigations?
The importance of keeping the reporter informed.
Why consistency and transparency are key aspects of the investigative process.
Creating an audit trail are in your investigation protocol.

For more information check out i-Sight here.

Corporate Case Management in the Era of the DoJ's Monaco Memo: Episode 2 - Strategic Triage

Tue, 15 Nov 2022 06:00:00 -0000

Welcome to a special podcast series, Corporate Case Management in the Era of the DoJ’s Monaco Memo, sponsored by i-Sight Software Solutions. In this series, I am joined by Jakub Ficner, Director of Partnership Development at i-Sight. Over this series, we detail the changes wrought by the Monaco Memo and how compliance professionals can respond to these new challenges. In this Part 2, we look at the need for active triage in your investigative protocol to allow your organization to meet the strictures of the Monaco Memo. Some of the highlights include:

What is triage in a best practices compliance program?
Why triage is as important as the original report coming in.
How to document triage for regulators.
What to do when new issues are discovered
Why is the ability to ultimately learn from your collected data a key outcome?

For more information, check out i-Sight here.

Uncovering Hidden Risks with Erica Toelle

Tue, 15 Nov 2022 05:01:00 -0000

Erica Toelle is the Senior Product Marketing Manager on the Microsoft Purview product team. Her focus is on growing the Data Lifecycle and Records Management business and listening to customers and partners to make solutions better. She and Tom Fox discuss her podcast, her book, and the relationship between technology and humans.

Relaunching the Uncovering Hidden Risks Podcast

Tom asks Erica why she relaunched her podcast. Erica explains that she hopes to target chief security officers, and people in compliance leadership roles, and provide information on topics they are interested in learning about. In particular, the podcast explores how enterprises can reduce their risk by moving to a more holistic approach to data protection. The world of compliance is rapidly changing, with new regulations and privacy laws being implemented regularly, and the leaders want to know and understand how their peers successfully comply. Erica says that her podcast will bring these stories to life, “so that we can all learn from the best practices and success and hopefully apply them in our own situation.”

Technology Requires Humans

Tom comments that a common theme on Erica’s podcast is the human element. Erica explains that technology cannot function without the human element. Technology takes care of collecting data and presenting it in a way that would help people make the best business decisions. However, no algorithm can replace the human ability to weigh, analyze and make a decision when it comes to identifying and managing risks, and driving compliance.

Microsoft 365 Compliance

Erica wrote a book entitled Microsoft 365 Compliance; Tom asks what inspired her to write this book and who is her intended audience. When the pandemic hit, Erica responds, she was working as a consultant at Microsoft helping customers deploy compliance tools. She was one of the only Microsoft Teams compliance experts in the world. It was a stressful period as she was trying to keep governments and business afloat and online. This situation taught her that there was a need for more compliance experts who were familiar with Microsoft’s compliance technology. Therefore, she decided to write a book to make the assimilation into the job and online compliance sphere easier for her successors.

Looking Ahead

In the future, Erica would like to address more topics her listeners would like to hear about related to compliance. Additionally, she would like to interview more diverse guests to get a broader perspective on what is happening in the compliance space outside of Microsoft.

Resources

Erica Toelle | LinkedIn | Twitter

Uncovering Hidden Risks Podcast | Microsoft 365 Compliance: A Practical Guide to Managing Risk

Corporate Case Management in the Era of the DoJ's Monaco Memo: Episode 1-A Speak-Up Culture

Mon, 14 Nov 2022 06:00:00 -0000

Welcome to a special podcast series entitled, Corporate Case Management in the Era of the DoJ's Monaco Memo, sponsored by i-Sight Software Solutions. In this series I am joined by Jake Finer, Director of Partnership Development at i-Sight.Over this series, we not only detail the changes wrought by the Monaco Memo but how compliance professionals can respond to these new challenges. In this Part 1, we look at the role of a speak up culture in responding to the DOJ changes set out in the Monaco Memo. Highlights include:

What did the Monaco Memo say about corporate culture?
What is a 'speak-up culture'?
How do we encourage and foster a speak up culture?
Why is setting expectations is critical to creating and maintaining a speak up culture.
How a speak up culture can provide valuable compliance and business operations information.

For more information check out i-Sight here.

The Many Marketing Uses of Podcasts with Jay Rosen

Tue, 08 Nov 2022 05:01:00 -0000

Jay Rosen is the Vice President of Business Development at Affiliated Monitors, Inc., a company that helps businesses face certain types of ethics and compliance challenges. Tom Fox and Jay talk about the power of podcasting as a new component of marketing for Affiliated Monitors in this week’s show.

Getting The Message Out

Tom asks Jay to elaborate on how he's been able to help people within his organization become more comfortable with having short and direct messages to send out about Affiliated Monitors. "My message - and our message internally to our folks - is that they are just so well versed and so talented, there's nothing to be afraid of," Jay says. He adds that they are removing barriers of entry and letting employees know that no matter what level of staff they're at, they have a story to tell. "Personalize your experience at AMI, and that enthusiasm will come through to the people who want to watch."

The Beauty of Evergreen

Jay talks about previous podcast series he's had with Tom and explains that AMI was able to evolve its thinking around podcasts because the previous series was evergreen. The beauty of evergreen podcast content is that you're able to repurpose it, repackage it, and use it in your target marketing. "It exists on the AMI website, and it's still valuable content as well as an incredibly cost-effective tool for you because if you want to slice and dice something you did a couple of years ago in a different way, for a different reason, today, it doesn't cost you anything but your time," Tom adds.

Podcasts As a Channel Tool

A podcast you make lives somewhere, such as your website or Apple Podcast. Your podcast connects you digitally to people you've never met in person and that's a powerful networking tool. You're connecting companies and services.

Resources

Jay Rosen | LinkedIn | Twitter

Affiliated Monitors, Inc

Podcast for Business

The Awakened Company with Catherine Bell

Tue, 01 Nov 2022 04:01:00 -0000

Catherine Bell is the founder of The Awakened Company, a business that focuses on helping companies create healthy corporate cultures. She is also a partner in the newly launched Awakenly app, as well as a collaborator with Enneagram thought leader Russ Hudson. Tom Fox welcomes Catherine to this week’s show to talk about how we can create healthier cultures in our organizations, and awaken ourselves, our relationships, our teams, and our communities.

Let It Be Meaningful

In the current work culture and climate, people are looking for more meaningful experiences. "There is an invitation for us all to become more simple in our lives because it's not actually all the things that we acquire that actually provide our life force with fuel," Catherine says. When work has meaning and significance, and when people have control over their work, that is what keeps them engaged. People are now looking for something deeper from their work. As such, businesses need to offer meaning and substance to their employees' lives, solve challenges, and do so without causing harm to either humanity or the planet.

Strategy With A Soul

Tom asks Catherine how leaders can create a strategy that has soul. Catherine iterates that this means making sure people in the organization understand what role they play in the company. What is the vision? What are the goals? What are the metrics surrounding those goals? What are the values? How are you building community and connection with people? These are all vital questions that need to be asked to create a strategy that works for the whole organization and everyone in it.

Establish Trust

To create an open corporate culture where everyone feels free to be themselves and to ask questions, there needs to be a healthy amount of trust. "Trust makes everything go faster, but when there's a lack of trust… it makes everything slower," Catherine remarks. Defining the roles, ensuring everyone understands the part they have to play in the company and cultivating relationships beyond those roles are the first steps in establishing healthy trust. Spending one on one time with your team members and being genuinely interested in their lives, and having conversations beyond just work, go a long way. "We need to treat ourselves more tenderly and our relationships more tenderly, and that builds trust. You get more of a vocal communication," Catherine tells Tom.

Looking Ahead

Tom asks Catherine where she sees the topic of an awakened company going in the future. Currently, The Awakened Company is being incorporated into a business school as a degree program. The adoption of this mindset is already in motion, Catherine responds. She emphasizes that we need to learn from the past and build better. Asking yourself how are you showing up as a leader, how are you cultivating relationships, and how are you building community are important questions. "The invitation for the future is really to use our awareness and attention to build something magnificent, a healthy forest for our families, for our communities, and for our world."

Resources

Catherine Bell | LinkedIn | Twitter | Facebook | Instagram

The Awakened Company

The Awakened Company by Catherine Bell

Awakenly

How Podcasting Can Build Your Business with Megan Dougherty

Tue, 25 Oct 2022 04:01:00 -0000

Megan Dougherty is the co-founder of One Stone Creative, a company that works with business owners to get more podcast listeners in less time so they can focus on strategy and engagement. Tom Fox welcomes her to this week’s show to talk about the power of podcasts, how they can impact and grow your business, and the upcoming Podcasting for Business Conference in November.

Build Passion and Relationships

A podcast is the perfect outlet for a business to share ideas they are passionate about. It allows you to grow your business and build relationships with like-minded people. "One of the biggest benefits that we've both noticed in podcasting is the networking and relationship-building aspect of it," Megan says. "Who you know in podcasting is everything." Podcasting is a unique and very valuable part of your social media marketing and allows you to create content and build relationships consistently. You're also able to feed all the other areas of your business through this one channel.

Podcasting Builds Intimacy

Tom remarks on the way the podcast format builds intimacy. "Podcasters are in people's heads,” he tells Megan. “That's really an intimacy that you don't get in other forms of marketing or social media marketing.” The strategies you can use to get your message across also vary, he adds. When you podcast, your message is out there forever. Furthermore, you can repurpose it in various ways for different platforms such as LinkedIn and Twitter. The podcast format is an effective resource for getting your message out.

PFB: Feature Presentations

Tom and Megan go through the list of key speakers for the upcoming Podcasting for Business event in November, and share a few of the topics they will be presenting on. Tom specifically mentions Ariel Nissenblatt, who will be doing a presentation on podcast newsletters. Podcast newsletters are effective ways for you to talk not just about your podcast but also any other valuable information you may think listeners would need. Another featured presentation centers around leveraging and growing your podcast and understanding your brand. Your brand is your promise to deliver on a type of message. If you want to start a podcast, authenticity is all that matters. Simply be yourself. Megan also adds that podcasting allows for other businesses to take advantage of free PR. "You're offering them exposure to your own audience. It's free PR. That equalizes conversations in a really big way, and that makes it a lot easier for people to reach out."

Resources

Megan Dougherty | LinkedIn

One Stone Creative

Podcast for Business

Making Impactful Leadership with Linda Fisk

Tue, 18 Oct 2022 04:01:00 -0000

Linda Fisk is an award-winning author, speaker, and university professor. Her mission is to amplify and extend the success of other high-caliber business leaders. She is the CEO and Founder of LeadHERship Global, a community of unstoppable women enhancing their leadership blueprint and embracing their power to be the best version of themselves. In this week’s episode, she and Tom Fox discuss the challenges that come with leadership and how to overcome them.

Leadership Is a Passion

Tom asks Linda why she is so passionate about leadership and teaching others how to be effective leaders. She explains that throughout her career she has had the privilege to serve as the CEO or the CMO. From this position, she has witnessed first-hand “the transformational power of leaders coming together to solve problems, to advance solutions, to be able to tackle some of the most daunting issues our planet is facing today”. She explains that good leadership will always be the driving force behind a successful organization. She began studying leadership because she realized it was about making meaningful contributions to people's lives. She believes that while there are natural-born leaders – anyone can be an excellent leader.

Origins of LeadHERship

Tom asks what led to Linda founding LeadHERship Global. While working in the C-suite, she responds, she witnessed the magnitude of what stellar leadership does for the success of the organization. Linda wanted to create “a haven for women in leadership” – a community where all women could be successful, despite their race, background, religion, or socioeconomic position. She says, “All women around the world are worthy of being considered valuable, and they should be honored, and they should be allowed to advance their success.” Her company provides all the resources, tools, learning, and connections for these women to level the playing field with their male counterparts and achieve success.

The Intervention of a Leadership Coach

Tom asks, “When should I hire a leadership coach?” Linda believes that you should hire a leadership coach when you:

need help navigating through real and potential conflict;
are trying to cultivate your executive presence;
are polishing your leadership skills;
are fostering a greater sense of work-life integration; or
want to create sustainable leadership practices.

Becoming a better leader means learning and practicing leadership skills. Hiring a coach means that you can get honest and objective feedback on the way your employees experience you as a leader.

Resources

Linda Fisk | LinkedIn | Twitter

LeadHERship Global

Innovating Compliance in the Middle East and Africa with Tomell Ceasar

Tue, 11 Oct 2022 04:01:00 -0000

Tomell Ceasar is the Group Head of Ethics and Compliance at Careem (An Uber Company). He is one of the founders of the Middle East and Africa Compliance Association (MEACA). This organization strives to raise awareness on business ethics and provides tools to build stronger and more responsible businesses. Essentially, they promote global regulatory compliance and effective governance in the Middle East and Africa. In this week’s episode, he explains to Tom the intricacies of practicing compliance outside the US, specifically the EAME.

Compliance Practice in the EAME

Tom asks Tomell to describe what it is like practicing compliance in EAME. Tomell responds that it's difficult to make broad generalizations on compliance region-wide since the EAME is such a huge territory. Compliance is a “Western value in terms of the way one approaches international business”, Tomell remarks, so adoption would take some time. However, appreciation of compliance roles and professionals grew exponentially over the past decade. International companies are seeing compliance through the US lens, and “they identified values of compliance being important enough to them to adopt similar frameworks and ideological perspectives as it relates to commercial enterprise, to be equivalent to the United States,” Tomell remarks.

The Birth of the MEACA

As a co-founder of the Middle East and Africa Compliance Association, Tom wants to know how Tomell came up with the idea for the MEACA. Tomell explains that “the values of compliance have traditionally not been a staple of commercial enterprises in these regions.” Compliance has had a real maturation process over the last 10 years, and Tomell and his team saw a major opportunity to support the development and growth towards that end. There was a need for an organization willing to serve the distinct purpose of “serving and supporting the compliance community and to give them an avenue to connect, to network, to broaden their skill set.” Thus, the MEACA was born. To this day, they help companies promote and catalyze the compliance movement toward fighting corruption in companies and society.

Resources

Tomell Ceasar | LinkedIn

The Middle East and Africa Compliance Association

At the Intersection of Law, Data and Technology with Mollie Nichols

Tue, 04 Oct 2022 04:01:00 -0000

Mollie Nichols is the co-founder and CEO at Redgrave Data, a technology solutions provider. Redgrave Data aims to re-explore how data is analyzed and utilized to drive effective business and legal solutions. Mollie’s legal career spans 3 decades; her mission, she tells Tom Fox, is to provide services at the intersection of law, technology, and science. She and Tom discuss her company, as well as the importance of data governance and ESG.

Technology Helps

Her stint as assistant to the Texas Attorney General in the late 1990s aroused Mollie’s interest in how data and technology could impact the practice of law. Mollie found an analytics tool that did exactly what they needed to have a breakthrough in the investigation. She remarks, “For me, it was like an ‘Aha!’ moment that showed how powerful technology could be in the practice of law. I literally changed my career at that moment in time, to focus on technology and how it could help clients deal with legal matters.”

Automating Regulatory Processes

Tom asks Mollie what led her to co-found Redgrave Data and what are the data analytic abilities of the organization. Redgrave Data is associated with Redgrave LLP, a law firm that focuses on information law. Mollie explains that she left Redgrave LLP to focus more on data. She had previously worked as the Head of Advanced Data Solutions, and she had an exceptional team that was able to build a program to deal with client data issues; this program enhanced lawyers’ ability to help their clients. She re-assembled this team to execute the same mission at Redgrave Data.

Previously, lawyers had to search regulatory websites to assist their clients with regulatory needs. She and the team automated the entire process, making it less costly and more accessible for lawyers. She describes how they use commercial and cloud tools to do content analytics as well as communication analysis. This allows them to develop a sound legal strategy.

Data Governance and ESG

Tom asks how Redgrave Data helps a company in the area of data governance as it relates to ESG. Mollie explains that data is crucial as it helps them make better business decisions by tracking trends, results, and KPIs. Data also can guide legal decisions. Mollie observes that data governance is important to both businesses and lawyers as it intersects information governance, data privacy, cybersecurity, and e-discovery. From a data governance and corporate governance perspective, businesses need to be transparent about what’s going on within the organization, how to find specific data, and how to measure success. Redgrave Data can assist with finding these data points, and pull the data to a dashboard so it can be viewed and analyzed.

Resources

Mollie Nichols | LinkedIn | Redgrave Data

The Headless Brand with Connor Borrego

Tue, 27 Sep 2022 04:01:00 -0000

Connor Borrego is the Chief Executive Officer at Emergent Digital. He is an expert in data warehousing, artificial intelligence, and business applications, with over 10 years of experience in the digital marketing industry. “The highlight of my career was landing at Google, where I did a two-year stint coaching startups that have raised between $5 and $50 million on how to profitably use Google Ads to grow their business,” he tells Tom Fox. Currently, he is building a Web 3.0-powered productivity and growth marketing tool for content creators to help them fully own the value of their first-party data. He joins Tom on this week’s show to explore the world of NFTs, Web 3.0, what it means for business professionals, and how Emergent Digital handles the changing technological landscape.

What is Web 3.0

Connor explains that Web 3.0 is the next iteration of the internet and online technologies. To fully understand Web 3.0, you should first understand Web 1.0 and 2.0, he tells Tom. Web 1.0 is the ‘read and post internet’: only the tech-savvy could have a website or app with minimum functionality that other users could access. Web 2.0 is ‘the social Internet’, with the emergence of social media platforms and cloud-driven technology that make it easier for internet users to create content and tools for other users. Web 3.0, Connor remarks, is “focused on a user-owned internet … if we provide users with a standard socket to encrypt and hold their data, they can plug it into any application or website they use, giving them privacy and protection… without losing the functionality of today's modern technologies.”

The Role of Emergent Digital

Tom asks how Emergent Digital ties these together for the content creator. Connor explains that Emergent Digital is a marketing agency that is prepared for the shift to Web 3.0. He says that if you are a brand or artist that is interested in making NFTs, Emergent Digital can provide web or application development and digital marketing. UniPro, their software tool currently under development, is going to be the cryptocurrency wallet that would host their first-party data to allow the user to plug it into additional applications. First-party data, he explains, is data a company keeps about its own operations. He contrasts this with third-party data and comments on the privacy issues arising from third-party data.

Driving Stakeholder Engagement

“An integrated metaverse can drive stakeholder engagement,” Tom remarks. He and Connor discuss the idea of a headless brand. He says, “It's the idea that someone's putting an image, a brand aesthetic as well as values out there and creating a community of stakeholders around that concept, and giving them ownership in the development of that brand and the use cases and application of that brand.” This has the potential to amplify the voice of customers and brand advocates, ultimately improving the company's image and market share.

Tom asks how he helps creatives develop a long-term strategy. Connor explains that it starts with his first-party data strategy paired with paid advertising analytics. Creators often give digital products away for free, usually in the form of an image, video, or audio clip. The company has an efficient, non-invasive method using their proprietary tool that raises valuable engagement from the customer on behalf of the creative. “We are working to build your first-party data because all of that … data is useful to analyze what … content on your site is driving the most performance… allowing you to double down where your success is. At the same time, each level you achieve increases the probability that you're making money on your advertising investment, which is the ultimate goal.” Connor explains.

Resources

Connor Borrego | LinkedIn | Emergent Digital

UniPr0.com

Enter The Metaverse with James Shannon

Tue, 20 Sep 2022 04:01:00 -0000

James Shannon is the founder and CEO of Xone, a mixed reality platform that makes it easy to build, share and interact inside virtual worlds. Their mission is to create a bridge into the metaverse using familiar social media interfaces and immersive environments, to onboard creators into Web 3.0. He and Tom Fox talk about Xone, and its place in the current technological sphere and metaverse.

Defining Web 3.0 Terminology

James defines key Web 3.0 terms, including NFT, metaverse, and augmented reality social media platforms. NFTs or non-fungible tokens are attached to digital assets to make them scarce using blockchain technology. The metaverse, he says, is “an interconnected series of virtual worlds that can be accessed through mixed reality devices and blockchain technology”. He explains that “augmented reality is overlaying digital information on top of the physical world”. Thus augmented reality social media will be a combination of augmented reality and social media interfaces.

Bridging the Gap

Tom asks James how Xone integrates NFTs, the metaverse, Web 3.0, and augmented reality social media in a coherent framework. James responds that the biggest challenge with the Web 3.0 world is its newness: only 1% of internet users are familiar with it, and it's quite difficult to use. He wants to make Web 3.0 more accessible and suggests that developers should help new users adopt this new technology through applications they already use, such as TikTok. “Xone is trying to bridge the gap between those social media platforms we know so well and the Web 3.0 technology that we don't,” he tells Tom. “It merges the familiar interfaces that we’re used to on current social media apps with immersive and blockchain technology.”

Are NFTs the Future?

James believes that NFTs would always have a place in Web 3.0 as they are the “gateway to the metaverse”. However, users aren't going to have the same relationship with NFTs as they do now. “In the next 2 to 5 years, NFTs will have evolved dramatically,” he predicts. Companies, brands, and strategies would combine the NFT token with a use case. For example, musicians could sell them to fans and they would provide access to an exclusive fan club that unlocks special content, backstage passes, and discounts on future shows.

Resources

James Shannon | LinkedIn | Twitter

Xone

Supply Chain and ESG – What You Need to Know: Episode 5 - Responsible Minerals, Supply Chain and ESG with Jared Connors and Daniel Zamora

Mon, 19 Sep 2022 15:00:00 -0000

Jared Connors and Daniel Zamora join Tom Fox in the final episode of the Supply Chain and ESG – What You Need to Know series, to discuss how market expectations have evolved with regards to due diligence in the responsible sourcing field.

Due diligence used to be a data collection exercise where you get transparency into your supply chain, but now it's all about what you do with that information after you collect data - how a company can move from being reactive to being proactive. The first step to making this move is collecting data more efficiently; this allows you to have the resources in place to perform risk management within your supply chain. You need to know who’s on your supply chain, and you need to have a specific program in place to identify the risks of smelters.

Under the Biden administration, there has been a major focus on critical minerals when it comes to sanctions and regulations. Critical minerals are not specifically tied to the Dodd-Frank Act, but this focus has emphasized to stakeholders in the industry to be vigilant about them in general. Having an entity in your supply chain that is tied to a sanction puts you at risk no matter how direct or indirect that linkage is.

Resources

Supply Chain and ESG – What You Need to Know: Episode 4 - Scope 3 Emissions Reporting Strategy with Devin O’Herron and Jared Connors

Fri, 16 Sep 2022 15:00:00 -0000

In part 4 of the Supply Chain and ESG - What You Need to Know series,Tom Fox is joined by Devin O’Herron and Jared Connors of Assent to discuss Scope 3 emissions reporting as the key to disclosure success. They talk about the importance of accounting for Scope 3 in your emissions strategy.

There are three scope levels within the emissions reporting strategy: Scope 1 refers to things like your vehicle or things you’re doing around your facility; Scope 2 is the purchased heat or electricity powering your facility; and Scope 3 is all those variables outside your four walls. The most important aspect of Scope 3 is purchased goods. This has a large impact on organizations that may not necessarily take in raw materials and directly manufacture those raw materials into a finished good. The supply chain is a very significant factor to consider when coming up with the emissions strategy as a company.

A recent study found that Scope 3 emissions are typically 11 times larger than an organization's Scope 1 and 2 emissions combined. As mandatory climate disclosure legislation progresses into the future, the overall emissions strategy needs to start accounting for Scope 3 as much as possible.

Resources

Supply Chain and ESG – What You Need to Know: Episode 3 - The New World of Product Compliance and ESG with Cally Edgren and Devin O’Herron

Thu, 15 Sep 2022 15:00:00 -0000

In part 3 of the Supply Chain and ESG - What You Need to Know series, Cally Edgren and Devin O’Herron join Tom Fox to discuss product compliance and sustainability. They explore how the two worlds are starting to intersect. This series is sponsored by Assent Compliance.

Making sure products meet regulatory requirements is what product compliance is all about. In recent years, the requirements have been changing. There used to be a focus on safety features like mechanical and electrical safety, but things changed with the RoHS Directive in 2002. That directive was meant to make sure electronic waste from third-world countries was safe. It was one of the first times a regulatory rule had more to do with sustainability than traditional product safety.

Manufacturers need to understand that their customers are no longer just concerned with what they hold in their hands at the end of the process - they want to make sure that their suppliers are using responsible processes. The two worlds of operations compliance and product compliance are starting to connect. As we become increasingly aware of the importance and relevance of the social and environmental costs associated with manufacturing processes and the barrier they present towards sustainability, ESG metrics represent another way of managing and measuring these externalities.

Resources

Supply Chain and ESG – What You Need to Know: Episode 2 - UFLPA, Supply Chains and ESG with Travis Miller and Jamie Wallisch

Wed, 14 Sep 2022 15:00:00 -0000

Tom Fox welcomes Travis Miller and Jamie Wallisch to part 2 of the Supply Chain and ESG - What You Need to Know podcast series, sponsored by Assent. In this episode, they talk about the Uyghur Forced Labor Prevention Act (UFLPA), and how it impacts the way companies do business across the supply chain.

The UFLPA is a United States federal law that stops companies from importing products made with forced labor in the Xinjiang region of China, or any other part of China with forced labor by workers or other minorities. This law is important because it makes sure that companies are aware of what is happening and take steps to stop it. The UFLPA makes companies use processes that already exist in their business. To follow the UFLPA, your company would need to have a compliance program in place. Jamie also explains how regulators could assess companies' compliance programs using the UFLPA.

For ESG to succeed, ESG is important for companies to do well. Each company out there affects more than just the people who work there. It's not just about who you choose to do business with, but also who you choose to profit from. You can't just condemn bad business practices verbally. You have to be actively engaged in ethical behavior.

Resources

Supply Chain and ESG – What You Need to Know: Episode 1 - ESG Drivers with James Calder and Jared Connors

Tue, 13 Sep 2022 15:00:00 -0000

James Calder and Jared Connors are today’s guests on this premier episode of the 5-part series, Supply Chain and ESG - What You Need to Know. This series is sponsored by Assent. In this conversation, they chat with Tom Fox about how ESG impacts a company's performance presently and in the future.

Before the pandemic, many companies were very dependent on global supply chains. But now that the pandemic has started, companies need to be more resilient and focus on environmental resilience. This means that they need to be careful about where they get their supplies from because there is a risk of disruptions. Additionally, companies that can't demonstrate that their products don't violate human rights are at a disadvantage. Without evidence that they are adhering to labor laws, they could lose business to their competitors, Jared tells Tom.

ESG can help companies save money and be more efficient. "When you think about that in the context of labor… if you're helping the well-being of these organizations or these individuals out there working in these organizations, oftentimes you see a lot more efficiency and better quality in their work," Jared says.

Resources

LRN | LRN Report - Assessing Corporate Culture

Compliance and the Chain of Value Creation with Simon Severino

Tue, 13 Sep 2022 04:01:00 -0000

Simon Severino studied philosophy at the University of Vienna and later became a business coach at a global consultancy. Two decades of experience led him to found his own consulting firm, through which he now advises business leaders about market strategy via his Strategy SprintsTM Method. He and Tom Fox explore his signature methodology and how it translates into creating value in the compliance space.

The Problem of Strategy

Simon tells Tom that the problem was how to create strategy. There are tools to analyze the market and figure out how to enter it. However, the tools to build an organized, aligned team that gets feedback quickly were missing. Since the executive team is removed from the market, they don't have closed loops. "For the last 15 years, I've been obsessed with just building that [tool],” Simon comments. “How can an executive team have an agile way of doing things so it feels like a sports team? That's what I've been building. That's now the Strategy SprintsTM Method and the Strategy SprintsTM Company and the Strategy SprintsTM product, which is 90 days coaching of executives."

The Chain of Value Creation

“I always see the whole chain of value creation or the chain that really matters,” Simon says. The chain doesn’t stop at his clients; their clients are part of the chain as well. He says that compliance officers should consider how they can become a valuable contribution to the whole chain. He suggests that they see themselves as business partners. “Always see yourself as a business partner of your internal colleagues and… everybody serves the client out there.” Tom responds that putting the customer first translates into greater profitability. It means you become a business generator instead of a cost center, he tells Simon. They discuss Peter Drucker’s contribution to the practice of management, and how he influenced Simon’s work. “My whole work is Peter Drucker's philosophy plus agile methods for the digital age,” Simon comments. The concept of efficiency vs effectiveness is one of Drucker’s principles he adopts: “Spend more time on effectiveness, finding out what's the right thing to do in the first place.”

Strategy SprintsTM

Tom asks Simon to talk about the key points in his book Strategy Sprints: 12 Ways to Accelerate Growth for an Agile Business. Simon responds that it’s about asking yourself what is the right thing to do now. In today's digital age, with broken supply chains and volatile markets, it can be difficult to make decisions. The book provides case studies and blueprints for taking the right actions in various areas like operations, marketing, sales, hiring, and client onboarding. Many CEOS today are talking about how to renegotiate contracts so that they reduce the risk of something going wrong. They can do this by splitting the risk and making sure that costs are variable instead of fixed. This will help them be more prepared if something does happen. “Risk management is the highest art form when you run a business because everything is risk/reward ratio,” Simon comments. “You have to become very good at weighted probabilities.” He explains why he thinks Elon Musk is a master of risk management, and why it’s the safer way to build a business.

Resources

Simon Severino on LinkedIn

Strategy SprintsTM | Website | Book

Profits + Purpose with George Serafeim

Tue, 06 Sep 2022 04:01:00 -0000

George Serafeim is a Professor of Business Administration at Harvard Business School and author of the book, Profits + Purpose, How Business Can Uplift The World. His contribution to the compliance space is enviable, including advising many compliance professionals. He and Tom Fox discuss his new book and explore how it benefits businesses and compliance professionals.

A Strong Sense of Purpose

Tom asks George why he wrote the book, Profits + Purpose. George says that he noticed a trend that students, when he asked them why they chose to study business, often replied: “because of money”. In reality, however, most people venture into business because they have an interesting idea about a cool product they're passionate about. “Most people that go into business have a strong sense of purpose,” he tells Tom; “it is something I’ve seen in my students over time that has ended up doing incredible things.” Purpose-driven business leaders often create incredible and profitable organizations. It’s important to be profitable since profits make your business both sustainable and scalable. George points out that technology has changed the world, expanding transparency and choice. These changes add value to an organization, he says.

A Balancing Act

“Human, social, intellectual and natural capital are becoming increasingly important drivers in competitiveness around the world,” George remarks. “It’s all about balancing the act between how you view the ability to deliver, show short-term results that build credibility in the marketplace and also builds momentum inside the organization, but also keeping the eye on the long-term vision about how you deliver to stakeholders.” Purpose-driven organizations are able to make these tough choices because they have the proper systems in place.

The Role of Gen Xers and Millennials

Tom asks George how he sees the role of Gen Xers and millennials in the discussion about profit. From his observations, George responds, younger working class generations view the world differently from their predecessors. “They have very high expectations about workplace practices…” Essentially, they are looking for autonomy in their jobs, being given ample opportunities to grow, and they expect their workplace to be transparent about their practices.

The Six Archetypes of Value Creation

Tom and George discuss the six archetypes of value creation. These archetypes highlight the transformative things you can do inside your organization. On the one axis you have the potential value that you could create through your actions and on the other axis is the implementation risk. The higher the implementation risk, the higher the potential for value creation.

Resources

George Serafeim | Harvard School of Business | LinkedIn | Twitter

Purpose + Profits on Amazon

Data Integrity Through Intelligent Document Processing with Will Robinson

Tue, 30 Aug 2022 04:01:00 -0000

Will Robinson is a former investment banker, who now serves as the CEO at Encapture, a 20-year-old document management services company that pivoted into a SaaS product company in 2019. Tom Fox welcomes him to this week’s show to discuss how Encapture helps its customers attain data integrity through intelligent document processing.

Intelligent Document Processing

Encapture is a software company with a unique process called “intelligent document processing”. Will explains that this process makes it easy for organizations of varying sizes to collect incoming documents as a part of a business process. “Encapture’s machine learning can read the document and discern what type of document it is, then the system can extract data out of these documents and utilize the data for a variety of purposes,” he says. It can transfer data to another system as well as compare data across multiple documents. “We can automate a bunch of reporting on the compliance front,” he adds.

Compliance and Intelligent Document Processing

Tom asks Will to explain what intelligent document processing adds to the compliance aspect of Encapture’s customers like financial institutions. When discussing what values their services add to a bank, Will comments that "reduced compliance risk is honed into because it's mission-critical". Recently, more compliance regulations are being added, and the banks have no choice but to implement them because protecting customers and their data is the number one priority. Will explains that in any compliance initiative there's data that's being reported or there are processes that have to be well documented. Whenever a compliance regulator comes to ensure that the rules are being implemented this data has to be verified by about 5 different people, and this is a lengthy process. However, intelligent document processing can ensure that this process is done quickly and efficiently.

Evolution of Data Integrity

Tom adds that risk is always changing in the form of regulations and with data integrity, the new information will have to be vetted by every new regulation change. “Additionally there will be more requests for your information as the government and others may want it. However, if you have strong data integrity, you have that upstream problem solved and you can pull that data with a software update.” Your solution should be expansive enough to solve multiple regulatory changes. Will agrees and highlights that even though banks are usually late adopters of technology, “they recognize there's need for a change, there's need to update processes and update systems”.

ESG: An Incremental Change

Banks are more reactive instead of proactive when it comes to ESG, Will tells Tom. Most of the ESG changes being implemented are incremental; using a proven process and appropriate technology like Encapture, complying with new regulations can be seamless and often happen within a few days. This directly benefits compliance leaders who need a dynamic platform that evolves with the ever-changing real world, Will points out. Tom comments that banks usually already have the information they need to comply, but it’s siloed. Encapture is “a very powerful tool” that can help them utilize the information to respond more nimbly and a lot more quickly. “We feel like everybody is better served if we can solve this compliance issue and solve it efficiently,” Will remarks.

Resources

Will Robinson | LinkedIn | Encapture

Assessing Corporate Culture with Ty Francis

Tue, 23 Aug 2022 04:01:00 -0000

Ty Francis is a renowned compliance leader and the Chief Advisory Officer at LRN; he leads the company’s worldwide ethics and compliance consulting, ESG, and community outreach strategy. Tom Fox welcomes him to this week’s episode of Innovation In Compliance to discuss LRN’s new report, Assessing Corporate Culture.

The Genesis of the Assessing Corporate Culture Report

Tom asks Ty about the genesis of the LRN report. This is the second report LRN produced; the first one was about activating culture and ethics in the boardroom. Their previous research led the team at LRN to realize that most corporate boards did not understand the culture. Ty says, “Over the last 10 years, culture is so high on those lists, but when you look further into the survey and ask them what they’ve done to measure this culture, it's nonexistent.” Therefore, LRN sought to discover the general opinion on culture and ethics compliance and provide a roadmap on how to activate these skills within a company.

Roadmap for Building Corporate Culture

Tom highlights how the report can be used as a roadmap to building culture. Ty says that building corporate culture starts with defining ethical culture. Ethical culture is the codification of what an organization stands for and the systems that support those beliefs; the core architecture should be reinforced by leadership in how they model desired behavior. The second step in building culture is getting to know the most valuable members within your company, in each department. Culture is extremely important for building relationships within a company and allowing people to hear opinions from all sides.

The Relationship Between ESG and Corporate Culture

The culture within a corporate setting has always been an ESG issue. The governance aspect of ESG is directly related to culture as it is something that companies should have been implementing for years. Ty remarks, “It shows the company’s values across the board and I think when you have a mismatch of what the company says it’s doing and what they are really doing, that can fragment any ability for a company to demonstrate that it is really a forward-thinking, future-expanding company.” The governance is to be upheld by the board, stewards, stakeholders, and managers. He lists five key considerations for boards:

prioritizing culture on the board agenda,
challenging the board’s culture,
mentoring and monitoring,
articulating the desired culture, and
establishing clear communication.

Looking Ahead

Acknowledging the new legal and regulatory requirements, public pressure, and the evolution of thinking surrounding corporate culture, Tom asks Ty if he believes that boards will maintain the corporate culture into 2025 and beyond. Ty believes these pressures will force boards to manage and maintain the corporate culture.

Resources

Ty Francis | LinkedIn | Twitter

Innovation as a Process with Stephen Shapiro

Tue, 16 Aug 2022 04:01:00 -0000

Tom Fox asks Stephen Shapiro what makes him so passionate about innovation. He replies, “It is the key for economic growth for companies, for individuals and society.” Twenty-five years ago, Stephen launched a successful innovation practice at Accenture that focused on value creation and growth. He left Accenture in 2001, but his ongoing work is still all about innovation. Tom Fox welcomes him to this week’s show to discuss his patented FAST innovation process.

FAST Innovation

Tom asks Stephen to describe his FAST innovation approach. Processes need to be repeatable and predictable, Stephen says. FAST stands for Focus, Ask, Shift and Test. People usually think of the mass production of ideas and suggestions when they think about innovation. However, true innovation requires you to determine where to focus your limited energy and resources on what is most important. Then, ask more goal-specific questions that would enable you to deliver better solutions. Finally, test these solutions to bring them to market.

Culture of Innovation

How do you build a culture of innovation, Tom asks Stephen. How did you build it in a massive company like Accenture? Culture is important because that becomes the norms, beliefs, and behaviors that people take on, Stephen replies. Most companies are on one of three levels: they see innovation either as an event, a process, or a system. A culture of innovation allows employees to work more flexibly as they know the rules and how to execute them seamlessly.

Asking Better Questions

“Innovation isn't about the idea, it's not about the solution; it's actually about the value it ultimately creates,” Stephen tells listeners. He is passionate about creating something of value and then selling it in a way that people become excited about it. He tells Tom about the books he authored and highlights key takeaways from his recent book Invisible Solutions. The book is based on a tool that Stephen developed; “its purpose is to help people stop looking for answers and to look for better questions,” he remarks. The process of reframing allows you to look at the problem from a different angle. Better questions lead to better solutions.

Talent Acquisition and Retention

Stephen’s white paper, How We Created a 20,000-Person Culture of Innovation at Accenture… and You Can Do It Too, advocates training masters and having them push the innovation message throughout the organization. Innovation -and compliance- has to be for people by people, Tom and Stephen agree. Hiring strategy is part and parcel of this. Hire for divergent thinking, Stephen advises. “People have different perspectives, different experiences, different personalities and when we embrace that and appreciate what each person brings to the table, then we can create a powerful culture of innovation.” If your company creates a culture of innovation with strong values, you’ll attract and keep top-level talent. People prefer to work at companies where it feels like their work matters and their individual, unique talents are recognized and appreciated. They want to work for companies where they are evaluated based on their skill set and are rewarded appropriately.

Read full show notes at Innovation in Compliance.

Resources

Stephen Shapiro | LinkedIn | Twitter

Website | Personality Poker | Invisible Solutions

White Paper: How We Created a 20,000-Person Culture of Innovation at Accenture… and You Can Do It Too

Passionate About AML with Simon Winchester

Tue, 09 Aug 2022 04:01:00 -0000

Simon Winchester is the Vice President of Advanced Technologies at Jumio Corporation. His responsibilities entail building the go-to-market strategies for newly acquired technologies within Jumio and then driving the adoption on a global scale. One of the company’s most recent additions is its AML (anti-money laundering) solutions. Tom Fox welcomes him to this week’s show to talk about current world events and the company’s AML solution.

Money Laundering in 2022

Tom asks Simon if money laundering schemes have become more ubiquitous since the Russian invasion of Ukraine. Simon replies that the recent events certainly had an impact. He says that money laundering is “criminals taking illicitly-gained funds and then turning them into legitimate cash or assets which are ideally free of suspicion.” At the core of this criminal process are three themes: placement, layering, and integration. Due to the digital environment we live in today, more people from all demographics are comfortable with digital banking, and criminals now find it easier to launder money, which makes it more difficult to detect. Fortunately, Jumio works hard to provide AML solutions and offer more effective compliance programs.

Key AML Regulations

Tom asks Simon what are some of the key AML regulations that Jumio advises clients on. It mostly depends on where your organization is located in the world, as local enforcement bodies drive AML regulations, Simon responds. These regulations will take a cue from international standards set by the Financial Action Task Force, which functions as a “global AML watchdog”. In the UK, the EU AML directives shape policy and provide guidance. Recently, they brought a new directive into effect which “increased the frequency of regulatory updates to the KYC and AML legislation, and brought a strict obligation to industries that were not previously subjected to severe AML protocol,” Simon tells Tom.

Playing Catch-Up With Money Launderers

Tom asks Simon what Jumio sees as the key components of a successful AML program. Ideally, a company providing AML solutions should have a well-defined plan, Simon says. However, that is not feasible given the current climate. The components of a successful AML program, Simon says, include three steps:

A dedicated compliance officer who is tasked with creating, monitoring and reviewing the compliance program, and staff training.
A written risk-based compliance program with comprehensive AML policies and procedures that are documented. This approach identifies and protects your business from financial crime and includes having the technology in place to support that framework.
An appropriate customer due diligence process, which means vetting your clients to avoid financial crimes.

The Role of a CCO in AML Solutions

Simon believes that “Chief Compliance Officers are the catalyst for the growth and innovation”. He acknowledges how CCOs often get the raw end of the deal and their role in the organization must be scrutinized and changed. With the right AML technologies, compliance team, and effective AML program, a CCO and their team can drive shareholder value through organizational growth.

Resources

Simon Winchester | LinkedIn

Jumio Corporate | Website | LinkedIn | Twitter

The Accelerated Transformation of Compliance with Samantha Regan

Tue, 02 Aug 2022 04:01:00 -0000

Accenture provides top-notch services in strategy & consulting, and operations for its clients. Samantha Regan is Managing Director and Global Lead for the Regulatory Remediation & Compliance Transformation group within Accenture’s Finance & Risk practice. Tom Fox welcomes her to this week’s show to talk about the Accenture Compliance Risk Study Report.

Accenture’s Compliance Risk Study

Tom asks Samantha about the origin of the report. Samantha responds that each year, the team at Accenture gets together to observe and record what’s happening in the world of compliance. They seek to discover the key issues and concerns for compliance officers across various organizations. Developing a framework, conducting a survey and collating the data are the next steps. This is followed by “synthesizing those results and looking for the insights from the information that’s been provided and then developing the report off the back of that,” Samantha tells Tom.

Primary Compliance Risks In 2022

Tom asks Samantha to discuss the primary risks that they identified through the study. She replies that the biggest area of focus for compliance folk in 2022 is cybersecurity, ESG, and privacy. Tom asks her to identify some challenges compliance professionals face when responding to and managing these risks. New pressures are constantly being placed on compliance professionals, Samantha explains. “Compliance functions continue to evolve at a speed and scale and force the compliance function to change from being reactive to what was going on in the environment, to needing to be more proactive, building a function that is able to adapt.” She believes that by using data, compliance officers can “build a future-ready and risk-proof compliance function”.

Looking Ahead

Tom asks Samantha how she thinks compliance professionals should respond to risks in 2025. Would the trends highlighted in the study be accelerated? “I think the warp speed at which companies are operating is going to require compliance functions to have accurate and complete visibility into risks and mitigating controls across the business,” she comments. Data from the study suggests that most of the issues compliance officials have can be attributed to the lack of data; there needs to be enough information available to assess risk exposure. She mentions that there is increasing concern surrounding third-party risk. Samantha believes that with the increasing speed and evolution of risks, “the compressed transformation of organizations and industries is just going to put increasing pressure on compliance functions to continue the transition.”

Resources

Samantha Regan | LinkedIn

Accenture | Compliance Risk Study - 2022

Ethisphere's The Sphere with Erica Salmon Byrne

Tue, 26 Jul 2022 04:01:00 -0000

Erica Salmon Byrne is the President of Ethisphere and Chair of the Business Ethics Leadership Alliance. Ethisphere is a company that believes that companies that focus on building a sustainable business will outperform their peers that do not. Tom Fox welcomes her to this week’s show to talk about Ethisphere’s innovative new service called The Sphere.

What is The Sphere?

Tom asks Erica to describe The Sphere and why she is so excited about the launch. For more than 15 years, Ethisphere has been collecting data on the programmatic practices of the world’s most ethical companies through their questionnaire, called the Ethics Quotient, Erica explains. They realized a demand for solid benchmarking within the compliance space, and decided to democratize their data access. This was the birth of The Sphere – a subscription-based service that allows you to select the topic you are interested in getting data on and gain access to a multitude of resources.

Peer Data: A Powerful Tool

Tom asks Erica what makes peer data so important and powerful for a CCO. Whenever you're going to make a business proposition, she replies, the first question you will be asked is ‘What are other people doing?’. Businesses want to compare their practices and progress to their peers’. This is to avoid being dubbed “a weak antelope” – you don’t necessarily want to be ahead of the pack, you just want to ensure that you have a functioning practice compared to your competitors. So how to determine you’re in that comfortable middle position of the pack? The answer is data analysis. When you present the relevant data to your CFO or compliance team, they tend to believe in your leadership and vision more.

Resources

Erica Salmon Byrne | LinkedIn | Twitter

Ethisphere | The Sphere

The Real Cost of Returning to the Office With Dr. Gleb Tsipursky

Tue, 19 Jul 2022 04:01:00 -0000

Dr. Gleb Tsipursky is the thought leader and CEO of Disaster Avoidance Experts, a boutique future-of-work consultancy that helps tech and insurance executives drive collaboration, innovation, and retention in hybrid work. Currently, he is focusing on normalizing hybrid and remote work, which he further discusses in his book, Leading Hybrid and Remote Teams. Tom Fox welcomes him to this week’s show to talk about Elon Musk’s misinformed views on remote work and why working from home is better for productivity levels.

Remote Work v. Working From the Office

Tom asks Dr. Gleb what drove him to write the article entitled, Elon Musk’s back-to-the-office order will undermine Tesla’s future. It was his response to Musk’s announcement to abolish remote work on the grounds that it made his employees unproductive, Dr. Gleb tells Tom. He has been researching hybrid remote work since the beginning of the pandemic, and found that remote workers are much more productive. A study at Stanford determined that productivity improved by 5% as office workers worked remotely. “They [workers] don't have to do the unpaid labor of the commute and they can focus more on productive activities because they're not interrupted,” Dr. Gleb explains.

Authoritarian Workplace

Tom asks Dr. Gleb if he believes a top-down command and control approach to leadership would work in 2022 and beyond. Dr. Gleb replies that this kind of leadership can only be successful in narrow environments. He believes that it is most successful in environments like warehouses “where you don't need to be skilled, or a kind of manufacturing job where …you don't need to do much innovative work.” However, since Tesla is an innovative company, command and control will undermine Tesla’s future. It is a company that requires knowledgeable and creative thinkers and those types of people would suffer under micromanagement. He also points out that demanding his employees to return to the office because he believes they are not working remotely, signals a lack of trust which is a very dangerous corporate culture.

The Fate of Tesla

Many of Tesla’s employees are innovators and creators; these include research and development staff and software engineers. Throughout the pandemic, these employees have been successfully and productively working from home, but now they are being forced to go out to the office. Naturally, these accomplished innovators would seek employment elsewhere, where they have comfortable working conditions. This leaves Tesla with employees who are conformists, who are okay with the authoritarian culture being imposed on them, and these people are less creative and innovative. Over time this will cause Tesla to lose the edge that makes them unique, Dr. Gleb argues.

Resources

Dr. Gleb Tsipursky | LinkedIn | Twitter

Disaster Avoidance Experts | Book - "Leading Hybrid and Remote Teams"

The Power of the Written Word with Jaclyn Schiff

Tue, 12 Jul 2022 04:01:00 -0000

Jaclyn Schiff is the founder and CEO of PodReacher, a company that helps marketing teams transform their podcast into high-quality text content to increase impact. Tom Fox welcomes her to this week’s show to talk about her professional background, B2B marketing, and how PodReacher helps its clients.

PodReacher and B2B Marketing

Tom asks Jaclyn how B2B content repurposing helps communications specialists and compliance officers. Marketers want to differentiate their product or service in the marketplace, Jaclyn responds. Podcasting is a growing B2B marketing trend because business leaders do not have time to personally create content that would captivate an audience. It became particularly popular during the pandemic as you can execute it remotely. Jaclyn states, “In any industry, a conversation is an easy way to get [your content] out there. Now taking that from the spoken word …and turning that into a good reader experience.” She explains that PodReacher turns audio into riveting content that people can use for marketing purposes.

Why Repurpose Content

Repurposing your social media content on different platforms helps you to be more consistent with your promotions, Jaclyn tells Tom. For example, she will send out an email for a client, then use the email content to create a LinkedIn post on the same topic. However, it may be more difficult than it seems. “The key to repurposing content is you want to optimize for the channel,” she says. “So I’m not going to write an email the way I would write a LinkedIn post. I’m not going to write a script in the way I would write something that’s intended for people to read.”

Looking Ahead

Tom asks Jaclyn if she believes that her brand of repurposing content will become more popular in the future. Jaclyn agrees; she believes that podcasts are the best outsourcing tools for creating content. It is one of the easiest ways to promote your company and create brand awareness, she remarks. There is so much information and content hidden in a single podcast episode and it would be a marketing shame not to utilize it to the best of its ability.

Resources

Jaclyn Schiff | LinkedIn | Twitter | Website

PodReacher

Messaging Through a Great Culture with Richard Blank

Tue, 28 Jun 2022 04:01:00 -0000

Richard Blank is the founder, CEO, and head bilingual trainer at Costa Rica’s Call Center, a business process outsourcing (BPO) telemarketing company. They offer outbound and inbound telemarketing solutions of the highest quality. Tom Fox welcomes him to this week’s show to talk about Costa Rica’s Call Center, how they help their clients, why he opened a call center in Costa Rica, and how to lead a successful call center in a foreign country.

The Core of Costa Rica’s Call Center

Tom asks Richard why he decided to open a call center in Costa Rica and how the term “Learning through the Proletariat” influenced his business model. Richard explains that as a CEO who works among people, you learn the importance of training and keeping your employees and customers. “One thing that I heard most sitting amongst people that are in a call center industry is that they feel expendable,” he tells Tom. To counteract this, he invests in his employees' careers by promoting them and teaching them English so that they have pride and security in their job. Additionally, he has several retro arcade game machines that allow the employees to meet colleagues from other departments, and to relax, “or even hang out with el jefe”. He explains that this creates a safe, enjoyable workplace culture and an atmosphere of trust and institutional fairness.

BPO Telemarketing Outsource Company

Tom asks Richard to define a BPO telemarketing outsourcing company. BPO stands for business process outsourcing, and it is done in several parts of the world, including the Philippines where it is known as offshore. However, since Costa Rica is so close to the United States, it is considered a near-shore outsourcing company. “[That] could be either a blended or mixed center where they work on multiple accounts; usually it’s for overflowing and answering service,” he explains. Every one of Costa Rica’s Call Center’s agents is assigned to and works specifically for a client. He explains why having a brick-and-mortar call center is more beneficial for them versus being completely remote: problems like Internet redundancy and electricity failure plague remote workers, while at the in-person center, there are multiple tools and resources to hedge technical difficulties.

Nearshoring and Outsourcing

Tom asks why Richard chose Costa Rica for a BPO center and what’s the difference in having a company in essentially the same time zone as the US. Richard describes Costa Rica’s ideal location, and that it’s a democratic society with no standing army. In addition, the country’s literacy rate is 95%, and it has the best infrastructure in Central America. They also have highly skilled and experienced workers, some of whom have lived in the US and have dual citizenship. Furthermore, clients like the fact that agents are attuned to the North American market. It is also a safe place to visit for tourism.

Resources

Richard Blank | LinkedIn | Twitter | Instagram | YouTube

Costa Rica's Call Center | Facebook

A General Counsel in Crypto with Maryann Bullion

Tue, 21 Jun 2022 04:01:00 -0000

Maryann Bullion is the General Counsel and Chief Compliance Officer at Bitcoin IRA, the first 24/7 retirement solution that allows customers to invest in cryptocurrencies within their IRAs. At Bitcoin IRA, Maryann and her team handle a wide range of complex legal issues and run a comprehensive compliance program. Tom Fox welcomes her to this week’s episode to talk about Bitcoin IRA, how it helps its clients, and how her professional background prepared her for her current position.

Maryann’s Unique Professional Background

Fulfilling a childhood dream, Maryann joined the US Army in 2009, serving in the Judge Advocates General’s Corps (JAG Corps). She was a reservist in the military and worked full-time at the Federal Deposit Insurance Corporation (FDIC). Tom asks her how her stint in the army influenced her career. She highlights one of her favorite training activities where they would run an obstacle course with their weapons and stop periodically to answer legal questions. “It sounds kind of funny but in real life, these are some of the questions you're going to be asked as an attorney out on the field,” she tells Tom. While at the FDIC, Maryann worked in the professional liability and crime section, which advised the receivership section. She later moved to the DC area where she worked in the financial crimes unit; she worked with law enforcement to bring bank employees who committed mortgage fraud to justice. While working in this position she was introduced to the world of cryptocurrency.

The World of Cryptocurrency

Despite its increase in popularity over the past few years, the cryptocurrency industry is still unknown territory for many. Tom asks Maryann to define cryptocurrency and Bitcoin investing. She responds, “So for me, cryptocurrency is just money in a digital format that's protected cryptographically; cryptography is a lot of mathematical algorithms set to secure the monetary value. It exists on blockchain which allows it to maintain a transparent and public accounting settlement process.” She explains that Bitcoin is the most recognized cryptocurrency that investors transact in. She assures Tom that cryptocurrency isn't the Wild West - it follows rules and regulations. “There are a lot of regulatory agencies in the United States, and there are a lot of good actors in the cryptocurrency world that are following those rules,” she points out.

What is Crypto IRA?

Tom asks Maryann to define a crypto IRA and how a consumer buys Bitcoin with a crypto IRA. Maryann briefly explains that individuals can invest in various cryptocurrencies using funds from their retirement accounts. She compares it to your average TD Ameritrade personal brokerage account, except that with a Bitcoin IRA account you invest in cryptocurrencies. She also confirms that all cryptocurrency platforms have your data security as their number one priority, to defend their clients from hackers.

Resources

Maryann Bullion | LinkedIn

Bitcoin IRA | Digital Trust

Compliance Insights from Traliant: Episode 5-Scott Schneider Spotlight on Anti-Corruption Training

Fri, 17 Jun 2022 05:00:00 -0000

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, Chief Executive Officer (CEO) at the company on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this concluding Episode 5, I visit with Scott Schneider, VP of Innovation at Traliant, on the evolution anti-bribery/anti-corruption training.

Why is bribery and corruption a tricky subject to train on?
When is training effective?
Assuming the movers are aligned, what makes bribery training effective?
The importance of practical advice.

Resources

Traliant Website

Scott Schneider on LinkedI

Compliance Insights from Traliant: Episode 4-Scott Schneider, Spotlight on Your Code of Conduct

Thu, 16 Jun 2022 05:00:00 -0000

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry going forward. Over this five-part series, I will visit with John Arendes, Chief Executive Officer (CEO) at the company, on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 4, I visit with Scott Schneider, Head of Content Development at Traliant, on the evolution and importance of the corporate Code of Conduct. Highlights include:

Culture is the key driver, and your Code of Conduct is the foundation for a broader discussion of what regulators look for in a compliance program.
How has the Code of Conduct evolved?
Your Code of Conduct should be more than simply aspirational, and your Code of Conduct training helps drive home values, ethics & culture.

Resources

Traliant Website

Scott Schneider on LinkedIn

Compliance Insights from Traliant: Episode 3-Maggie Smith with a Spotlight on DEI

Wed, 15 Jun 2022 05:00:00 -0000

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, CEO at the company on what is new at New Traliant and what the DOJ has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 3, I visit with Maggie Smith, VP for Human Resources at Traliant and we discuss the intersection of diversity equity inclusion and compliance. Highlights include:

DEI is much more than anti-discrimination/anti-harassment
How do you bring in inclusion to an organization and why is it so important?
It’s all about trust to drive a speak-up culture.
The role of DEI in ESG.

Resources

Traliant Website

Maggie Smith on LinkedIn

Compliance Insights from Traliant: Episode 2-John Arendes on What the DOJ Wants

Tue, 14 Jun 2022 05:00:00 -0000

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, Chief Executive Officer (CEO) at the company on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 2, I visit with John Arendes on DOJ communications around its expectations for training. Highlights include:

In DAG Lisa Monaco's October 2021 speech, she said the DOJ would focus on corporate culture as a key indicia of compliance.
The DOJ has made clear that while longer form online training is satisfactory, they expect companies to develop short, direct compliance training for employees.
Since the release of the Evaluation of Effective Compliance Programs, the DOJ has mandated, effective and targeted compliance training.

Resources

Traliant Website

John Arendes on LinkedIn

Creating a Safer Compliance Ecosystem with Eva Pittas

Tue, 14 Jun 2022 04:01:00 -0000

Eva Pittas is the co-founder and COO of Laika, a company that helps other companies manage compliance, obtain security certifications, and build trust with enterprise customers. Tom Fox welcomes her to this week’s show to talk about Laika and how it helps its clients.

The Birth of Laika

Eva began her professional life running IT risk and control for Citigroup and even worked there after the financial crisis of 2008. She was an integral part of the strong response to counteract the economic collapse. She joined the fintech industry in 2014, as she saw the growth happening in that space. She noticed that many companies “needed to get through with vendor procurement but they did not know what those processes would look like, what diligence would be, or what the security requirements were.” She started her consultancy boutique, BRCG, to provide answers to these questions. Working in the fintech space emphasized the importance of audits. Laika was born as a compliance solution for the rise of the cloud and to address the lack of expertise in information security and compliance guidance for companies.

The Complete Compliance Solution

Tom asks Eva about their typical clients and to describe the complete compliance solution. Eva says that most of their clientele are small to medium-sized innovative technology companies that are looking to introduce a holistic compliance program. She explains, “Compliance is not very straightforward….. it requires an interpretation of a standard, of a rule, of a regulation and how to apply that to your business.” Compliance programs have to evolve constantly to meet new compliance standards. Laika provides a customizable solution based on your compliance needs.

What Makes Laika Special

Eva explains that what makes Laika stand out from other companies is that they have the expertise for all these recognized requirements. She states, “What Laika does is provide expert guidance and various subject matter experts that are a part of our solution that helps companies implement and maintain compliance.” Laika University facilitates this learning process.

Women In Tech

Eva emphasizes that women belong in the technology industry, no matter their background. “Technology is not in the future – it’s here,” she says. She encourages more women to enter the space, as you do not need a technological background to break into tech - several non-technical jobs are being created every day.

Resources

Eva Pittas | LinkedIn | Twitter

Hey Laika

Compliance Insights from Traliant: Episode 1-John Arendes on Transforming Training from Boring to Brilliant.

Mon, 13 Jun 2022 05:00:00 -0000

What’s new about Traliant?
Why is the New Traliant so significant now?
How has Traliant built upon prior strengths to great truly superior online training?

Resources

Traliant Website

John Arendes on LinkedIn

Third-Party Risk Management Industry with Brad Hibbert

Tue, 07 Jun 2022 04:01:00 -0000

Brad Hibbert is the Chief Strategy Officer and Chief Operations Officer at Prevalent Inc., a company specializing in eliminating security and compliance exposures tied to third-party vendors and suppliers. Tom Fox welcomes Brad back to this week’s show to explore and discuss a study Prevalent recently released entitled, “The 2022 Third-Party Risk Management Industry Study”.

Third-Party Risk Management Industry Survey

Brad reveals that Prevalent Inc. has been working on the “Third-Party Risk Management Survey” for approximately three years. To gather data on the subject, they send the survey to thousands of professionals who are focused on third-party risk management, and who also have a background in security. When the results come in they are categorized, analyzed, and observed for any trends. Tom asks Brad what was the overall assessment of third-party risk management he determined from the survey. “I think third-party risk management is certainly getting more awareness within companies and within executive teams within companies,” Brad replied. He also noticed that both IT and non-IT risks are major concerns for the respondents.

Key Observations About the State of Third-Party Management Risk Today

Tom asks Brad to further analyze and discuss the key findings of the survey. These are the key observations:

“Organizations are paying more attention to non-IT security risks but not enough.” Brad explains that programs involved in investigating IT threats are starting to acknowledge the non-IT threats as well. He says “It is no longer just about IT vendors, so organizations are trying to get a broader visibility across that broader supply chain of IT vendors and non-IT vendors, and they're also trying to get a broader visibility of the types of risks that they're looking at.” Brad sees this as a positive trend in the third-party risk management industry.
“Third-party risk management may (finally!) be getting more strategic.” Tom knows that IT professionals and compliance professionals understand the gravity of third-party risk but wonders if higher-level executives see it the same way – this is an issue to be dealt with strategically, he points out. Brad explains that 31% of respondents indicated that they were impacted by a third-party data breach. These incidents will cause entire organizations to raise awareness of third-party risk and take it seriously. He remarks, “People from security, people from procurement, people from contract, legal and compliance are trying to understand how they can get a holistic view of this concern around vendor risk to minimize it throughout that vendor life cycle.”
“Manual methods for assessing third parties persist but dissatisfaction runs high.” Unfortunately, most companies are still solely fixated on their IT main vendors and security risks, and they believe that they can simply use manual methods like emails and spreadsheets. However, as your third-party risk management grows, you can no longer successfully use those methods as they “do not examine the risks and remediate those risks with the vendors efficiently.”
“Organizations are concerned with increasingly damaging third-party security incidents but are using disparate tools to detect, investigate and resolve exposures.” Brad says “High profile impactful data breaches are certainly raising awareness of the problem and it’s causing more organizations to monitor third parties for these types of data breaches.” However, the number of successful breaches over the pandemic suggests that organizations are not using established tools to fight the threats.

Full show notes can be found at Compliance Podcast Network.

Resources

Brad Hibbert | LinkedIn | Twitter

Prevalent Inc. | Third-Party Risk Management Study

Promotions and Podcasts with Brittany Brown and Rob Winters

Tue, 31 May 2022 04:01:00 -0000

Brittany Brown and Rob Winters are the co-founders of Digitiv, a marketing and website design agency. Brittany is the Business Officer and Rob is Technology Officer of Digitiv. Tom Fox welcomes them to this week’s episode to talk about their company, the benefits of data management, PodOps, and the components of a successful podcast.

Data Management: The Core of Digitiv

Digitiv maintains that your website and social media presence are crucial to growing your business. They provide their clients with strategies and marketing efforts that aid growth, one of which is data management. Tom comments that some businesses may think that they are too small to worry about data management. He asks why Brittany and Rob place it as one of their primary services. Rob responds that every business, no matter the size, should start thinking about data management from the start. Whenever the Digitiv team begins to build a new website there is usually some customer data that is not protected by the SSL certificate, making it susceptible to potential hackers. Some organizations even believe that their data is safe and self-managing when in reality it is not. This is why data management is so vital to a company. “It’s really not about protecting customer data but you're also protecting yourself. You don't want to open yourself up to potential lawsuits because you're disregarding certain aspects of data security and integrity for your customer,” Rob argues.

What is PodOps?

Tom asks Brittany and Rob to talk about their podcast and their podcasting app. Rob and Brittany started a podcast as a way to continue to grow their business and promote their services. Each episode they discuss “what it truly means to start, grow and thrive as a small business”. It began as a fun thing where they were able to share ideas with other entrepreneurs but eventually evolved into a new revenue stream. When you exhaust your contacts, they tell Tom, it becomes difficult to cast new guests for your show. Their app, PodOps, is “a dating service for podcast hosts and guests to really connect and get interviews scheduled.” It revolutionizes podcast content as we know it, they explain.

The Components of a Successful Podcast

Tom asks what Brittany and Rob believe to be the key components of a successful podcast. The first key, they remark, is setting a goal or purpose for the podcast, as it provides a structure to grow fruitfully. You should also be in tune with your listeners, which means that the host should know the topic well enough to conduct it in a way that your listeners would be receptive. A third factor that plays into the success of your podcast is the sound quality. Listeners are “quickly turned off by poor sound quality or poor production”, they tell Tom. The last component of a successful podcast is providing transcripts, as it widens your audience to people with hearing loss.

Resources

Brittany Brown | LinkedIn | Digitiv

Rob Winters | LinkedIn | Digitiv

Exiger’s Fight to Secure Supply Chains: Spotlight on Energy

Fri, 27 May 2022 05:00:00 -0000

Welcome to a podcast series on the fight to secure Supply Chains through cross-industry innovation. Exiger sponsors this series. In this series, we will explore the ongoing efforts of Exiger to lead the discussion and enhancement of Supply Chain Risk Management.

Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management; Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management; Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs at Exiger; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Solution Design Lead.

In this concluding episode 5, I am joined by Dan Banes, President of Commercial Technology, and Mark Henderson, Director of Solution Design Lead to discuss Supply Chain issues in the energy sector. Highlights of this podcast include:

Key drivers for change within the energy industry around Third-Party and Supply Chain risk management
The impact of Russian sanctions on the energy industry; and
How ESG regulatory risk management has evolved within the energy industry.

Resources

Dan Banes Profile

Mark Henderson Profile

Exiger Website

Exiger’s Supply Chain Explorer

Exiger’s Fight to Secure Supply Chains: Spotlight on The Defense Industrial Base

Thu, 26 May 2022 05:00:00 -0000

Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management; Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management; Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Business Development.

In this episode 4, we discuss Supply Chain issues in the defense industrial base (DIB) with Jennifer Nestor and Theresa Campobasso. Highlights of this podcast include:

· The DIB's role in Supply Chain Security;

· What has changed for the DIB regarding Supply Chain Risk Management; and

· How the DIB responds to the government-led changes in Supply Chain standards.

Resources

Jennifer Nestor Profile

Theresa Campobasso Profile

Exiger Website

Exiger's Supply Chain Explorer

Exiger’s Fight to Secure Supply Chains: Spotlight on Information Technology & Telecommunications

Wed, 25 May 2022 05:00:00 -0000

Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management; Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management; Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Business Development.

In this episode 3, we discuss Supply Chain issues in the Information Technology & Telecommunications industry with Skyler Chi and Andrew Lehmann. Highlights of this podcast include:

· Unique vulnerabilities in this sector;

· Potential operational disruptions from one geo-region or single source in IT; and

· Hardware and software requirements in Supply Chain Risk Management.

Resources

Skyler Chi Profile

Andrew Lehmann Profile

Exiger Website

Exiger’s Supply Chain Explorer

Exiger’s Fight to Secure Supply Chains: Spotlight Manufacturing and Consumer Markets

Tue, 24 May 2022 05:00:00 -0000

Welcome to a podcast series on the fight to secure Supply Chains, through cross-industry innovation. This series is sponsored by Exiger. In this series we will explore the ongoing efforts of Exiger to lead the discussion and enhancement of Supply Chain Risk Management.

Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management; Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management; Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Business Development.

In this Episode 2, we discuss Supply Chain issues in manufacturing and consumer markets with Kim Lee and Nick Wildgoose. Highlights of this podcast include:

Key challenges in Supply Chain Risk Management in the manufacturing and consumer sectors;
How manufacturing and consumer sectors can improve their approach to managing Supply Chain risk; and
The evolving supply risk areas in respect of the manufacturing and consumer industry sectors.

Resources

Kim Lee Profile

Nick Wildgoose Profile

Exiger Website

Exiger’s Supply Chain Explorer

Fraud & Corruption in the Corporate World with Alan Saquella

Tue, 24 May 2022 04:01:00 -0000

Alan Saquella is a fraud risk practitioner as well as a Certified Protection Professional and Certified Polygraph Examiner. He currently works as a full-time professor at the Embry-Riddle Aeronautical University where he teaches security, intelligence, and fraud investigation in the business world. Tom Fox welcomes him to this week’s show to talk about how the corporate security world and fraud investigation intersect and form a union, and how this union helps to build a more effective fraud prevention program.

The Plague Upon the Corporate World

Tom wants to know how big an issue fraud and corruption are in the corporate world and how they manifest themselves. Alan believes that the statistics in the ACF report are not a true representation of fraud taking place in the real corporate world. He states, “Whether you're a private company or publicly-traded company, there's a lot more that goes on that's never reported.” He remarks that the report claimed that about 50% of fraud cases are prosecuted or brought to the prosecution. From his work, he understands that less than 5% of cases are actually brought to the prosecution. With regard to corruption, Alan says that for some companies in and outside of the United States, “corruption and bribery are just part of doing business” so it will continue to flourish. Organizations usually bury cases of fraud or corruption, as they can be damaging and embarrassing to the brand’s public image and reputation. Additionally, fraud and corruption are white-collar non-violent crimes, which is why they are not taken seriously by the organization.

The Dilemma of Whistleblowers

According to the report, the ideal way to detect fraud in your organization is internal reporting, also known as whistleblowing. The government also suggests that the primary element of successful anti-corruption compliance programs are whistleblowers. Tom asks Alan if he agrees with these proposed ideas. Alan cautions, “I’ve seen it used very effectively in some organizations and not so much in others … I think all corporate investigative folks will agree it’s a key element to a fraud prevention program. Where I found it to be most successful is when it’s highly publicized.” Companies that do not advertise their fraud whistleblowing hotline are less likely to get tips, as potential whistleblowers feel less confident in reporting any indiscretions.

Fraud Prevention

Tom asks Alan what he thinks are the key elements of a successful fraud prevention program. Alan explains that even though whistleblowers are the most effective way to curb fraud in the workplace, companies must also look at the way they conduct business internally. “For example, tying bonuses to individual performance is always a risky endeavor. It tends to cause folks to take those chances and they're right down the fence in that gray area,” he cautions. Alan advises that companies should reward based on group performance, to prevent desperate employees from committing fraud to get ahead. Additionally, companies ought to communicate with high-risk groups about fraud and fraud prevention. Alan explains that groups like sales and accounting tend to be most active in the fraud area. He also suggests that behavior-based surveys are one of the most effective programs in fraud prevention. These types of surveys give a lot more useful information than opinion surveys and it also “calls out the whistleblowers instead of waiting for the whistleblower to get to that point where they're frustrated.”

Resources

Alan Saquella | LinkedIn | Embry-Riddle Aeronautical University

Exiger’s Fight to Secure Supply Chains: Spotlight on Healthcare

Mon, 23 May 2022 05:00:00 -0000

Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management; Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management; Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Business Development.

In this Episode 1, we discuss Supply Chain issues in the healthcare industry with Erika Peters and Tim Stone. Highlights of this podcast include:

· Key challenges for Supply Chain Risk Management in healthcare;

· Lessons learned from Covid-19 on Supply Chain in healthcare; and

· The evolving areas for Supply Chain Risk Management in healthcare.

Resources

Erika Peters Profile

Tim Stone Profile

Exiger Website

Exiger’s Supply Chain Explorer

You Can’t Outsource Risk with Sandeep Bhide

Tue, 17 May 2022 04:01:00 -0000

Sandeep Bhide is the Vice President of Product Management at ProcessUnity, a company that is making good governance, risk, and compliance (GRC) practices and tools available to organizations via third-party risk and cybersecurity program management tools. Tom Fox welcomes him to this week’s show to talk about their Third-Party Risk: A Turbulent Outlook Survey report and how ProcessUnity helps their clients.

The Purpose of ProcessUnity

Tom asks Sandeep to explain the basis of ProcessUnity and the key products and services they are offering. Sandeep says that the company offers cloud-based solutions that provide help for organizations of all sizes, that allows them to automate their risk and compliance programs. He adds that it is an easily customizable program that reduces manual administrative tasks and allows customers to focus on “the more strategic risk mitigation activities”. ProcessUnity has the ability to review the company's GRC program and deliver great results quickly.

Third-Party Risk: A Turbulent Outlook Survey Report

Tom wants to know what was the intent behind this report and how it came to fruition. Sandeep states that the objective of the study was to determine how well organizations understood and managed risk associated with their third-party partners. 301 IT and cybersecurity decision-makers and influencers participated in the survey, and they were asked about their concerns and challenges when managing certain risks, and how it has impacted the security incidents related to their third-party partners. Sandeep shares the overall findings of the survey found that:

Third-party relationships continue to expand exponentially;
Companies continue to seek outsourced services and software in order to perform optimally and to replace talent and supply sources due to the pandemic;
The majority of respondents have experienced an IT security incident over the last two years because of a third-party relationship.

The Gathering Storm

Tom asks Sandeep to explain the concept of “the gathering storm” and the technological solution ProcessUnity provides to help navigate it. Sandeep explains that the term refers to a supply chain attack executed by “close third-party relationships that have either physical or network access to equipment and premises and those that provide software vital to a business’ operation.” Sandeep then warns that companies should vet these third parties since their role is so important. Most companies would rather focus on their core businesses, however; they feel it doesn't make economic sense for them to do everything themselves and third parties provide the types of talent they need to properly conduct their business. Sandeep comments that “companies can outsource the work which is an imperative for them, but they can’t outsource the risk”. To manage your third parties, you must have multiple in-house and out-house methods to vet them, including questionnaires or assessments. You have to get to know your partners because they have the most risk attached to them.

Resources

Sandeep Bhide | LinkedIn | ProcessUnity

Marketing for the Future with Paula Zirinsky

Tue, 10 May 2022 04:01:00 -0000

Paula Zirinsky is the co-founder and Chief Strategist of Structura Strategy Group, a company that specializes in marketing advice that helps companies build a strategic foundation. Tom Fox welcomes her to this week’s show to discuss the unintended effects of the pandemic within the workplace and how marketing benefits the company when the board takes it seriously.

Mentor and Career Inspiration

Paula calls Harold Dobbs the best boss she ever had. Dobbs was originally her mother’s eccentric boss who was the head of a liquor company, and he was very marketing and promotional oriented. He later opened a cooperative advertising business for liquor stores, where he gave her a job photocopying promotional flyers and putting them into envelopes. At the end of each workday, he thanked her for all the work she put in that day and how the company would not have existed without her help. As he was such an attentive boss who was passionate about his work, he instilled this enthusiasm for marketing and a strong work ethic in Paula and also demonstrated how to show appreciation for your employees.

Unintended Effects of the Pandemic

Tom asked Paula to explain some of the unintended effects of the pandemic. Paula explains due to the pandemic, companies introduced various wellness programs so that they could directly speak to their employees and stay in touch with people; they most likely would not have reached out to pre-pandemic. This simple task helped companies become aware of their employees’ needs, which is a positive effect of the pandemic. Another unintended effect is remote working and how it gave rise to new opportunities never seen before. As a result of the stay-at-home mandate, employees were forced to work from home, which allowed jobs to have access to a geographically dispersed talent base, which created jobs for people on a national and even international scale.

The Benefits of Marketing

Tom asks Paula how marketing impacts the board of directors of a public or private company. Paula explains that there are three main ways how marketing impacts the board. Firstly, “Marketing will enhance how the company, the board, and the executive team are seen and perceived. Marketing works with the branding purpose, vision, and mission of the company.” When the board accepts all marketing strategies designed to help, the company will flourish, as both clients and employees enjoy working with the company. She adds that marketing allows the company to look at their clients and see what they are missing and how to rectify it. Lastly, boards have to take into account the lack of diversity on their committees and the absence of marketing experts. According to a study done in 2019, the majority of Chief Marketing Officers are women. To have a successful company, there must be CMOs on the board, which will increase diversity in the workplace.

Invest in Marketing

Paula urges companies to invest more of their company resources in marketing. She states, “Sales are about today and what you're getting in marketing is about building for the future – the growth of your company and the future of your company.”

Resources

Paula Zirinsky | LinkedIn | Twitter

Structura Strategy Group

Compliance as a Service with Avi Singer

Tue, 03 May 2022 04:01:00 -0000

The Commercialization of Compliance

Avi tells Tom that the name Showd.me came from a common experience: when you ask someone how they learned to do something they would usually reply, “Somebody showed me”. Showd.me began as a platform that was designed for companies to implement social and peer-to-peer learning. This means that it allows new employees to learn and train from more experienced employees across the organization, via an easy-to-use learning management platform. They grasped the opportunity to break into the healthcare compliance industry, where they aid in hiring, developing, retaining, and certifying the organization’s employees.

Compliance as a Service

Tom asks Avi to define compliance as a service and how the concept resonates for him in the marketplace. Compliance as a service is providing a platform where compliance training can be readily accessible for those who require it, Avi responds. “In the compliance marketplace the platform is important, the technology, the learning management platform is important, and accessibility is important, and whether people can use it is important,” Avi explains. He adds that making it in the compliance as a service industry, means tailoring the content and the training for their audience, in order to achieve the organization’s goal.

Talent Acquisition and Retention

In a response to Tom’s question, Avi explains how Showd.me helps an organization with setting up their new hires for success. He says that there are two concepts that they take into consideration during the application and hiring process. They are hiring for a while and hiring for now. When hiring for a while, you should focus on selling your organization as the ideal work environment, where future employees can see themselves thriving. Showd.me helps their clients by doing the paperwork and remote training for the prospective “hired for a while” employees. Additionally, they provide support for every step of the new journey for the new employees.

When hiring for now, clients are encouraged to ensure that the application, interview, and hiring process happens as quickly as possible by utilizing an online platform. Tom then asks how they would alter their training in the future to maintain talent acquisition and retention. Avi replies that fervent data analysis is the answer: they can identify which training techniques work and which ones have stopped working.

Looking Ahead

Tom asks Avi how technological advancements would affect the process of compliance going into 2025. Avi explains that whenever a company implements a new compliance requirement, it is in addition to the previous requirements, which may get confusing. Therefore, you must have systems with processes in place to combat the changing times as efficiently as possible.

Resources

Avi Singer | LinkedIn | Twitter

showd.me

What's The Use Case with Blane Warrene

Tue, 26 Apr 2022 04:01:00 -0000

Blane Warrene is the Vice President of Product Management at Smarsh, an organization that helps companies manage risk in their electronic communications. Tom Fox welcomes him to this week’s show to talk about a variety of topics surrounding compliance around mobile and hybrid work environments.

Compliance Challenges in The Hybrid Work Environment

There are three key factors that are compliance challenges in the hybrid work environment: the risk that comes with using company devices, bringing your own devices to handle company data, and consumer applications. Blane stresses that implementing policy is vital because policy is the frame in which the organization operates. However, Blane also remarks that a layer of processing technology has to be embedded within policy in order to completely tackle the issues that cause compliance challenges.

Finding The Right Balance

Many companies and clients struggle with finding the right balance among apps, smartphones and global work tools. The key to achieving this balance is to first find out what the client or customer wants to enable. "The right first question is what problem are you trying to either solve, or what do you need to enable for your business," Blane tells Tom. Take compliance out of the equation and simply focus on what the customer wants to achieve with their company. When you approach it that way, you often get a clearer answer that leads to the use case.

Capturing Communication

Tom asks Blane what Smarsh recommends to capture or archive communications such as email or text. Blane explains that social media communication is what you want to plan for because each of the sources that you go to, has a different way to get the data. Smarsh makes it easier for someone who wants to capture a wide set of data. "What we do recommend is that it comes in on a regular frequency such as real time or daily, and they certainly have the ability with retention rules to not keep everything forever which is not productive," Blane says. Certain pieces of data can only be kept for a finite period of time, but doing this ensures that the client doesn't have a blind spot on the things they know they're using.

What Tools Should You Allow

Companies sometimes determine what tools they should allow based on where they are in the world. The tools are also based on what they as companies are trying to solve, how they communicate and what models they support. "That discussion helps us, basically enable us, to say to them 'Here is the way you solve these use cases and ultimately you want them in a single pane of glass'," Blane expresses. He adds that from a compliance perspective, you want to know that you can retain that data even if you get it in different ways. Data should be able to be viewed in a common context and not across separate silos.

Resources

Blane Warrene | Twitter

Smarsh

Personal Training For Businesses with Kris Reynolds

Tue, 19 Apr 2022 04:01:00 -0000

Kris Reynolds is the CEO of Arrowhead Consulting, a company that guides other organizations on managing their employees, processes, and tools. Tom Fox welcomes him to this week’s show to talk about corporate culture, strategies for post-pandemic productivity, and the future of project management.

Culture As a Focus

Corporate culture is important and must be aligned with the business's core values. Your core values also can't be simple slogans that you have up on walls. They have to be constantly acted on. "If you're not really living and breathing the core values, you're not really going to be a culture fit," Kris tells Tom.

Post-Pandemic Strategies

Kris itemizes three strategies companies should be engaging within the post-pandemic business world: creativity, relationships and connections, and going back to basics. Creativity in advertising and marketing is key, and Kris also suggests pairing creativity with relationships. "I would encourage companies whether you're small or large, to take the time to do more personal related touchpoints with the people that you're trying to engage with," he remarks. Going back to basics as a strategy is looking back at what got you to where you are as a business, and making sure that you're accentuating those elements in your business.

Making Meetings More Efficient

Tom asks Kris to give some tips to make corporate meetings more efficient. The goal of meetings should be decision-making. Corporate meetings should be about making sure that the knowledge shared is being used to advance the respective initiative. Kris stresses having structured meeting agendas that are time-boxed and having the meetings begin with the most important topics. Having meetings commence like this enforces a sense of urgency and will encourage employees to arrive on time.

The Future of Project Management in Technology

Kris explains that there will be a greater focus on virtual reality training as opposed to Zoom meetings and PowerPoint presentations. This is because training in the future has to be experiential and hands-on. Training has to be engaging. "If we have some training spaces where we have the virtual reality, you could be training with somebody across the other side of the globe and being able to talk and work on projects together and things like that," Kris tells Tom.

Resources

Kris Reynolds | LinkedIn | Twitter

Arrowhead Consulting

Revenue Risk Management for Compliance with Andy Rudin

Tue, 12 Apr 2022 05:01:00 -0000

Andy Rudin is the Managing Principal of Contrary Domino, a management consulting company that improves financial performance by optimizing internal operations. Tom Fox welcomes him to this week’s show to talk about revenue risk management and revenue governance, and what they mean for the sales officers within organizations.

Contrary Domino

Risk management is not often factored in the sales and marketing funnels of organizations. Andy founded Contrary Domino to answer this need. The percentage and likelihood of revenue opportunities closing or coming to fruition aren't often thought of as risk management problems. "I saw that opportunity and wanted to bring more process rigor to that, more mathematical rigor and bring the risk management principles into the realm of revenue generation," he tells Tom. Contrary Domino's client base is mainly information technology firms with sales forces of ten or more. "Helping organizations establish that culture and then establish processes and mechanisms to prevent ethical problems from occurring or at least minimizing their likelihood is central to what I do," Andy says.

Revenue Risk Management

Tom asks Andy to define revenue risk management. "Revenue risk management is taking the fundamental risk framework that you might find in any other discipline and bringing the same principles into risk management," he explains. It entails going through risk identification, risk polarization, and other activities where you're considering various outcomes. "You're looking at your worst case, your best case, and then you're most likely case, and then running through your scenarios iteratively and then determining what are we most likely to achieve," Andy remarks.

Revenue Governance

"The involvement and oversight of revenue generation activities by others in a cross-functional, a cross-departmental way in an organization," is Andy's definition for revenue governance. In the past, companies left the revenue engine in the sole hands of the sales department. Presently, revenue operations have been spread out to where even customer support can be responsible for it. The governance aspect relates to all entities in the organization having visibility into the activities of the sales department, and what they are doing. "Coupled with that is the opportunity to take action if something is not compatible with corporate strategy or if certain processes or activities that are occurring in generating revenue bring risk into the organization," Andy adds.

The Future of Revenue Risk Management

Tom asks Andy to shed some light on what role revenue risk management will play in the coming decade. Risk management in the realm of sales is going to become more dominant. Even though most organizations haven't put the formal risk management rigor to their sales department, they are thinking along those lines. There will also be a greater role for financial planning in the sales operations as more businesses become integrated.

Resources

Andy Rudin | LinkedIn | Twitter

Contrary Domino

A Digital Transformation to Compliance with Evgeny Likhoded

Tue, 05 Apr 2022 04:01:00 -0000

Evgeny Likhoded is the founder and CEO of ClauseMatch, a company that provides financial institutions with a modern AI-based compliance platform to transform their regulatory change management process. Tom Fox welcomes him to this week’s show to talk about ClauseMatch, how it helps its clients, and the evolution of compliance.

Digital Transformation: The Core of ClauseMatch

Bringing digital transformation to governance risk and compliance is at the core of the ClauseMatch platform. What ClauseMatch has built is a way for companies to collaborate in real-time on content, specifically content that needs strict and strong governance processes. "Primarily our platform is used for managing policies and procedures in a way that enables companies to track every single change every time the policy changes," Evgeny tells Tom. Ultimately it helps clients show their regulators that they have interpreted and incorporated the rules into their own internal governance frameworks, and have communicated that to their employees.

The Evolution of Compliance

Evgeny cautions that it's not enough to have a compliance manual just sitting around. Compliance regulations and objectives need to be distributed and have engagement with the entire organization. A large part of ClauseMatch's roadmap is driven by customer challenges, and how they might be addressed and another part is driven by the market. "There are a lot of things that we see on the market that will drive the adoption of compliance solutions," Evgeny says. Regulated firms won't be the only ones affected by the changes happening in the market. "Privacy regulations aren't just for regulated firms," he adds. Every firm that is holding some form of data for its clients and customers is subject to these regulations. This, along with a greater emphasis on ESG are two prime examples on how compliance has evolved for companies.

Smart and Connected Compliance

Tom asks Evgeny to define smart and connected compliance. Connected compliance is the ability to understand and connect compliance content that comes from many different sources. This means the obligations, procedures, and policies that come from various regulators. "We need to rewrite the policies and procedures we need to make sure that their controls are still compliant with the regulations and obligations, and if they're not connected you can never estimate the full impact of that," Evgeny explains. Smart compliance is where individuals can start using machine learning and natural language to understand these connecting links across the organization.

Looking Ahead

Tom asks Evgeny what key trends will shape compliance technology in the future. Evgeny explains that the need for compliance technology will only increase during 2022 and onward. New regulations will be introduced for cryptocurrency activities and assets, as well as various regulatory frameworks with ESG. Cybersecurity will have a lot more scrutiny from regulators and governments as well.

Resources

Evgeny Likhoded | LinkedIn | Twitter

ClauseMatch

Managing Compliance Complexity with Mac Bartine

Tue, 29 Mar 2022 04:01:00 -0000

Mac Bartine is the CEO of SmartRIA, a market-leading compliance software platform. Tom Fox welcomes him to this week’s show to talk about his company's services and contributions to the compliance sector, what SmartRIA offers clients in terms of cybersecurity, and the future of technology solutions.

The Minimum Viable Product

The Minimum Viable Product (MVP) is the first part of the startup process for platforms. It is recognizing the problems within your platforms and also believing that you can solve them. Mac explains to Tom that the problem SmartRIA solution identified in terms of the MVP is the compliance obligations. So many individuals are not experienced in managing compliance in their given industries, and so need a source of structure that understands where they are. SmartRIA offers them that, as well as the tools and frameworks needed.

Vendor Due Diligence & Data Governance

Vendor due diligence and vendor management are key to managing cybersecurity risk. "You have to understand who you're working with and what precautions they're taking as a business to protect you from cyber risk," Mac tells Tom. Having access to the proper documentation that reflects this is also important. SmartRIA has a plethora of different policies and procedures to protect clients' data and takes the lists of vendors their clients have and itemizes each risk. Data governance falls under the same bracket as due diligence, that is, who has access to the vendors and what devices they use to access the data from those vendors.

SmartRIA as an SEC Solution

The solutions that you use for compliance obligations have to be done in a way that documents everything as it happens. "If it isn't documented, it didn't happen," Mac says. Internal auditors aren't in the position of giving the benefit of the doubt because they have no evidence of due diligence. SmartRIA has the tools to help its clients through this by way of PDF files, workflows, and documents.

To The Future

Tom asks Mac what the future will be like for technology solutions. Regulations in every industry are going to increase. "Across every industry, there is an increasing need for cybersecurity-related evidence, and tracking of what's happening in that space," Mac says. Data governance and vendor due diligence are big parts of that, but compliance management is going to also become more important.

Resources

Mac Bartine | LinkedIn | Twitter

SmartRIA

Risk Management and Corporate ESG with Dan Zitting

Tue, 22 Mar 2022 04:01:00 -0000

Dan Zitting, previously Chief Product Officer, now holds the title of CEO at Galvanize, a software company that helps its clients achieve their goals and objectives. He is also now the Chief Product Officer of Diligence. Tom Fox welcomes him back to this week’s show to take a look back at the GRC professional's role in corporate ESG and risk management.

GRC On The Frontline

A company's defenses have to be in the remit of their GRC professional, not left up to the CSO. Dan remarks that while there is engagement by GRC professionals in minimizing company cyber risk, more needs to be done. GRC professionals have to ask themselves if they are managing cyber risk in ways that are helpful to the company's CSOs, by providing tools and resources to support them. "There's still work to be done in making sure that everything we're doing from a policy, controls, and compliance standpoint is actually adding value for the CSO and helping them deploy their programs, as opposed to just feeling like they're being checked on by the police to see if they're doing it right," Dan tells Tom.

ESG and Investment

Investor dollars are fueling the growth and expansion of ESG and aren't only coming from investment funds anymore. Private equity firms and banks are getting involved. If someone wants to borrow money, insurance companies assess ESG risk as part of their overall risk management strategy. "If companies want to access capital, they need to have an ESG program in place," Tom remarks.

A Role To Play

The best way, Dan suggests, to get GRC professionals to understand the ownership roles they have to play in ESG, is by creating a center of excellence for ESG. By creating this center, and making ESG a business objective, you can then split the responsibilities across the organization. "Splitting the responsibilities across those different lines of defense for those different functions in a way where somebody…can get a combined view of how effective we think we are from an ESG standpoint, should be the goal," Dan adds.

The Importance of Real-Time Reporting

Real-time reporting is the G in ESG. Being able to give an accurate picture of risk to a company's board is intrinsic to ESG, and is vital to acting on those risks efficiently. "Risk professionals too often are asking 'Why don't I have real-time information,' instead of actually being the one out creating it and bringing in the technical skill necessary to be able to analyze data fast enough to get real-time insight," Dan expresses. Governance in the present and future needs to move at a pace faster than it has in the past, in order to report on risks. Being able to point out to the board when governance is failing, so that measures can be implemented, is also extremely important.

Resources

Dan Zitting | LinkedIn | Twitter

Galvanize

Diligence

Taxman Series: Tax and ESG

Fri, 18 Mar 2022 04:01:00 -0000

In this episode of Taxman, Tom Fox and Tracy Howell conclude the special series by discussing a topic that has yet to be explored by most: tax and ESG.

How Tax and ESG Intersect

Tracy tells Tom, “There are external forces pulling tax into the ‘S’ and ‘G’ of ESG.” In the social sector, different jurisdictions have different tax rates and laws, and as companies begin to operate in a tax-efficient manner, their activities will gravitate towards lower tax regimes. Tracy adds, “You’ve got forces trying to push the concept of ‘fair share’ rather than compliance with tax laws of different jurisdictions.” Governance-wise, it’s becoming more common for companies to be required to talk about their compliance tax audits.

The Role of Tax in a Company

With the growing pressures on ESG transparency, there’s a push to standardize reporting and scorecarding of companies based on their tax transparency. This would include things like the reporting of an organization’s effective tax rate.

Tax and ESG in Multinational Organizations

Institutional investors play a major role in impacting the activities of a multinational company. When making investment decisions, these entities heavily incorporate ESG scorecards with tax transparency, further emphasizing the need for a relationship between the two sectors.

Resources

Tom Fox’s Email

Tracy Howell | Email | LinkedIn

Taxman Series: Tax and Supply Chain

Thu, 17 Mar 2022 04:01:00 -0000

As the Taxman five-part series nears the end, Tom Fox and Tracy Howell tackle an important topic that has become more prominent over the years: tax and supply chain.

How Tax Can Help Supply Chain

Supply chain in a traditional sense focuses on the acquisition of goods, in particular the quality, cost, and delivery. There can be a substantial tax component in each of those steps to help companies attain goods at the lowest possible cost. Consequently, if supply chain does not have a relationship with tax, it can result in additional surprise costs being attached to goods. Data beyond the cost of goods, material, and service can be used to model and predict the additional tax burden so that better procurement decisions can be made.

Mitigating the Risk of Mission Creep

Establishing a connection between tax and supply chain in an organization is good, but the relationship needs to be kept fresh for a positive impact. In a company, people may be focused on so many different things that they forget to interact. Creative people tend to expand their roles and look for goods and services in different locations, which can be the cause of a mission creep. Hence, having constant close interaction between supply chain and tax allows for changes in functionality to be documented and implemented into the organizational framework.

Elements of a Tax-Efficient Supply Chain

Tom and Tracy discuss the elements of a tax-efficient supply chain. This includes:

Examination of the entire scope of what’s being manufactured and sold to allow the creation of tax opportunities to bring value-based on special purpose entities.
Coordination of transactions in a supply chain with transfer pricing.
Compliance with tax laws and regulations.
Documentation of the process.

Resources

Tom Fox’s Email

Tracy Howell | Email | LinkedIn

Taxman Series: Why Tax Needs a Seat at the Table

Wed, 16 Mar 2022 04:01:00 -0000

In episode 3 of the Taxman series, Tom Fox and Tracy Howell strive to answer the question: 'Why should tax have a seat at the table?’

Tax and the Table

The table refers to the front end of when an organization is trying to define what it wants to do, where it wants to do it, and how it’s going to perform. A corporation’s ultimate objective is to generate net income or distributable profit, something tax professionals are well-suited to assist with because they are experts in damage control and risk mitigation. Tracy points out, “Tax can provide an umbrella to achieve corporate objectives if they’re involved in the front end.”

Tax’s Relationship with Other Stakeholders

In a company, a functional lead will often pose the question: ‘Why do we need tax here?’ According to Tracy, “A good tax guy has to be proactive and provide examples to get the tax men at the table.”

Educating Corporate Functions Outside of Tax

Tracy’s advice is to build a relationship with the functional experts, and “create the situation where you’re a trusted business advisor”. He recommends one-on-one interactions above all. However, it is important to remember that in a global organization, the outcome may not always be successful. For this approach to yield positive results, he comments, “there has to be some buy-in, compliance, and a willingness to talk tax.”

Resources

Tom Fox’s Email

Tracy Howell | Email | LinkedIn

Taxman Series: What is Transfer Pricing?

Tue, 15 Mar 2022 04:01:00 -0000

Tom Fox and Tracy Howell continue their exploration of the intersection between compliance and tax in episode 2, where they touch on the practice of transfer pricing.

The Concept of Transfer Pricing

Transfer pricing encompasses the methodologies required by tax code to price transactions between affiliated companies. Devising an arm's length rate for comparable transactions between comparable entities is more art than science. As far as compliance is involved, Tracy believes that, “If you’re a compliance officer that can say anything more than just the words, ‘transfer pricing,’ then you are, indeed, an FOT (friend of tax).”

Parties Involved in Transfer Pricing

Governments (taxing jurisdictions) tend to be involved with different regimes for selling and buying. Third party organizations that are involved currently only consist of the OECD (Organization for Economic Cooperation and Development), who push standard transfer pricing laws and regulations throughout the world.

The objective of the governments is to get their fair share, and they do so by trying to obtain the maximum multi-jurisdictional transaction profit. Consequently, the OECD attempts to provide guidance on what constitutes a fair share. “What’s fair is just somebody’s opinion,” Tracy tells Tom.

Developing a Transfer Pricing Strategy

As a multinational corporation, it is crucial to set transfer pricing policies and business practices at the beginning. This involves identifying the appropriate methodology that will be used to price the transactions between affiliates. Documenting this process of analysis and conclusion helps to adopt a suitable transfer pricing methodology. In summary: perform analysis, document analysis, then adopt the findings in future transactions.

Tracy poses the question, “How often have you seen a company that’s got the policies and procedures, but somebody’s not following them?” Claiming to have global policies for all multinational intercompany transactions, and then failing to follow them leads to an extreme loss of credibility - this is why it is important to comply with local documentary requirements, “You’ve got to follow the laws, even if they’re a little bit different.”

Resources

Tom Fox’s Email

Tracy Howell | Email | LinkedIn

Taxman Series: Why Compliance Should Talk to Tax

Mon, 14 Mar 2022 04:01:00 -0000

Tom Fox is back again for a special new five-part series called Taxman. Tracy Howell, Tom’s colleague and tax expert extraordinaire, joins in to discuss the intersection between compliance and tax.

Why Should Compliance and Tax Interact?

All organizations have an enterprise risk management (ERM) system. One risk common to multinational companies especially is corporate tax risk; and yet, it tends to remain under the radar. While tax professionals are usually very good at identifying and mitigating tax risk, if there is no close interaction between compliance and tax professionals, the risks are elevated.

Sophistication in Taxing Jurisdictions

Most jurisdictions have a tax code, but street rules tend to also be in play. “You have to establish very early on that you don’t pay bribes,” Tracy advises. The results of following the law are more expensive, but it pales in comparison to the cost of putting your company at risk.

Resources

Tom Fox’s Email

Tracy Howell | Email | LinkedIn

Contracts as a Third-Party Risk Management Tool with Brad Hibbert

Tue, 08 Mar 2022 05:01:00 -0000

Tom Fox welcomes Brad Hibbert on this episode of the Innovation in Compliance Podcast. Brad is the Chief Strategy Officer of Prevalent, Inc. He joins Tom to talk about how Prevalent helps companies manage third-party risk, the importance of risk management, and what the future for risk management in the compliance world may look like.

Managing Third-Party Risk

Tom asks Brad to explain how Prevalent helps companies manage third-party risks. "We have a SaaS platform that helps organizations identify those risks, report against those risks, and then provide remediation capabilities to reduce those risks at every stage of the vendor lifecycle," Brad tells Tom. Risk management is no longer about just doing reactive reporting on an annual basis. Risk has to be proactively monitored, identified, and reduced on a day-to-day basis, and especially when companies are having day-to-day conversations with their third parties during contract execution. Prevalent enables its risk management platform by having different team members interact with the third parties to collaborate and reduce the risks at every stage of the vendor life cycle.

A Must Have

Third-party risk management is a must-have right now, and will continue to be in the future. "What organizations are realizing is they have to move beyond the compliance check box and actually reduce the risk associated with these third parties," Brad remarks. Compliance is one of the drivers of this, but another main factor is the pandemic. COVID has changed the way companies and businesses operate, and has also exposed their weaknesses. With the shift to the hybrid work environment, and the increase of work from home, companies have had rapidly onboard third-party risks due to the use of online platforms. The risk of cyber-attacks and information being leaked is high, so being able to manage and protect companies from that is paramount.

The Contract Essentials SaaS Solution

Tom asks Brad to explain the contract essentials SaaS solution. The SaaS solution allows the company to onboard or add existing contracts. Prevalent's platform has very strong workflow and collaboration capabilities that focus on vendor risk, which is also good for profiling current contracts to see where the risk lies. Companies can use the SaaS solution to upload their contracts, or any related documentation surrounding it to a secured file, and it allows them to collaborate with third parties outside of the corporate network.

The Future of Third-Party Risk Management

Brad predicts a convergence of third-party risk management and the broader third party. "We're going to continue to focus on building solutions that are easy to use that enable data sharing between the different groups that promote efficiency, collaboration, and then risk reduction," he says. Organizations can no longer simply rely on assessments, instead must have continuous insights play major roles at all levels of the vendor life cycle. Monitoring the financial risk, the business risk, and the cyber risk proactively to create appropriate measures is something that will continue as well.

Resources

Brad Hibbert | LinkedIn | Twitter

Prevalent, Inc.

The Data Confident Internal Auditor with Yusuf Moolla

Tue, 01 Mar 2022 05:01:00 -0000

Tom Fox welcomes Yusuf Moolla on this episode of the Innovation in Compliance Podcast. Yusuf is a Director at Risk Insights, co-cost of The Assurance Show Podcast, and co-author of The Data Confident Internal Auditor. He joins Tom to talk about how compliance professionals can utilize data analytics, data governance, and internal auditing.

Best Approaches To Data

The easiest way to approach data, Yusuf suggests, is to think about it as another form of evidence. "Over the years we've collected lots of manual documents as evidence…Data is just another piece of evidence," he tells Tom. Data can be used by anybody, and it is very simple to do so. Currently, there has been an emergence of open source tools to process data which has made it easier and cheaper for individuals. These open-source tools have made it safer as well, as there are options to look into the source code for digital traps. Visualization is another approach to data that individuals can utilize. While relatively new, being able to visualize techniques both in terms of exploring and explaining data is becoming something that is gaining traction in the data analytics world.

Internal Auditing Approaches

Yusuf explains to Tom that there are four main data approaches to consider when doing internal audits:

Data being used purely for reporting
The data-driven approach where the data does the talking
The process-focused approach
The hypothesis-focused approach

There are similarities between the process and hypothesis approaches. The process-focused approach has been the traditional way of doing audits. Over the years, however, it's become less about how the process is done to achieve the intended result; it's now about what the auditing result is. "So it's not about looking at whether a process actually works the way that it's been designed, it's about looking at whether the process is working in the way in which it's intended to be able to achieve its outcome," Yusuf adds.

Data Governance in Auditing

Making sure that data doesn't fall into the wrong hands as an auditor is one of the main facets of data governance. It is a very basic and traditional approach, but over the years professionals have been implementing it in an overzealous way. This can hinder the ability to create value through data. Yusuf suggests a slight reverse approach where everyone has access to data unless there is a specific reason for them not to. "We want to keep a range of data elements secure, but others we want to open up," Yusuf tells Tom.

A Look Ahead

Tom asks Yusuf what the future of data analytics, data governance, and internal auditing will look like in the coming years. Yusuf explains that there will be a greater use of data science, and a greater use of data within internal audit without the need for data scientists and specialists. More practitioners will be getting into, and understanding IT, and more people will be using data for themselves. This will free the data scientists from the more mundane tasks, so they will have time to dedicate to the more advanced techniques. The same would apply for compliance as well.

Resources

Yusuf Moolla | LinkedIn

Risk Insights

The Assurance Show

The Data Confident Internal Auditor

Role of Ethics in Business Culture with Alison Taylor

Tue, 22 Feb 2022 05:01:00 -0000

Tom Fox welcomes Alison Taylor on this episode of the Innovation in Compliance Podcast. Alison is the Executive Director of Ethical Systems, a collaboration between leading academics in behavioral science, systems thinking, and organizational psychology. She joins Tom to talk about ethics and how it relates to ESG, stakeholders, corporate culture, as well as what place Gen Z and Millennials have in this discussion surrounding ethics and compliance in the future.

Ethics & ESG

The roots of ESG are ethical in themselves. Alison explains to Tom that the basis of ESG is that businesses ought to do good, and do no harm. "ESG really tries to deal with everything that's beyond compliance...that companies should not just not break the law, but they should do stuff about climate change and human rights and that kind of thing," she adds. ESG has a say about what businesses should and shouldn't be doing in society. The problem in recent times is that ESG is more so related to the profit side of business and not what stakeholders care about. When ethics and ESG are treated in relation to the business case, they are treated as metrics and not important corporate social responsibility.

Ethics, Stakeholders and Culture

Tom asks Alison to explain whether a conversation about ethics can be had across a broader group of stakeholders. "The idea that a company could perfectly reflect the ethics and values of every one of its stakeholders is totally ridiculous," she begins. What leaders should think about instead is the impact they have on their stakeholders. "Rather than talking about what we should and shouldn't do, a conversation could be that companies should manage the negative impacts that they have on their stakeholders and try and enhance the positive ones," Alison remarks. Another important thing for leaders to think about is if their organizations have a culture where employees don't feel safe to bring up ethical issues. The best 'speak-up' program won't be worth anything if your users don't utilize it.

A Place for Gen Z and Millennials

Tom asks Alison to elaborate on where she sees the roles of Gen Z and Millennials in driving the discussion about ethics in the future. "Younger generations want a meaningful career, and they care much much more whether a business is ethical or unethical," Alison states. If companies want to attract young people, they have to perform ethically and be known for doing so. Younger generations are much more tech-savvy, so if a business is operating unethically, they are going to leak that information via Twitter, Instagram, and Facebook. This can be detrimental to a companies’ public reputation. Shutting down ethical discussions internally is not the way for businesses to go when hiring younger generations. "If you think [that if] you can shut down this conversation, you're gonna shut down internal conflict - what you're actually doing is just pushing this outside and making it way worse," Alison stresses.

Resources

Alison Taylor | LinkedIn | Twitter

Ethical Systems

MBA in Business Ethics with Dr. Mark Woodhull

Tue, 15 Feb 2022 05:01:00 -0000

Tom Fox welcomes Dr. Mark Woodhull on this episode of the Innovation in Compliance Podcast. Mark is the Director of Graduate Business Education at Schreiber University, and a Military Science Academic Program Manager. He joins Tom to talk about the MBA program at Schreiner, what gain it brings to students, and what impact it will have on the business world in years to come.

Schreiner MBA: Why It's Important and Who It's For

Schreiner's MBA program was constructed based on feedback from regional businesses about undergraduates' lack of training in ethics. Ethics have an enormous impact on a company and determine whether they thrive or collapse. "So, we felt that we would surround our program with that particular theme," Mark tells Tom. He adds that the kind of MBA program Schreiner runs is to create all-round individuals so that they can be competent in various fields no matter what workplace they enter. "What we're trying to do is create people who are flexible, versatile and are able to work within organizations or companies on that flexible basis," Mark states.

The Future of MBA Education and Leadership

Tom asks Mark to share some insight about how he envisions the future of MBA programs as well as corporate leadership. Many universities have begun specializing their MBA programs, and Schreiner is looking at that possibility as well. The university is also creating opportunities for their Hispanic students by delivering the same MBA program in Spanish. They will be allowed to take the programs from the convenience of their homes. As for corporate America, Mark stresses that transformative leadership is the way to go.

Resources

Dr. Mark Woodhull | LinkedIn

Schreiner University | MBA Program

Ethical Leadership for Corporate Directors with Joshua Nunziato

Tue, 08 Feb 2022 05:01:00 -0000

Tom Fox welcomes Joshua Nunziato on this episode of the Innovation in Compliance Podcast. Joshua is an author, and an Instructor in the Social Responsibility and Sustainability division of the Leeds School of Business. He joins Tom to talk about corporate leaders conducting ethical leadership, its role in ESG, and why ethical leadership is a must in the future business world.

Creating Ethical Leadership

Joshua created his Ethical Leadership course for corporate leaders to equip them with the tools and insight they need to understand the changes happening around them. "We really want to help leaders who participate in our program to understand that acceleration is really the new constant," he tells Tom. Corporate leaders need to be able to respond proactively to changes and crises. The range of stakeholders has expanded, so the traditional approach to corporate director education is no longer going to work. Directors and corporate leaders need forward-looking tools to navigate their current environment.

The Relevance of Ethical Leadership in 2022

Tom asks Joshua to explain why a course on ethical leadership is needed in 2022. Joshua responds that emerging from the crisis mode of the pandemic comes with a range of challenges that board members have to face, including increasing interest rates, high inflation, and uncertainty. Board members need to be able to situate their companies against these challenges and risks, ask the right questions, and provide leadership that will drive their organizations forward.

The Role of Corporate Leaders in ESG

Sustainable leadership in ESG means that the needs and wants of the broad ecosystem of company stakeholders are being met with what Joshua calls, 'compassionate pragmatism'. "Corporate leaders are able to weigh up and evaluate the comprehensive impact that their decisions are having on the environment on local communities, on their employees, on their suppliers, on their customers, and yes on their investors," Joshua further explains. Compassionate pragmatism is also about taking in the impact, whether positive or negative, that corporate decisions may have, as well as managing what leaders can measure, and what they cannot. Leaders have to figure out what they value, and also what values they can gather as a business community that will drive them towards enduring prosperity.

America in Ethical Leadership

Joshua doesn't see America taking the lead on ESG, or other sustainability issues; however, he does see America leading relative to other economies that are trying to get their citizens into the global middle class. Innovation on various compliance and ethical issues is happening around the US, and this is because individuals are recognizing the need to respond. The impact of corporate decisions over the decades is being felt across the political spectrum. Scandals and breaches of ethics also have serious ramifications and consequences for businesses, and so it makes sense for leaders to step and lead with ethical conviction. Joshua's role as a philosopher is to expand the moral imagination of the leaders he works with, so they can ask the right questions and consider sustainable leadership possibilities they otherwise may not have thought of.

Resources

Joshua Nunziato | LinkedIn | Twitter

A Behavioral Approach to Risk Management with Vera Cherepanova

Tue, 01 Feb 2022 05:01:00 -0000

Tom Fox welcomes back Vera Cherepanova on this episode of the Innovation in Compliance Podcast. Vera is an ethics advocate, consultant, author and speaker. She joins Tom to talk about behavioral risks, the steps behavioral scientists take to analyze risk, and strategies from financial institutions that other industries can use.

Behavioral Risk in The Banking Sector

Behavioral risk is more or less the same across every industry. What is specific to the financial industry however, and banking in particular, is that the individuals work with money. This creates higher risk as the outcomes can be more immediately seen and felt by the customers.

The Regulator's Role

"The regulator has a very limited role in mandating culture because no regulator can mandate what kind of a culture and organization needs to have," Vera begins. The compliance regulator can mandate what the culture is, but how that corporate culture is going to be in reality will not be up to them. Speaking specifically of the UK and the Netherlands, Vera expresses that the regulators in these regions have played a largely educational role in the business industries. She gives Tom a few examples of the events the regulators have done in these regions.

Assessing Behavioural Risk

Tom asks Vera to talk about some of the practical steps behavioral scientists take when analyzing behavioral risk. Vera cautions that the first thing to understand when applying behavioral science is that interventions don't always work. The first thing that scientists do is assess risk using a method called ethnography. They want to understand what is really happening inside organizational teams. They focus on subcultures, and then compare that against what is written in policies and regulations. Holistic cultural assessments aren't done as behavioral scientists concentrate on specific teams. Surveys are also only used to categorize the data the scientists have collected, and to generalize some of their observations.

Strategies To Emulate

The methods financial institutions use to conduct audits are accessible for any industry. Looking into behavioral risk on top of a risk management framework is one concept that can be emulated across industries, as well as using subculture audits. These skills will be modified for each industry but Vera remarks that the basic concepts will be the same across the board.

Resources

Vera Cherepanova | LinkedIn

Studio Etica

European Banks Are Behavioral Risk Pioneers. No, Really.

Podcasting: Why It Works So Well For Lawyers with Robert Ingalls

Tue, 25 Jan 2022 05:01:00 -0000

Robert Ingalls is Tom Fox’s guest on this episode of the Innovation in Compliance Podcast. He is the Chief Product Strategist at Law Pods, a podcast for busy attorneys. In this episode, Robert and Tom talk about the power of podcasting as a medium for professionals in legal fields, why it works, and what’s in store for the future of podcasting in the legal industry.

What Makes Podcasting Work

Consumer behavior is shifting, and so are people’s learning styles. Nowadays people want to be entertained whilst receiving information; podcasts are a great medium for this, especially for legal professionals who wish to pass on legal expertise to a wider audience. “When you make a podcast you're asking them to press play and keep living their life,” Robert tells Tom. Audio allows people to consume content in a way that is most convenient and accessible to them.

Making The Leap

Lawyers have had the ability to produce audio content for many years. Tom asks Robert why this was never utilized until recently. “Because they don't need the new thing,” Robert replies, cheekily. A lot of law firms catch up with the trends slowly, and they also hope that the new trends will fizzle out or go away so they don’t have to implement them. However, the legal industry is shifting and lawyers and other legal professionals are making the leap into audio content, and picking up on social media a lot faster than they used to. They are noticing that other law firms are doing so as well, and that their clients are reacting to it. Law firms are now understanding that consumer culture is shifting and taking necessary measures to stay relevant.

The Power of Storytelling

The easiest way to attract someone to your content is via interesting and authentic stories that are also a little informal. “Be a little more informal… relax yourself and tell [your listeners] what you would want to tell them in that kind of [cocktail party] environment and pepper in some stories,” Robert advises Tom and the listening audience. The podcast is a unique area to use your voice to make a connection with someone else. When storytelling attracts your audience, it encourages them to come back, which in turn motivates them to share your content.

What’s Next

In the near future, there will be a period of concentrated growth. People will be able to ask legal questions via their digital assistants and get specific answers from lawyers, that are segmented audio clips from podcasts. Podcasting will no longer be considered something that is a fad to the legal industry but a useful tool.

Resources

Robert Ingalls | LinkedIn | Twitter

Law Pods

Leveraging Communications as an Asset with Robert Cruz

Tue, 18 Jan 2022 05:01:00 -0000

Robert Cruz is the Vice President of Information Governance at Smarsh and is Tom Fox’s guest on this episode of the Innovation in Compliance Podcast. Tom and Robert talk about information and data governance, communications data strategies, and how Smarsh helps its customers mitigate risks through its platforms.

New Communication and Risk

In the hybrid work environment employees use new communication sources such as Whatsapp, Discord, and Slack to converse daily. This poses a risk that compliance professionals are now challenged to govern since each of these technologies is different. Firms have to update their systems for this purpose and this is where Smarsh comes in. "Our communications intelligence strategy and platform helps customers bring [communication data] into a central point of control, so they can not only identify the risk but also that they can leverage this information as an asset of their business," Robert tells Tom. These new communication sources are simply ways for companies to engage, and if leaders can engage on their clients' terms, it can allow them to expand their markets.

A Level of Complexity

Workers have started to return to the office. Tom asks Robert to share how this has impacted the hybrid work environment, and if it has added any complexity for the compliance individual. The biggest challenge for compliance is that controls need to work consistently regardless of where an individual is. "You need to be securing an individual, not securing the particular location that individual is located in," Robert says. Compliance professionals need to make sure that they don't have blind spots, and that their controls work regardless of technology. This has also created more areas for which compliance professionals have to be accountable.

What's Next

Communications data strategies in the coming years are not going to be heterogeneous. Robert stresses that when data is heterogeneous, it makes it difficult for people to understand. What is going to happen in the future is an acceleration in public cloud adoption and the adoption of artificial intelligence solutions. "The use of the machine to help individuals get through the volume and variety of information... are definitely on trend lines and will just become even more prominent and common across not just large enterprises but into medium size and even smaller firms in the near future," Robert remarks to Tom.

Resources

Robert Cruz | LinkedIn

Smarsh

Integrity Matters: AML Trends for 2022

Wed, 12 Jan 2022 06:00:00 -0000

Welcome to this special podcast series, Integrity Matters sponsored by K2 Integrity. For this series, I visit with Koby Bambilia, Managing Director, and Olivia Allison, Senior Managing Director. Over the series, we look some issues and trends going forward into 2022. In this Part 2, I am joined by Koby Bambilia who looks at trends regarding AML going into 2022. Some of the highlights include:

Impact has there been to-date from the passage of the AML Act of 2020?
What has been on the mind of clients and others in the market?
Has COVID and the global crises created shifted just how bad actors take advantage of the financial system?
How are you advising your clients to mitigate these risks and get ahead of the rule making as we head into 2022?

Resources

Koby Bambilia Profile

K2 Integrity

Leadership & Climate Change: A Talk with Don MacPherson

Tue, 11 Jan 2022 05:01:00 -0000

Don MacPherson is a futurist, a history buff, and has a degree in mass communications. He is Tom Fox’s guest on this episode of the Innovation in Compliance Podcast. Tom and Don talk about talent acquisition and retention, climate change, and the future of leadership.

Nurturing The Right Talent

In the 20 years that the HR profession has been in existence, the biggest lesson that Don has learned is that ensuring you have the right talent is top priority. The companies that have the right talent are the most successful. Differentiate your organization by how you relate to your employees: provide them with better tools and resources in order to maximize their talent.

Climate Change: A Great Economic Opportunity

Tom asks Don to talk about the main topics holding his interest at the moment. Don says that climate change is one such topic. "I think about [climate change] from two ways: why did we get here, what benefits have we gotten out of it, and what opportunities does it present," he tells Tom. Even though climate change is the greatest threat to humanity at the moment, Don also sees it as “the greatest economic opportunity humans have ever seen.” Without climate change, and without global warming, humans would not have been able to build buildings, create infrastructure, travel, or create advances in both science and technology.

The Future of Leadership

While AI is going to be a big part of the future of work, it will be replacing tasks not jobs, contrary to what many people believe. What becomes important then, is leaders’ ability to connect with their employees and other stakeholders in the new hybrid workforce, and create cultures that get the best out of their people.

Resources

Don MacPherson | LinkedIn | Twitter

12 Geniuses

Integrity Matters - Fraud Trends in 2022

Wed, 05 Jan 2022 11:11:53 -0000

Welcome to this special podcast series, Integrity Matters sponsored by K2 Integrity. For this series, I visit with Koby Bambilia, Managing Director, and Olivia Allison, Senior Managing Director. Over the series, we look some issues and trends going forward into 2022. In Part 1, I am joined by Olivia Allison who looks at fraud trends going into 2022. Highlights include:

WFH and RTO will continue to present evolving challenges for fraud prevention.
Controls must be assessed and enhanced based upon changed working environments.
Impact of the Great Resignation and workforce mobility.
Multi-vector crisis and fraud prevention.
Use of fraud dashboards.

For more information, check out K2 Integrity.

Why People Don’t Whistleblow with Ian Foxley

Tue, 04 Jan 2022 05:00:00 -0000

Tom Fox welcomes Ian Foxley to this week’s episode of the Innovation in Compliance Podcast. Ian is well-known for his work as a whistleblower in the Airbus GPT corruption scandal in Saudi Arabia, and is now the founder and CEO of Parrhesia Inc. In this episode, Tom and Ian Tom Fox welcomes Ian Foxley to this week’s episode of the Innovation in Compliance Podcast. Ian is well-known for his work as a whistleblower in the Airbus GPT corruption scandal in Saudi Arabia, and is now the founder and CEO of Parrhesia Inc. In this episode, Tom and Ian talk about why individuals have a hard time speaking up, what needs to change within organizations, and what needs to be done to protect whistleblowers.

Parrhesia

Parrhesia is the principle of affording protection by the powerful to the vulnerable in exchange for vital information. It is this principle that Ian founded his company on. It is also a principle that Ian finds to be absent from the modern business world. "If you don't allow people to question what rulers are doing you end up with autocracy," he tells Tom. People need to be allowed to ask questions, and if the situation demands it, whistleblow, so that individuals in charge can take stock of their behaviour and change accordingly. Parrhesia is a social contract between an organization and an individual.

Why The Whistle Isn't Blown

Whistleblowing is about two things: declaring the information, and guarding the corporate/individual reputation. The number one root cause as to why individuals don't come forward when they have knowledge of corruption is fear. They are scared of losing their jobs, their homes, their health and in some cases their families. Ian lists four other reasons why whistleblowing doesn't occur:

Individuals fear that speaking up is not going to be effective.
Guilt because of complicity, and fear of possible legal action against themselves.
They're not brave enough to, but assuage their guilt by hindering or delaying processes within the organizations.
They believe their actions are for the greater good.

Change The Culture

Tom asks Ian what companies can do to alleviate the fear whistleblowers feel so that they can be comfortable with speaking out. "Unless you can change the culture across a number of companies and organizations, the fear will always be present," Ian stresses. There needs to be more positive examples of whistleblowers retaining their careers, their sense of identity, and their sense of worth to society after disclosing wrongdoing, or the culture will never change. The fear will always exist. The education has to change and the organizational mindset has to change.

To The Future

"In order to change the world, you have to lose your ego," Ian says in response to Tom's question on the future of whistleblowing. In the next phase of corporate existence, whistleblowers have to spread their message. They have to bring people with them and show them that they can fight, and more importantly, win.

Resources

Ian Foxley | LinkedIn | Twitter

Parrhesia Inc

Using Content to Drive Business with Jeffrey Hayzlett

Tue, 21 Dec 2021 05:01:00 -0000

Tom Fox welcomes back Jeffrey Hayzlett to this week’s episode of the Innovation in Compliance Podcast. Jeffrey is the CEO and Chairman of The C-Suite Network. In this episode, Tom and Jeffrey explore where the business world is as the year comes to an end.

The Changing Business Community

Tom asks Jeffrey to reflect on what businesses are responding to now. "That there are no old ways; there are all going to be new ways," he remarks. The mood of business is shifting, and businesses are simply going to have to adapt. There aren't going to be offices in the way they used to be because the pandemic has shown that businesses can operate well remotely. The focus is going to be on how to utilize these new environments in the best way, as well as how to effectively and safely monitor them. Companies are changing the ways they do business as well: before the pandemic content was not a priority; now it is. "You have to be able to use content to drive the business," Jeffrey iterates. Sometimes content will not generate as much money as you did previously, but it will generate engagement and reach more people. "You have to change, adapt, or die," Jeffrey insists.

Grow, But Mitigate Risk

The C-Suite Network encourages senior management to mitigate risk as much as possible. Companies have to grow while doing this, however. "If you're not growing, you're dying," Jeffrey tells Tom. Risk is always going to exist in business, but it cannot hinder you as a leader, especially a C-Suite one. "Our job is to be the most strategic people in the room," Jeffrey adds. Asking the right questions, understanding the directions of the CEOs of the companies they counsel, and assessing the processes and tools these companies have, are all part and parcel of how C-Suite leaders think about, and mitigate risk.

Where Do We Go From Here

Tom asks Jeffrey where he sees in-person conference business going in the coming years. "You're either gonna have really small groups or really big ones...not much in between," Jeffrey responds. It's going to be much more difficult in the coming years for speakers to have sustainable careers because of the digital era the world is in, and because audience preferences are changing. "If you're not a subject matter expert, if you're not a celebrity, it's going to be a long road for you as a professional speaker...You're really gonna have to have credentials," he adds. Most people are going to be looking for experts to give them advice on how to move from point A to point B, or for celebrities who can draw people in and help fill a room. "Those are the things that are going to be the key driving factors in the future," Jeffrey concludes.

Resources

Jeffrey Hayzlett | LinkedIn | Twitter

The C-Suite Network

Right Question to the Right Person at the Right Time with Ishan Girdhar

Tue, 14 Dec 2021 05:01:00 -0000

Ishan Girdhar is Tom Fox’s guest in this week’s show. He is the CEO and founder of Privva, a cloud-based platform that streamlines data security to enable law firms to easily implement their own risk assessment. Tom and Ishan explore risk management in the new hybrid work era and what compliance professionals need to be thinking about in the coming years in that regard.

The New Normal

The new hybrid work environment is here to stay. More companies are going back to the office but with fewer employees on site. This means that company leaders and compliance officers need to find a way to manage risk around virtual collaboration and communication technologies in a remote work environment. They will need to make sure that all employees are connected in a secure way. "When you have people working from home and working remotely, access to sensitive information grew exponentially… Many people have devices like Alexa or Google Home; those are devices that are recording every conversation that's happening in your home," Ishan cautions. Implementing policies that ensure employees aren't working in the vicinity of these devices and making sure that companies lock-on set intervals, will go a long way in mitigating the risk that is posed from working in this environment.

Keep Communications Focus

Employees have to act as stewards and maintain and adhere to company policies surrounding risk and compliance. Tom asks Ishan how he keeps a communications focus in his organization, in a way that doesn't lead to compliance fatigue. Compliance officers need to ensure that they're actively capturing communication across their organizations, and that they have the tools to do so. "Make sure that your tech stack has the right capabilities to capture information and communication across your network," Ishan remarks. Communicating the right ways to work with your clients and employees is also something that companies need to be thinking about. Use the right tools and the right steps to make sure your actions are in line with your internal corporate policies; the compliance departments can have access to that information if it's required.

Creating Effective Cybersecurity

"Every product that technology brings to make your lives easier, better, faster, and cheaper for your clients comes with cybersecurity risk," Ishan tells Tom. In order to mitigate cybersecurity risk, consistent training of your employees is necessary. Cybersecurity needs to be built into the culture of your organization and is a way for you to do your jobs in a timely and efficient way. Compliance professionals should be on top of what's happening in the market with regard to new threats and risks. Have detailed policy monitoring and reporting requirements, and ensure you're adapting your policies to the new norm.

Third-Party Risk

Tom posits that third-party risk is beyond company to company, and that it's actually the entire scope of your communication. Third-party risk is your suppliers, your partners, and your customers. Companies need to think about where their data is hidden, and where it's going. "How is it leaving your environment? Where is it going? What's the sensitivity of that data?" These are the questions Ishan implores leaders to think about. The biggest challenge with third-party risk management is that you have a say, but you don't have full authority in enforcing change.

What's Next

Buying technology that will be sustainable going forward is one of the best ways to respond to cybersecurity risks in the coming future. Privacy is also a big challenge that companies are going to face. "Build out your budget and make sure that you have the right investments in place as you continue to grow and continue to go into the future leading up to 2025," Ishan advises Tom and the audience.

Resources

Ishan Girdhar | LinkedIn | Twitter

Privva

Not Your Father’s Monitor-Part 5: Vin DiCianni on Where Monitors are Going in 2022 and Beyond

Fri, 10 Dec 2021 06:00:00 -0000

In October, Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime (Monaco Speech). Monaco’s remarks should be studied by every compliance professional as they portend a very large change in the way the DOJ will utilize monitors going forward. Over this podcast series, sponsored by AMI we will consider why DAG Monaco’s remarks herald a new era for monitorships.

Over this podcast series we have considered Monaco’s remarks from a variety of perspectives. Bethany Hengsbach considered this change in monitorships from the white-collar enforcement and defense perspective. Mikhail Reider Gordon looked at global aspects of the new DOJ monitor’s focus. Cristina Revelo discussed how E&C assessments help drive more compliant companies. Jesse Caplan brought his views on the intersection of the twin topics of antitrust and healthcare compliance. In this Episode 5, we conclude our series with AMI founder Vin DiCianni who looks at where monitors currently are and where monitorships are going in 2022 and beyond.

Highlights of this podcast include

Why monitorships are an appropriate tool for both the DOJ and companies to utilize.
Why now is the right time for the DOJ to refocus on the usefulness of monitors and monitorships.
Why both monitor selection, and a monitor road map are critical to the success of a monitorship.

Resources

Vin DiCianni

Not Your Father’s Monitor-Part 4: Jesse Caplan on the Intersection of Antitrust and Healthcare Monitors

Thu, 09 Dec 2021 06:00:00 -0000

Over this podcast series we have considered Monaco’s remarks from a variety of perspectives. Bethany Hengsbach considered this change in monitorships from the white-collar enforcement and defense perspective. Mikhail Reider Gordon looked at global aspects of the new DOJ monitor’s focus. Cristina Revelo discussed how E&C assessments help drive more compliant companies. Vin DiCianni looks at where monitors and monitorships are going in 2022 and beyond. In this Episode 4, Jesse Caplan brought his views on the intersection of the twin topics of antitrust and healthcare compliance.

Highlights of this podcast include

What is the intersection of healthcare and antitrust compliance?
Why compliance and ethical culture have become so important from a regulatory perspective, a commercial perspective and a talent acquisition and maintenance perspective?
How and why are States’ Attorney Generals using monitorships with greater frequency and focus.

Resources

Jesse Caplan

Not Your Father’s Monitor-Part 3: Cristina Revelo on E&C Assessment and Internal Controls

Wed, 08 Dec 2021 06:00:00 -0000

Over this podcast series, sponsored by AMI we will consider why DAG Monaco’s remarks herald a new era for monitorships. We will consider Monaco’s remarks from a variety of perspectives. Bethany Hengsbach will consider this change in monitorships from the white-collar enforcement and defense perspective. Mikhail Reider Gordon will look at global aspects of the new DOJ monitor’s focus. Cristina Revelo will discuss how E&C assessments help drive More compliant companies. Jesse Caplan brings his views on the twin topics of antitrust and healthcare compliance. We will conclude our series with AMI founder Vin DiCianni who will look at where monitors monitorships are going in 2022 and beyond. In this Episode 3, Cristina Revelo brings her internal control expertise to analyze for E&C assessments, particularly with monitors and monitorships.

Highlights of this podcast include:

Monitoring skills will be in demand as we see the rise of proactive monitorships / assessments
Compliance and ethical culture are important considerations to review.
E&C Assessments help companies get ahead of what is coming, mitigate risk, ensure compliance and address any gaps that might exist before a regulator comes knocking on their door.

Resources

Cristina Revelo

Not Your Father’s Monitor- Episode 2: Mikhail Reider Gordon on the Global Nature Aspects of New DOJ Focus on Monitors

Tue, 07 Dec 2021 06:00:00 -0000

Over this podcast series we will consider Monaco’s remarks from a variety of perspectives. Bethany Hengsbach considered this change in monitorships from the white-collar enforcement and defense perspective. Cristina Revelo discusses how E&C assessments help drive more compliant companies. Jesse Caplan will bring his views on the intersection of the twin topics of antitrust and healthcare compliance. Vin DiCianni looks at where monitors and monitorships are going in 2022 and beyond. In this Episode 2, Mikhail Reider Gordon will look at global aspects of the new DOJ monitor’s focus.

Highlights of this podcast include:

As far back as late 2020, the DOJ made clear its increased focus on working with other international regulators in the fight against bribery and corruption.
The Biden Administration and introduced legislation in Congress have targeted the global nature of corruption and kleptocracy.
We have seen and will continue to see ABC enforcement from several surprising sectors.

Resources

Mikhail Reider Gordon

The Power of Storytelling with AJ Churchill

Tue, 07 Dec 2021 05:01:00 -0000

AJ Churchill is Tom Fox’s guest in this week’s show. He is a composer, sound designer, and founder of the Lunar Company. He is also a producer on the audio drama, Earth Eclipsed. This week, Tom switches things up as he and AJ talk about AJ's podcast series, the challenges he and his team faced in developing it, and how powerful storytelling is to get messages across.

The Power of Podcasting

'The sound world is our creation, the limit is our imagination,' is a quote that AJ strongly believes in. "Nowadays we want the audience to be able to put on their headphones, close their eyes, and just completely escape into our universe," AJ tells Tom. The podcast series medium of Earth Eclipsed allows listeners to have the freedom to fully utilize their imagination and conceptualize how everything looks. The concept of the audio series and the techniques used are not new, but modern podcasting is unique in several ways. Podcasting is on-demand now, and the technology and techniques are much more advanced.

Why Apollo

The main challenge that content creators in fiction podcasting face is building an audience and making a name for themselves. AJ and his team came up with the solution for this by way of their app Apollo which will be launched mid-December. Normally, creators would crowdfund, spend money on voice actors, upload content to their RSS feed, then pray to get featured. Keeping momentum for the subsequent episodes via ads doesn't work for fiction shows. AJ and his team created Apollo, which is an app that is exclusively dedicated to fiction shows. The app will be categorized according to genre of fiction and will be free for the listeners.

Fiction As A Communicator

Fiction allows the creators to tell good stories, convey messages, and tackle themes in ways that elicit less of a hostile response. With fiction, the listeners can come to the realization themselves. "You show them the story, you present them the character, their arcs, and the conflicts… and the listeners can put one and one together, and it's a different way of shedding light on an important problem," AJ says. Fiction allows you an insight into a person's mind and their point of view, and you can get messages across in ways that are not only informative and educational, but also entertaining.

Resources

AJ Churchill | LinkedIn | Twitter

The Lunar Company

Not Your Father’s Monitor- Epsiode 1: Bethany Hengsbach on the Implications for White Collar Enforcement and Defense

Mon, 06 Dec 2021 06:00:00 -0000

Over this podcast series we will consider Monaco’s remarks from a variety of perspectives. Mikhail Reider Gordon will look at global aspects of the new DOJ monitor’s focus. Cristina Revelo discusses how E&C assessments help drive more compliant companies. Jesse Caplan will bring his views on the intersection of the twin topics of antitrust and healthcare compliance. Vin DiCianni looks at where monitors and monitorships are going in 2022 and beyond. In this Episode 1, Bethany Hengsbach considers this change in monitorships from the white-collar enforcement and defense perspective.

Highlights of this podcast include:

DOJ mandates a commitment to monitors in a non-punitive manner.
The DOJ now views monitors and monitorships as a way to extend their reach.
The DOJ hopes this new program will proactively use compliance programs to prevent future corrupt activity and prevent recidivism.

Resources

Bethany Hengsbach

Gold in the Compliance Hills: Part 5, Investment Strategies for the Compliance Professional

Fri, 03 Dec 2021 06:00:00 -0000

Welcome to a special five-part podcast series on how to unlock the gold in your program, hosted by Tom Fox with guests Gio and Nick Gallo from ComplianceLine. One of the ongoing questions in compliance is to demonstrate the Return on Investment (ROI) in your compliance program, by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick walk you through how demonstrate ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program.

Join us for the full 5 episodes and learn to see your compliance program in an entirely new light. In this concluding Part 5, we consider investments strategies for the compliance professional in the short and long term.

Some of the highlights of this episode include:

· What is Beta Investment and how does volatility work into overall compliance investment strategies?

· What is volatility and how a compliance professional can harness it for a compliance investment strategy?

· How to think about your growth curve.

· Investments in compliance to drive employee engagement and lower turnover.

Resources

Gio Gallo on LinkedIn

Nick Gallo on LinkedIn

Gold in the Compliance Hills: Part 4, Finance and Investing Models for Compliance

Thu, 02 Dec 2021 06:00:00 -0000

Join us for the full 5 episodes and learn to see your compliance program in an entirely new light. In this Part 4, we consider finance and investment models for the corporate compliance function.

Some of the highlights of this episode include:

· How does the Black Swan model of risk relate to the corporate compliance function?

· When is a possible event simply a risk and when is it a Black Swan event?

· Why is business continuity so critical?

· What are Private Equity and Venture Capital models of funding and how to they relate to the corporate compliance function?

· How to think about the payout of an investment in compliance.

Resources

Gio Gallo on LinkedIn

Nick Gallo on LinkedIn

Gold in the Compliance Hills: Part 3, Compliance and ESG Investments

Wed, 01 Dec 2021 06:00:00 -0000

Join us for the full 5 episodes and learn to see your compliance program in an entirely new light. In this Part 3, we consider how a CFO and finance department might see ESG investments differently than a CCO and compliance professional.

Some of the highlights of this episode include:

A CFO and finance function will more likely see ESG in relations to capital markets, bank financing, index funds and even insurance costs.
How can a CCO speak this language about not only the compliance program but in leading the company’s ESG efforts?
How to package your data, documentation and reports regarding ESG to appeal to a CFO.
Seek input on what investors are looking from your ESG program.

Resources

Gio Gallo on LinkedIn

Nick Gallo on LinkedIn

Gold in the Compliance Hills: Part 2, Extending Compliance Value Across an Organization

Tue, 30 Nov 2021 06:00:00 -0000

Join us for the full 5 episodes and learn to see your compliance program in an entirely new light. In this Part 2, we consider how compliance can be seen as extending the value of compliance across your entire organization.

Some of the highlights of this episode include:

How might a finance professional view things differently from a compliance professional?
Just as CCOs plan for integrated risk across an organization, CFOs do the same for financial return.
How should a compliance professional look differently at their work, through a finance lens?
Why is rice on the chess board so apt?
What is the compliance professional missing about compound interest?

Resources

Gio Gallo on LinkedIn

Nick Gallo on LinkedIn

12-Step Program for White Collar Defendants with Jeff Grant

Tue, 30 Nov 2021 05:01:00 -0000

Tom Fox read about Jeff Grant’s work in The New Yorker and was intrigued, so he invited him on this week’s show. Tom describes Jeff’s work as “an unusual professional passion”. Listeners will be inspired by Jeff’s story: what led to his arrest and prison sentence, his redemption, and how he now helps others recover.

“I Was the Problem”

Becoming a lawyer was the perfect fit for Jeff’s skill set and attitude, he tells Tom, but it was “very bad for me in terms of bipolar disorder and my alcohol and drug abuse.” He describes his descent into white collar crime, his subsequent arrest and resignation from his law practice. A suicide attempt, intervention, and a stint in rehab all contributed to his ‘aha moment’ and the road to recovery. “I was the one who had been doing things wrong, and I didn't really realize that the whole time,” he recalls. “...that was the turning point that I realized that I was the problem.”

Progressive Prison Ministries

Tom asks Jeff what led him to found Progressive Prison Ministries. Going to prison sober was the catalyst, Jeff replies. He stayed sober throughout his sentence, and on his release, he started to volunteer at criminal justice and drug and alcohol nonprofits. He also went to seminary and became an ordained minister. “I just wanted to help people who were in the same situation we were in,” he tells listeners. He had to go it alone, but he wanted others like him to have someone to turn to for support.

12-Step Approach

Jeff’s approach to helping white-collar offenders recover is based on the Alcoholics Anonymous 12-step program. Unlike AA meetings, however, his meetings are facilitated by leaders. The act of sponsoring someone is ministering to them, he says; your sponsor gives you a lot of advice, in a 12-step sort of way. “The spirit of the steps are there,” he tells Tom. What’s more powerful to him, however, is the fellowship. The Monday meeting is only a small part of it, he tells Tom. He explains how they match members together, and that they keep in contact throughout the week. “It's like being a cop,” he remarks, “you're on the job 24 hours a day, and being in recovery is being in recovery 24 hours a day… So this is really a 24-hour a day support network.”

Supporting the Families

Tom asks, “How does the family work into white-collar recovery?” They often have it worse than the defendant, Jeff answers, because they are usually unaware of what the defendant has been doing, and reality hits them “between the eyes with something like an arrest or the FBI showing up at the door.” He comments on the high incidence of divorce and family estrangement and laments that recovery is not advanced even in his network. However, they welcome everyone who needs them, he points out. “We want to provide a place of support and comfort for anybody who doesn't have a built-in support network or is estranged from their support networks.”

Supporting Attorneys and Grant Law

“I was really intrigued by some of the information on your website, one of which was that the white-collar support group can help attorneys struggling to cope with a broken justice system,” Tom comments. He asks Jeff to explain more about this. We try to help attorneys understand the humanity of white-collar offenders, Jeff responds. “We try to bring a full picture to a very complicated situation that people tend to want to paint with a very broad brush.” He is happy that more defense attorneys, prosecutors, judges, and probation officers want to learn how to integrate Jeff’s theology to be “more just and more merciful and perhaps more lenient” in their dealings with white-collar defendants.

Resources

Jeff Grant on LinkedIn | Twitter

Grant Law

Prisonist.org

Gold in the Compliance Hills: Part 1, ROI on Compliance Purchase Decisions

Mon, 29 Nov 2021 06:00:00 -0000

Join us for the full 5 episodes and learn to see your compliance program in an entirely new light. In this Part 1, we consider how compliance can be seen as a corporate ROI multiplier by looking at the impact of compliance across your entire organization.

Some of the highlights of this episode include:

· The financial principles in unlocking the ROI of compliance.

· Why the alignment of compliance with other disciplines in your organization is not only critical but a key to unlocking compliance gold.

· Compliance budgeting is not simply about a cost center mentality. It requires a different type of discussion.

· Frameworks for improving your thinking about compliance.

· Building a complex and transparent case to OPEN the discussion about your assumptions rather than only including unobjectionable assumptions

Resources

Gio Gallo on LinkedIn

Nick Gallo on LinkedIn

Workplace Fairness and Dignity

Data Cleansing and Relativity Trace with Jordan Domash Part 2

Tue, 16 Nov 2021 05:01:00 -0000

Jordan Domash returns as Tom Fox’s guest in this week’s show. Jordan is the General Manager at Relativity, a company that makes software to help users organize their data. Jordan has been leading Relativity’s communications surveillance product for the past few years and is in charge of the sale and development of the platform. This week, Jordan and Tom talk about changes in data management and cybersecurity approaches, what regulators look for and how cybersecurity will evolve in the coming years.

Relativity and Regulation

With the explosion of data volumes due to an increase in communication platforms, the variety of data sources that need to be monitored has exploded as well. In regulated organizations, employees who want to engage in mischievous activity know they're being monitored, and so are consciously doing everything they can to avoid detection. However, technology has advanced so that it is now able to capture and monitor every data source that's widely used today. Relativity offers dozens of different tools that allow a compliance officer to focus on what's truly important. "At the end of the day it's about being risk based...It's about focusing on your highest risks in the organization, defining them in advance, defining the population that is susceptible to that risk, and focusing your energy on reviewing alerts that seem the highest risk within those categories," Jordan tells Tom.

A Change In Approach

The pandemic has affected how people approach data management and cybersecurity. It has also affected how Relativity Trace responded to these issues. Regulators have made it clear that the data from voice interactions need to be recorded. Relativity has seen an influx of customers and clients requesting for more data sources to capture voice data. "We need to invest a lot to keep pace with the evolution of the world's communication habits," Jordan remarks. Compliance teams are also no longer operating next to each other so a lot of the collaboration that is happening with these teams require systems to manage them. Relativity has built tools that allow compliance teams to use one main tool to manage their internal processes. "We'd like that all centralized in the system where the actual compliance monitoring is happening," Jordan adds.

The Impact of COVID-19

The biggest impact the pandemic has had on regulatory scrutiny is the reinforcement that obligations don't change in a remote work environment. Compliance officers still need to capture all communication vehicles. Individuals may be communicating differently, or are no longer in a controlled environment, but capturing and monitoring communication data is just as important.

What's Next

In the coming years, Jordan tells Tom, businesses will be shifting away from on-site technology and moving more heavily towards cloud technologies. In compliance and compliance monitoring, there is going to be a greater focus on leveraging AI capabilities.

Resources

Jordan Domash | LinkedIn

Relativity

Series Spotlight: Revolutionizing GRC with 6clicks: Part 5 – What’s Next For 6clicks?

Fri, 12 Nov 2021 06:00:00 -0000

Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I have visited with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we broke down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports. Today, in our concluding episode, Part 5, I am joined by 6clicks co-founder Ant Stevens, as we look down the road for what will be next for 6clicks.

Stevens said that 6clicks was founded some two and half years ago to bring an affordable, accessible and easy to use, GRC capability to lots of businesses around the world. The second related mission “was to ensure that the platform was effective in driving productivity gains for both businesses and advisors and by advisors such as lawyers, accountants, general business management consultants and business advisors. These goals were achieved through a platform built from the ground up. We thought about GRC, we identified some things that were necessary for us to have in place to compete effectively in the market.”

We turned specifically to AI. Here Stevens sees the application of AI into two buckets. The first is to help businesses automate or streamline what otherwise would be a complex and time-consuming activity. The second is to identify things in data that even a professional would struggle to do effectively, without the use of some sort of technology. That is what I have called ‘finding patterns in raked leaves.’

Here Stevens turned to Haley, the 6clicks AI intelligence engine. Now “Haley helps companies with two major challenges. One is to identify similarity across standards, laws, or regulations that they need to comply with. Most are still doing this using manually spreadsheets, multiple tabs and feed lookups. There is overlap across multiple jurisdictions around the world which are generally seeking to do similar things. Businesses need to think about that in a unified way. Haley’s first application is identifying similarity across standards, laws or regulations. The second challenge is to take an existing control framework within a company and quickly identify where the gaps are relative to a standard law regulation.”

I asked Stevens if he could look down the road a bit and perhaps give us a teaser about what 6clicks might be developing. He said, “it is around our mission focusing on making GRC affordable and accessible for businesses. In the long-term, I think there is much to further automate processes for advisors, and we’re going to focus on that. To me that represents huge opportunity for innovation. We are going to look at tools, techniques to enable GRC professionals make all of this more of a reality.” Another initiative is what Stevens termed “a marketplace” which can be “be tailored by advisors for their clients. What we want to do is take this concept to the next level and allow individuals to seamlessly share, as part of their community, in a crowdsource context, both content and best practices that they have identified within the 6clicks platform and make that available to all the 6clicks users around the world.” Most excitingly for me Stevens added, “we want to bring that same sort of capability into the world of risk and compliance.”

For more information on 6clicks, check out their website here.

Series Spotlight: Revolutionizing GRC with 6clicks: Part 4 - Producing Audit-Ready Report with 6clicks Pixel Perfect™

Thu, 11 Nov 2021 06:00:00 -0000

Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I visit with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we will break down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports, and look at what’s next for 6clicks down the road. In Part 4, I am joined by 6clicks Chief Technology Officer, Dr. Heather Buker and we take up producing an audit-ready report with 6clicks Pixel Perfect™.

Buker is the transitional resource who takes the engineering and tech part of the 6clicks solution and puts it into a workable solution for customers. She says of herself, “you can see me, affectionately, as a translator if you will of the product and functionality and how that translates to business use cases, value propositions and things that clients really care about.” She went on to note, “functionality is only as good as the value proposition that it serves. I am here to make sure that those two things meet. I’m kind of the bridge.”

The problem that the 6clicks Pixel Perfect™ helps solve is repeatability. As Buker explained, “The more we can make GRC processes repeatable, even when it comes to reporting, the easier our platform will be to use and the more widely adopted we can become. To solve for this in the reporting world, we decided to automate report generation.” I asked her for an example, and she said, “6clicks Pixel Perfect™ can take a completed PCI DSS assessment and return Section Six of the report on compliance, filled out an audit ready.” This means a template mandated by the Security Standards Council to drive this functionality and ensure the report is ready to be submitted and properly formatted when generated. All an organization has to do is complete their PCI assessment and the platform will perform our “6clicks magic on the other side and deliver the PCI form from those assessment results minus all of the hassle. We are talking hours upon hours of time savings for QSAs merchants and others on their engagements.”

We concluded with some of Buker’s thoughts on how multiple stakeholders can use the information that 6clicks Pixel Perfect™ solution creates, up and down the chain in an organization, literally from the technical folks on the front lines up to the Board of Directors. She emphasized “what this functionality has to be, has to be up and down, high level, low level, right to Board members who have their monthly meeting or senior management that maybe, managing multiple projects across various lines of business. They don’t always know what they’re looking at when they look at some of these low-level risk, detailed reports or even data in general. We must make it digestible for them. We have to make it meaningful for them. We have to be able to produce reports and analytics at a really high level.”

Join us tomorrow where we conclude our series by visiting with company co-founder Ant Stevens as we explore what’s next for 6clicks.

For more information on 6clicks, check out their website here.

Series Spotlight: Revolutionizing GRC with 6clicks: Part 3 - Curating and Maintaining Robust GRC Content

Wed, 10 Nov 2021 06:00:00 -0000

Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I visit with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we will break down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports, and look at what’s next for 6clicks down the road. In Part 3, I am joined Stephen Walter to discuss curating and maintaining robust GRC content.

Walter said that for someone just starting out at a budding GRC program “navigating the complexities of achieving and maintaining, compliance within a number of regulations and or authorities can be quite daunting.” With all these regulatory compliance requirements, comes content needs. Curating the needed content which could be regulatory or compliance content or it could be as wide and as varied as “content assessments, audits, frameworks, best practice, risk libraries, policies, and control sets.” Providing and housing all of these can present some serious challenges. Next, overlay that content spread through different management systems like Google or SharePoint; together with mailboxes and, as Walter notes, “it really creates chaos. Next consider outdated regulations, leading to outdated risk management policies and other required internal content materials, can all equal noncompliance with the legislations.”

One interesting observation was that because risk and compliance has been elevated in organizations, right up to the Board agenda, these conversations are resonating with companies. This allows smaller companies to have more robust risk and compliance functions through the use of GRC tools and advisors. Walter is seeing much less of a top-down approach where unilateral decisions are made the top. It can now be a more bottom-up approach, democratizing the approach to risk and compliance and bringing in the people that are actually in the trenches to convey their message upward in the company as well. This can make the job of a GRC professional much easier with the wide variety of stakeholders involved, there is something for everyone. A GRC tool allows for the jettisoning of outdated methods and processes so a company can innovate itself into a better system.

Walter concluded with a few thoughts on the 6clicks content library, which he termed “massively rich.” It all begins with authority documents which are the standards, laws, and regulations. From there you move down to policies, which are the measures you put in place to mitigate risk or demonstrate compliance with the controls within them. Next these controls have responsibilities, such as “who does what, how often and when the control measures, which those responsibilities are maintain the effectiveness of that control.” Those are all there already inside the 6clicks content library and you can create your own.

Join us tomorrow where we take up the topic of producing audit-ready reports with 6clicks Pixel Perfect™, with 6clicks Chief Technology Officer, Dr. Heather Buker.

For more information on 6clicks, check out their website here.

Series Spotlight: Revolutionizing GRC with 6clicks: Part 2 - Utilizing Machine Learning and AI in Your GRC Practice

Tue, 09 Nov 2021 06:00:00 -0000

Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I visit with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we will break down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning (ML) in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports, and look at what’s next for 6clicks down the road. In Part 2, I am joined by Andrew Robinson to discuss utilizing ML and AI into your GRC practice.

For GRC professionals working internationally, Robinson said they must “maintain mappings or what you commonly call in the US ‘crosswalks of compliance’ frameworks.” He went on to explain these frameworks are “useful because it can allow a consultant to help a client understand how they might stack up against a particular standard. Robinson provided the example that if an organization is already complying with ISO 27,001, through these mappings, it might be able to give them an idea about what that level of compliance they have through the lens of a different framework or standard that may be relevant like the NIST cybersecurity framework.”

This productivity increase and potential cost saving does not remove the human element. This final concept is critical in moving forward. Robinson said, “I’m of the view that humans have a very important role to play. This role is supervising the machine learning models to make sure that what they are producing and the results that they are coming out with are accurate and reliable.” If they are using spreadsheets and word documents; they should, come to terms with the fact that companies and clients no longer want spreadsheets and word documents as a deliverable. GRC professionals and consultants need to need to start using similar tools and improving the way that they service their clients. Clients, both in-house and external, are starting to demand and look for this approach. Robinson noted, “the reality is that if you are doing anything else it will be seen as subpar, and no one wants to be delivering sort of subpar products. I look for a solution that can meet your customer expectations and help you deliver your services long into the future.”

We concluded by looking at GRC tools with ML and AI at a strategic level, at the senior executive level and even at the Board of Director level. Robinson feels that management at this level “understands the benefits because they understand the problem.” Their goals are to simplify compliance while understanding risk exposure. From this point, management can move to create a risk-based solution. Robinson believes, these are the types of “business problems that executives are dealing with on a daily basis. Having awareness of the machine learning model can help them navigate that complexity.” From where I sit, when you can take a tool that improves business process efficiency and use it to increase profitability through more effectual risk management it is a win for everyone.

Join us tomorrow where we take up the topic of curating and maintaining robust GRC content. With 6clicks Head of Marketing, Stephen Walter.

For more information on 6clicks, check out their website here.

Data Cleansing and Relativity Trace with Jordan Domash Part 1

Tue, 09 Nov 2021 05:01:00 -0000

Jordan Domash is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. Jordan is the General Manager at Relativity, a company that makes software to help users organize their data. The platform is used by more than 180,000 people around the world to identify key issues. Jordan has been leading Relativity’s communications surveillance product for the past few years and has been in charge of the sale and development of the platform. He joins Tom in the first part of this two-part episode to talk about his role at Relativity, data cleansing, and how the Relativity Trace platform helps its customers.

The Importance of Data Cleansing

With the move to remote work, individuals have come to rely on different sources such as Slack and Microsoft Teams to communicate with one another. Jordan tells Tom that this has led to an explosion in the amount of data that needs to be actively monitored, and that there is a larger need for data cleansing. He shares how Relativity is tackling this issue. “We've spent a lot of energy on the past couple of years answering the problem of how can we sift through all that content, focus specifically on what's risky, and what's relevant to a compliance team with as little review as possible, and really focus on being efficient with our time and actually detecting risks that are important,” Jordan remarks.

Prevent Misconduct with Relativity Trace

Compliance regulators are very concerned with how companies are preventing misconduct before it occurs. Tom asks Jordan to explain how Relativity Trace can help businesses with this problem. “By having a really effective program, you are setting the expectation that this behavior is not being tolerated at your organization,” Jordan begins. Relativity gives organizations the tools necessary to take action as soon as an incident occurs instead of waiting months, or until there’s a formal investigation. Trace is implemented in a way that’s aligned to the specific organization using it. It starts with a code of conduct, and understanding the risks that are specific to that business. Trace gives compliance teams the ability to enforce that code of conduct, make sure that the risks to the organization are being monitored, and that any violations are being detected quickly.

Artificial Intelligence to Prevent Misconduct

Artificial Intelligence is used in three ways by Relativity Trace: to remove irrelevant content and junk, to pinpoint risk and misconduct and to add context to alerts that have been generated. Relativity has technology that removes spam, industry search reports and content that isn’t generated by a person. It strips out all non-human generated text from the monitoring process so that compliance individuals can only focus on the content that is potentially risky. “We bring the three or four or five most relevant communications to that alert to the forefront so the compliance officer can really focus on what the system is saying is the most relevant,” Jordan tells Tom.

The Risk of Unstructured Data

Unstructured data is the majority of data that lives in a company that has no hierarchy associated with it. Unstructured data comes in many forms and poses a problem for professionals because it makes it hard to search across an entire system. This type of data requires a different set of technology. A lot of suspicious items may be hiding in unstructured data, and this poses a challenge to compliance officers. It will be hard for them to search for information on specific individuals if the majority of that information is hiding in the unstructured data. Organizations should be conscious of where unstructured data lives, and should have processes that can look for hidden risks and remediate them.

Resources

Jordan Domash | LinkedIn

Relativity

Series Spotlight: Revolutionizing GRC with 6clicks: Part 1 - Managing a Multi-Entity GRC Architecture with 6clicks Hub and Spoke

Mon, 08 Nov 2021 06:00:00 -0000

Welcome to this special podcast series, Series Spotlight: Revolutionizing GRC with 6clicks, sponsored by 6clicks. This week I visit with Joe Schorr, Vice President (VP) of Global Channel Sales, Andrew Robinson, co-founder and Chief Information Security Officer, Stephen Walter, head of Marketing, Dr. Heather Buker, Chief Technology Officer, and Ant Stevens, co-founder and Chief Executive Officer. Over the series, we will break down 6ckicks Hub and Spoke approach, utilizing Artificial Intelligence (AI) and Machine Learning in governance, risk and compliance (GRC), curating and maintaining a robust GRC content, producing audit ready reports, and look at what’s next for 6clicks down the road. In Part 1, I am joined by Joe Schorr on Managing a Multi-Entity GRC Architecture with 6clicks Hub and Spoke.

Schorr handles global channels, which encompasses service provider partners and technology partners and the traditional channel resale role. We turned to the ‘hub and spoke’ model which 6clicks advocates. He said that 6clicks pioneered the evolution from a multi-tenant or federated approach of GRC architecture to hub and spoke model. The difference is that in a multi-tenant or federated approach it is seen as much more vertical or up and down the chain. But the hub and spoke is “just like with airline travel, back in the old days of networking, where we had hubs, routers and switches and the computers all hooked to a hub.”

Moreover, the hub and spoke approach facilitates a GRC conversation with a wide variety of people. This could include compliance professionals, lawyers, other non-technical folks at the C-suite or executive level and certainly in the Board level and everywhere in between. It helps to define everyone’s role in the GRC and broader risk management process. Schorr said, “That’s beauty of it because you can craft it. For instance, in a Private Equity company with multiple portfolio companies, there is much sensitive information and, not everybody in every portfolio company needs to see what’s going on in every other portfolio company. This approach allows an organization to segregate all that data yet allows you the freedom to utilize the information you want to as access control is built into the architecture.”

We continued on the example of the private equity firm with multiple portfolio companies, which are sometimes in the same industry, but sometimes not. There is always a wide variety of data and disparate sources of data that you have to pull in. This disparate data has to be collected, in a manner that can be utilized by the private equity firm, the corporate office, whatever the hub might be. However, the stakeholders, corporate subsidiaries or portfolio companies at the end of the spoke might need that data to make tactical if not strategic decisions. Next, overlay reporting to senior management and then a Board of Directors, all in a changing regulatory environment. This hub and spoke architecture can be an incredibly powerful way to collect and utilize data. Schorr explained, “if you are hired to do a risk assessment against 200 portfolio companies, you have a massive set of risk data in all kinds of different things. You have collected data; you have interviews, you have done vulnerability scanning, you’ve done risk assessments, third party risk assessments, vendor assessments, everything you could possibly imagine. That is all rolled up collected somewhere and a bunch of smart people look at it and we’re all trying to grade it and do things manually and push it around. And at the end of the day, just like you said, this is really important.”

Join us tomorrow where we take up utilizing machine learning and AI in your GRC practice with Andrew Robinson, 6clicks co-founder and Chief Information and Security Officer.

For more information on 6clicks, check out their website here.

The Future of Zero Trust with Troy Fine

Tue, 02 Nov 2021 04:01:00 -0000

Troy Fine is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. He is the Senior Manager of Cybersecurity Risk Management and Compliance at Drata. Troy joins Tom to talk about data security, data protection, and risk management.

Internal and External Auditing

Auditing is external and internal. External auditing entails third parties coming in to assess a company's controls, security frameworks, and determining if they meet compliance requirements. Internal auditing involves people who work directly for the company they are assessing. They are a lot more involved with the business, and understand the requirements of the business better, so they take a more collaborative approach. Internal audit identifies the gaps within the organization, so the business can remedy them quickly, and so that the business can be prepared for an external audit. Troy points out that sometimes internal audit would assist external audit, with external audit relying on the testing that internal already performed.

How Drata Scales Your Company

Integrity and trust are the core ethos of Drata. "We built this product so that our customers can prove to their customers that they could have trust in their data security," Troy tells Tom. Currently, the company has over fifty integrations that they can pull data and test from, as well as many new frameworks. What this means is that as Drata's customers get their own customers and more requests for compliance, Drata will be able to support them through additional controls. Customers and clients are able to create a more secure environment in their organizations and meet their compliance standards at the same time. Drata allows customers to manage their control environment via continuous monitoring. When an auditor comes in to assess, they can see the control operated over a long period of time.

Assessing Third-Party Risk

Within the Drata platform, there is a vendor management page where customers can start monitoring their vendors. Customers can rank them from low to medium to high risk. For medium- and high-risk vendors, customers can log and track how well those vendors are meeting security requirements. "Part of our control testing is to check if the customer is monitoring their vendors appropriately," Troy remarks. "We want to make sure they're also monitoring their vendors, so we provide them a template that allows them to make sure that we're viewing the SOC 2 reports appropriately, and identifying any risk or end-user controls that they need to perform."

Zero Trust

Tom asks Troy what companies need to be thinking about in terms of cybersecurity in the coming years. "A big area to focus on is going to be this idea of Zero Trust," Troy says. A greater emphasis on verification, based on location, customer behavior, or just a change in general, is going to be seen in the not too distant future. "As the workforce becomes more remote, the idea that somebody behind the keyboard is not the same person that was in your office is becoming a bigger question," he adds. Implementing Zero Trust frameworks is going to become more important.

Resources

Troy Fine | LinkedIn

Drata

Automate to Demonstrate with Dan Sholler

Tue, 26 Oct 2021 07:01:00 -0000

Dan Sholler is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. He is the Software Product Marketing Leader at Exterro, an organization that creates software that helps clients address regulatory, compliance, and litigation risks at affordable costs. Dan joins Tom to talk about the work Exterro is doing in the realms of compliance risk governance.

The Evolution of Exterro

Exterro has adapted its ability to measure its results more easily, as well as test alternative approaches. Dan explains to Tom that they can test alternative messages, as well as alternative means of delivering those messages. Technology can be used to drive some of the communication to make that initiative work.

The Importance of Plan Sponsor Audits

Plan sponsor audits are significant because it’s a universal change in regulatory posture. This affects how compliance professionals need to think about their responsibilities. In the past, regulatory agencies would use a checklist for compliance personnel on compliance activities. They were more concerned with the end report. These audits shift the focus from the report ability of the compliance professional to the details of implementation that the compliance professional uses. These audits want detailed proof.

In Lieu of Cyber Incident

"When people think about cybersecurity, the first thought that comes to mind obviously is prevention," Dan remarks. The last few years have seen the escalation in cyber and ransomware attacks. It has also demonstrated that no amount of prevention is going to be good enough to limit the impact of those incidents. It’s not a matter of if, but when. The way compliance professionals limit that impact is a big part of what needs to be done from the cyber security perspective. "No one needs to respond to a [cybersecurity] incident in a technical sense," Dan says. What needs to be done instead, is to isolate whatever has happened within that environment and gather the relevant evidence in order to potentially catch the perpetrators. Business continuity also needs to be established, and the systems need to be brought back up as quickly as possible. Regulators will be looking at how tightly coordinated an organization's incident response plans are.

Legal GRC

Legal GRC is the governance risk and compliance activities that affect the legal and compliance organizations. Various operational activities have their own GRC and they are specific to those organizations, not a part of overall corporate governance. Dan tells Tom that Exterro is looking to bring together governance risk and compliance activities and its implementations into a single platform. This will make risk, controls, and implementation of those controls visible. This is important because there is a great deal of common processes that are cross-functional within legal and compliance.

What's Next

Dan tells Tom that in the future it will be commonplace for GRC subsets that focus not only on GRC but also on the implementation of its controls. It's not just going to be about compliance with regulation, but also compliance with the policy.

Resources

Dan Sholler | LinkedIn | Twitter

Exterro

Social Media and Communications with Lindsay Sweeney

Tue, 19 Oct 2021 04:01:00 -0000

This week’s guest is Lindsay Sweeney, Senior Manager of Communications at K2 Integrity, a risk, compliance, investigations, and monitoring firm. She graduated with degrees in journalism and history and was convinced that her career would be in either of those industries. However, she started working in a small shop whose clients were mostly associated with fintech; she would eventually join K2 Integrity. She joins Tom Fox to discuss how you can use social media and communications to drive home internal messages and get your message and brand out to your clients, customers, and the compliance community.

At K2

Within her first six months at K2 Integrity, the company expanded their presence in the media with a major financial crimes practice and merged with a financial integrity network in DC. From there, they kicked off a rebrand, which was both challenging and easier to do remotely due to the pandemic. She tells Tom, “It wasn't just a matter of changing our name in certain places,” she shares. “It was a matter of resetting how we think about ourselves and how we talk about ourselves, not just to clients, but also how we position ourselves internally.”

Surprise!

Tom asks Lindsay what the biggest surprises she’s had were like. “I don't know if [it was] a big surprise or more like little surprises along the way, but I've come to realize one as a communicator there is no such thing as overcommunication,” she responds. “Keeping people in the loop is not just beneficial for making sure that everyone knows where the steps are along the way, but you're going to get a different perspective from someone… that's going to change the way you do things… maybe you'll find a new way to do something that you wouldn't have previously thought of.”

The Evolution of Content Marketing

Lindsay believes that personalization and targeted information in content marketing is going to become bigger; it was already in the works, but the pandemic has accelerated the process. Additionally, there will be increased focus on bite-sized content to accommodate the attention span of people at home.

Resources

Lindsay Sweeney on LinkedIn

The Promotability Index with Amii Barnard-Bahn

Tue, 12 Oct 2021 04:01:00 -0000

Amii Barnard-Bahn, C-Suite Coach and Consultant, is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. She is a compliance professional, an author, and a key speaker. Amii joins Tom to talk about her new book, The PI Guidebook: How the Promotability Index® Can Help You Get Ahead in Your Career, and how leaders can create a healthier workplace environment for their employees.

How The PI Guidebook Helps Workplace Cultures

Amii is a firm believer in the concept of radical self-reliance, especially in your career. She is a big advocate for employees learning how to own their jobs and thinking of their responsibilities surrounding their careers differently. Amii has created a framework within the PI Guidebook that helps them with this, and she has divided the framework into five key elements: self-awareness, external awareness, strategic thinking, thought leadership, and executive presence. Becoming efficient in these disciplines will go a long way at keeping you from becoming expendable. "You do these things [and] you're going to keep your career title, would be the best in that role, and you'll always be needed," Amii tells Tom.

Who Can Use This Guide?

Amii's Guidebook is applicable to anyone who wishes to start the process of their own self-assessment. Use it for yourself to grow a leader mindset; it can also help individuals in nonprofits or governments understand their client's perspectives, as well as how companies and organizations work. Young people reading the Guidebook will find advice that Amii wishes she had when she was their age. One key piece of advice she shares is how important networking is to your professional relationships. "What matters is 'do you play nice with others'," she stresses.

The Need for The PI Guidebook

Amii is certified in a range of assessments, but she found over time that there wasn't any assessment on the market that put control in the individual person's hands regarding their own self-development. The assessments do not give companies any ability in helping their employees in an impactful way. She created the PI Guidebook to counteract that. "It's much more powerful if you can evoke people's self-inquiry and curiosity about their own development," she remarks. Her guidebook helps create a dialogue between employer and employee. The employee can self-assess and the employer can say what else the employee may need to work on. It builds a rapport between them.

Starting The Promotion Conversation

Tom asks Amii to give tips on employees asking for promotions Amii advises never bringing up promotions when your manager is sharing your performance review. Picking a quiet time when they are relaxed or want to chat is better. It's especially important to give them a heads up that you wish to speak with them and what you wish to speak about. Talk about projects that you might be interested in working on and express a desire at wanting to take on new challenges within the organization.

Resources

Amii Barnard-Bahn | LinkedIn | Twitter

The PI Guidebook

What Compliance Can Learn From Sales with Debbie Mrazek

Tue, 05 Oct 2021 04:01:00 -0000

Debbie Mrzaek, President of The Sales Company, is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. She has spent her career helping individuals and companies around the world as a sales consultant helping them develop good customer relationships. Debbie joins Tom to talk about sales processes and what compliance professionals can learn from sales personnel.

Active Listening and Communication: The Key To Success in Sales

Active listening is the key to success in sales, as the sales process is all about communication. Knowing when to speak and when to be quiet is vital, Debbie stresses: “If you’re talking more than 60% of the time, shut up. You’re not learning anything; you’re not getting any new information.” Learning to ask open-ended questions and allowing the other person to do most of the talking will go a long way. Anyone can learn the skills of a salesman, and you don’t have to be extroverted or a social butterfly to be successful in sales. All you need to do is be able to carry conversations and have genuine care for your clients.

A Proper Sales Forecast

A proper sales forecast isn’t one that’s done only once a year, but rather every day. Done this way, it drives the sales process further and also improves time management. Sales professionals can see at any point where they did well or where they went wrong. “Tackling the numbers, really understanding what they are, keeping up with them every single day, and knowing where you stand...and where you have shortcomings [can help immensely],” Debbie says. Tom adds that assessing your risk, and assessing them annually, as well as monitoring them and then adjusting your risk strategy where needed is also important.

Relationships are Key

The traditional sales model has the sales professional go out and acquire the potential client then turn them over to the inside sales customer. This approach, Debbie remarks, has its flaws because the relationship the sales professional built with the client ends up being tossed over to a stranger. Relationships are a key part about sales. “We want to establish relationships where people can come back to us again and again,” Debbie says. She talks about the third sales model which she calls the flexible sales process. In this model, the sales professional acquires the client but gets to maintain the relationship whilst working closely with the inside customer service people. Everyone in the sales department is working together as opposed to individual silos with poor communication.

Improving Your Sales Model

For individuals established in business, improving the sales model will follow the lines of assessing what’s already been done in the sales department. It involves asking yourself questions like how long it took to close an opportunity with a client and whether or not that client has bought from you more than once. Sales personnel can then use that information when they’re forecasting what they want to do in the future. Tom remarks that these concepts are applicable for in-house compliance professionals as well.

The Impact of COVID-19 and What’s Next

The pandemic has impacted the approach to sales, Debbie tells Tom. Going forward, people will decide how they want to connect and communicate with sales professionals, whether in-person, virtually, or a hybrid of both. Debbie stresses that sales professionals have to have conversations with each prospect about this because they need to know what their clients want. Sales in the future will continue to see more innovation with respect to technology and the availability of data. Salespeople are going to learn how to use data like AI. She also believes that these kinds of technologies will be more user-friendly in the coming years.

*Check out Smarsh Advance, which will be held on November 9th. For information or to register, click here.*

Resources

Debbie Mrazek | LinkedIn | Twitter

The Sales Company

Money Laundering Regulation and Compliance with Alexander Dill

Tue, 28 Sep 2021 04:01:00 -0000

Tom Fox welcomes back Alexander Dill on this week’s episode of the Innovation in Compliance Podcast. Alexander is a lecturer at UCLA, as well as an author and advisor, specializing in financial regulation, risk management, and compliance. Alexander and Tom talk about anti-money laundering and the key problems compliance professionals encounter.

The Importance of Compliance Ratings Compliance Systems

Compliance rating systems were created to measure accuracy and integrity. After the events of Enron and WorldCom, there was a general criticism of credit rating agencies. Moody's Investors Service, where Alexander spent a considerable amount of time working, got a great deal of that criticism due to the organization's poor ratings performance and its lack of fraud rating. Moody's wanted to continue to self-regulate as opposed to being regulated by the global regulators, and so the creation of these compliance systems helped with that. Alexander explains that the initial work that was done with respect to the ratings systems, helped lay the foundation for compliance when it became heavily regulated after the financial crisis of Dodd Frank.

The Compliance Regulators

Tom asks Alexander to explain the different types of regulators and what OFAC is. The main regulator for compliance is FinCen, which is the Financial Crimes Enforcement Network. FinCen is the primary rule making authority but delegates supervisory and examination authority to other agencies. Alexander goes on to list the other regulatory agencies. The regulatory agencies overlap, however the conflict that arises is that their objectives often do not align. "Banking agencies are focused on safety and soundness, and the law enforcement authorities spearheaded by FinCen focus on the law enforcement objective, so those don't always come together in a uniform manner," Alexander remarks.

The Role of Corporate Governance and Risk Management

The main role of corporate governance in anti-money laundering is to maximize shareholder welfare. Corporate governance systems are designed to protect franchise value. The systems cover all material risks that arise from conflicts of interest within agencies. Risk management is important to anti-money laundering as it is a component of corporate governance. Alexander stresses that the risk management function should fit into the corporate governance framework to be effective.

COVID-19 and Beyond

The pandemic has impacted the field of anti-money laundering and compliance in many ways, but perhaps the most notable way is that it enhanced fraudulent schemes. With a great deal of the world's population migrating online, it opened up the pathway for various cyber attacks and cyber related crimes. COVID-19 unfortunately created various opportunities for people to exploit online platforms. Alexander hoped that in the future the Anti-Money Laundering Act that was introduced last year 2020, will begin to bear fruit and that red tech innovation and machine learning will help to curb these issues.

Resources

Alexander Dill | LinkedIn | Twitter

Check out Professor Dill's book, Anti-Money Laundering Regulation and Compliance here.

Talent Acquisition and Workplace Dignity with Cecilia Akuffo

Tue, 21 Sep 2021 04:01:00 -0000

Cecilia Akuffo is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. Cecilia is a Talent Acquisition Partner who has extensive experience in management, interviewing, recruiting, and social media. Cecilia works in the higher education industry as a Tech Recruiter. She joins Tom to talk about her career, workplace dignity, and what she is looking forward to in the future.

Setting The Tone in Talent Acquisition

Talent acquisition communications training is crucial in the compliance context because that's where it all starts, Cecilia points out. The first time you look at someone's resume, or the first time you have an interaction with them in the talent acquisition process, you can start to convey your company's values, culture, and expectations. Doing recruiting right sets the tone at the beginning for how you expect individuals to comply within your organization.

The Evolution of Talent Acquisition

The main evolution in the world of talent acquisition is that it is its own entity within organizations. In the past, recruitment was not seen as much of a big priority, and companies did not actively invest in that part of their organization. Now, talent acquisition has multiple departments, and companies have recognized the need to focus on getting talent for their organizations.

Workplace Dignity

Tom asks Cecilia to talk about her podcast, and why workplace fairness and dignity is important. Cecilia explains that she wanted to highlight companies that normalized their employees coming to work in exchange for a paycheck, but not accepting abuse as part of the package. The companies that perform the best are the ones where the employees feel that the executives reflect the values that they expect of their workers. When fairness is emphasized, a healthy work environment is established.

Diversity and Inclusion

Along with an emphasis on dignity and fairness, companies need to have diversity and inclusion. Diversity is being invited, and inclusion is valuing whatever contribution you have to offer. "Inclusion is not just having people at a certain level speak… It's also inviting other voices, including those that may not have the same kind of power," Cecilia says. Give everyone an opportunity to have their voice and contribution be seen and heard.

What's Next

Tom asks Cecilia what is her vision for the podcast network and for talent acquisition. "The most important thing driving me is related to workplace fairness and dignity," she begins. There are many podcasts that focus on diversity and inclusion but not enough that focus on what is truly happening in the working world. Cecilia wants to focus on workplace dignity to bring more attention to the issue.

Resources

Cecilia Akuffo | LinkedIn | Twitter

Integrity Matters: Culture, Training and Compliance - Part 5: Operational Aspects of Training

Fri, 17 Sep 2021 05:00:00 -0000

Welcome to this special podcast series, Integrity Matters: Culture, Training and Compliance, sponsored by K2 Integrity. This week I visit with Koby Bambilia, Managing Director, and Tina Rampino, Associate Managing Director. Over the series we have broken down corporate culture, compliance training and communications. Topics included breaking down the big picture on culture, espresso shots of training, skills development and regulatory changes, tailored and risked based training and operational aspects of training. In this concluding Part 5, I am joined again by Tina Rampino who reviews key operational aspects of training, including budget, delivery and more.

We began with a discussion of one of the most critical issues around compliance training, but one I believe does not get nearly enough discussion in the compliance community, that being the issue of budgeting. During times of economic stress compliance training budgets are often tightened. Rampino believes this approach needs to be avoided. The reason is straight forward, “investing in training and professional development for employees can save money in the long-run, both operationally and when it comes to regulatory requirements. An institution’s greatest asset is their employees and especially when you’re entrusting them to protect your institution from risk.”

This means that if you are providing employees with ongoing training to assist them to continuously refine their knowledge and skills; it will also keep them engaged and incentivized to take compliance more seriously. Moreover, as Rampino noted, “developing and retaining employees is beneficial to financial institutions in the long-run and demonstrates sustainability within the compliance program.” Instead of cutting back on training budgets in general, institutions should assess the training needs as they align with the greatest risk and find ways to deliver the most targeted and relevant training across the enterprise. Rampino advocates several different styles of compliance training. These include, having a “balance of online/in-person training; including independent or self-guided training; as well as hands on training with an instructor.”

We concluded with Rampino’s thoughts on regulatory expectations around compliance training. She believes, “Regulators are more interested than ever in seeing that an institution is investing in a sustainable, scalable, and dynamic training program. They want to know that an institution understands their risks and that it demonstrates that with the training that is provided to their employees. Regulators are expecting more targeted and role-based training offerings and that the content is evolving as the risks evolve.”

K2 Integrity has developed an online training platform and resource center, Dedicated Online Financial Integrity Network (DOLFIN), to help clients with their training requirements and provide more diverse options for training content and modalities. Find out more about DOLFIN here. For more information on K2 Integrity click here.

Integrity Matters: Culture, Training and Compliance - Part 2: Espresso Shots of Training

Thu, 16 Sep 2021 13:50:45 -0000

Welcome to this special podcast series, Integrity Matters: Culture, Training and Compliance, sponsored by K2 Integrity. This week I visit with Koby Bambilia, Managing Director, and Tina Rampino, Associate Managing Director. Over this series, we will break down corporate culture, compliance training and communications. Topics include breaking down the big picture on culture, espresso shots of training, skills development and regulatory changes, tailored and risked based training and operational aspects of training. In Part 2, I am joined by Tina Rampino who discusses ‘espresso shots’ of training to help facilitate attainable training demands.

Integrity Matters: Culture, Training and Compliance – Part 4: Tailored and Risked Based Training

Thu, 16 Sep 2021 05:00:00 -0000

Welcome to this special podcast series, Integrity Matters: Culture, Training and Compliance, sponsored by K2 Integrity. This week I visit with Koby Bambilia, Managing Director, and Tina Rampino, Associate Managing Director. Over the series, we break down corporate culture, compliance training and communications. Topics include breaking down the big picture on culture, espresso shots of training, skills development and regulatory changes, tailored and risked based training and operational aspects of training. In Part 4, I am joined by Koby Bambilia to discuss why tailored and risked based training is so critical now.

In this episode we went into the weeds of specific tailored and risk-based training. Getting ahead of regulators and ensuring your institution has skills-based trainings is critical. But more than this, regulators now want to see specific risk-based training, tailored to individual needs. This approach is not limited to financial institution regulators but the US Department of Justice (DOJ), Securities and Exchange Commission (SEC), FinCEN, Office of Foreign Asset Control (OFAC) also favor this approach. I asked Bambilia if he could provide some examples from the world of financial institutions and financial services firms. Initially, he noted that an institution cannot have a blanket training without follow-up trainings on specific job functions.

Some of the different needs for different employee classifications include bank tellers, who need to know more about cash transactions and regulatory requirements, such as Currency Transaction Report (CTR) and pouch activities. This is obviously different from private wealth managers. Employees in trade finance departments need to know more than others on sanctions and embargoes. Moving on to third party relationships, correspondent banking departments need to know, for example, the red flags for nested accounts. Private bankers, who are covered under the Foreign Account Tax Compliance Act (FATCA), must be trained on the law so they can be more vigilant and aware for detecting tax evasions.

The key is that each group requires its unique training and since every institution has a different set of risks, institutions should understand that one form of training cannot fit all situations. Tailored training is a key element and, as Bambilia noted, “a universal one, regardless of the institution’s size, risks, and resources. The example of the examiner saying training is like a burger…demonstrates the need to assure proper and tailored training throughout the institution.” The bottom line is that there is no one training model which will fit all your employees.

Bambilia concluded that it “may feel like a heavy lift up front, it can pay its dividends - not just from a compliance perspective but also from an angle of operational efficiencies - you are assuring that your operation and IT staff know what to do going forward. If they know what to do - that will save a lot of pain and effort on their side, but also for you as a compliance officer.”

Integrity Matters: Culture, Training and Compliance – Part 3: Skills Development and Meeting Regulatory Needs

Wed, 15 Sep 2021 21:51:00 -0000

Welcome to this special podcast series, Integrity Matters: Culture, Training and Compliance, sponsored by K2 Integrity. This week I visit with Koby Bambilia, Managing Director, and Tina Rampino, Associate Managing Director. Over this series, we are breaking down corporate culture, compliance training and communications by discussing topics such as breaking down the big picture on culture, espresso shots of training, skills development and regulatory changes, tailored and risked based training and operational aspects of training. In Part 3, I am joined by Koby Bambilia to discuss the intersection of meeting compliance skill development and regulatory requirements.

Information Governance and The Data Industry with Peter Baumann

Tue, 14 Sep 2021 04:01:00 -0000

Peter Baumann is Tom Fox’s guest on this week’s episode of the Innovation in Compliance Podcast. He is the founder of ActiveNav, a company that helps its customers reduce data risk, make better management decisions and comply with privacy regulations. He has been in the information governance field for 30 years both as a publisher and as a content creator. Peter joins Tom to talk about how the disciplines of information governance, and the data industry, relate to a variety of compliance issues.

How Information Governance Has Changed

The most significant change in information governance, Peter tells Tom, has been its explosion of growth. Companies used to only operate from a singular network, and via a single machine. There was well managed control, and no-one else was able to have access to the information filtered through those single networks and machines. That is no longer the case. With the rise of the internet and connecting corporate networks with each other, the control has collapsed and sensitive data has become more accessible.

Being Compliant Through Data Retention Policies

Peter iterates that companies need to have a map of their data and what's actually in it. "Until you get there, you're always gonna fall short of meeting any of these privacy regulations because you can't actually say what you've got, where it is, and whether you should have it," he adds. Companies need a top and bottom approach to their data mapping, which lets companies know how to approach these issues strategically. Peter also stresses that senior management need to treat their data as if it's the best asset in their organizations. "Only when those things become a kind of de facto position will organizations start to manage and govern their data appropriately," he tells Tom.

Unstructured Data & Eradicating Dark Data

Peter explains that unstructured data is data that sits outside of a database environment. The very idea of a database is based on the concept of structure, so any data existing outside of it is unstructured. To get rid of dark data, companies need to have an understanding of what data they have, its nature, size, and where it is stored. That is the first step. The second step is minimization, that is, doing a system cleanup of redundant files or records that are beyond their natural retention policies. The final step would then be to find your sensitive data, understand what it is, then either encrypt or delete it, or move it somewhere else. This will get you to your government's baseline.

The Impact of COVID-19 & Looking To The Future

The pandemic has changed how companies approach data as content has become more fragmented now. "The biggest change I'd say, is the shift in both commercial, private, and government towards more collaborative based tools," Peter remarks. He gives the examples of Microsoft Teams and Slack. The downside of these tools however, is that they don't have the appropriate mechanisms built into their platforms to ensure that they are complying with governance. With respect to the future, companies should expect to see penalties and fines start to drift down to mid-market and eventually smaller businesses. "Ignorance and the lack of policy systems and preemptive planning won't be tolerated as an excuse by the courts," Peter warns. The tools and the experience are out there to ensure that companies are aware of what data they have so they will be expected to comply with regulations and face the consequences if they don't.

Resources

Peter Baumann | LinkedIn | Twitter

ActiveNav

Integrity Matters: Culture, Training and Compliance - Part 1: Culture of Compliance

Mon, 13 Sep 2021 05:00:00 -0000

Welcome to this special podcast series, Integrity Matters: Culture, Training and Compliance, sponsored by K2 Integrity. This week I visit with Koby Bambilia, Managing Director, and Tina Rampino, Associate Managing Director. Over the series, we will break down corporate culture, compliance training and communications. Topics include breaking down the big picture on culture, espresso shots of training, skills development and regulatory changes, tailored and risked based training and operational aspects of training. In Part 1, I am joined by Tina Rampino who breaks down the big picture on culture.

We began with the basics: that a culture of Compliance is the foundation of an organization’s compliance program. Rampino said it is a measure of how well employees feel empowered to identify, mitigate, and escalate risk within their institution. An institution’s compliance culture is set by an institution’s Board and Executive Leadership team. Their messaging should be continuously reinforced in an institution’s risk appetite statement, policies, training and enterprise-wide communications. A strong compliance culture should be evident at all levels of the financial institution and across all three lines of defense.

Rampino detailed some key questions to ask, such as “What is the tone that is set from the most senior levels of the organization? Are employees motivated by doing any and all business no matter the risk? Are they empowered to act with integrity and choose the right business that aligns with their compliance culture?” She went on to relate, “Many institutions have built training and communications programs to help employees understand what the “right business means” – reinforcing an institution’s risk appetite statement, incorporating policies and procedures, and training on red flags and high-risk issues.” She concluded, “A culture of compliance should empower employees, not just in the second line of defense but in all areas of the institution – to think about the risks being presented through their customers, transactions, and products and services and how they can do their part in mitigating risk to the institution.”

An effective compliance training program can help to ensure that an institution is regularly addressing new issues and emerging risks. It also helps to ensure that employees have the right knowledge and skills necessary to perform their roles, so they understand the risks within the institution and their business area as well as the consequences of non-compliance. Rampino detailed some of the areas your organization should focus on with the following questions, “Do our training programs match the risks of our institution, and the variety of functions within it?”; “Do our employees have the right experience and training to do their jobs?” and “Are we regularly addressing new issues and ensuring our programs help our teams deal with emerging risks?”

In terms of an effective communications program, institutions should ensure robust and recurring communication. “One and done” is not an effective way to deliver communications or develop an organizational culture. A robust program issues clear messages in a recurring fashion. Rampino concluded with some key takeaways on communications. First, institutions that want to create a culture of compliance should issue policy alerts and remind staff of changes. Second, information should then be easily accessible and readily available for employees. Finally, town halls, quarterly newsletters, and even short video messages explaining changes can be effective ways to ensure that all staff members understand what they must do to support the institution’s focus on compliance.

For more information, go to K2 Integrity.

Looking Back at 9/11: John Lee Dumas - “I Knew I Was Going to War”

Sat, 11 Sep 2021 04:01:00 -0000

John Lee Dumas, host of the award-winning podcast Entrepreneurs on Fire, joins Tom Fox on the last installment of Looking Back at 9/11 to commemorate the 20th anniversary of the 9/11 attack. He tells Tom how his life changed in that pivotal moment, and the big lessons he learned.

A Time of War

John tells Tom that he was in his final year at Providence College, and in the ROTC cadets, on 9/11. When he saw the towers fall, he knew at once that it would change the trajectory of his career. He and his roommate looked at each other and they knew “that our next four years of active duty army experience went from being in the peacetime army to looking like we were going to war.” Within hours they were called to active duty: “We just became officers in the US army during a time of war,” John recalls.

Leadership Lessons from the Army

Tom asks John what leadership lessons he learned from his time in the army. John outlines three major takeaways that his time in combat taught him:

To learn from those who went before. “I learned right at the beginning, I needed to stand upon the shoulders of giants,” he remarks.
A good decision now is better than a great decision later. Action is everything. Make the best decision you can with the information you have, take action, then adjust if you need to when you know more.
If you discover later on that you made a wrong decision, cut your losses and move on. Don’t compound that mistake by staying in a bad place, John advises. “I kept being willing to pull back and say let's try again, until I finally made a great decision. It took six years to make my first great decision, but that great decision has led to the last 10 years of living the exact life that I want to live.”

What Americans Should Remember

John wants Americans to appreciate their freedom, because it was hard won. He tells listeners, “So few people have ever experienced what true lawlessness is. And until you’ve experienced that, it's hard to really appreciate what we do have here. But you know, this is a great country and it is the home of the free because of the brave. And I hope that's just something that we will always remember.”

Resources

John Lee Dumas: Entrepreneurs on Fire | Twitter

Looking Back at 9/11: Scott Moritz - It Changed Overnight

Fri, 10 Sep 2021 04:01:00 -0000

Scott Moritz is Tom Fox’s guest on this episode of Looking Back at 9/11. Scott is the Senior Managing Director at FTI Consulting Risk and Investigations, assisting clients and their outside counsel in managing their response to white collar crime, misconduct and bribery incidents. He is also the host of the podcast series, Fraud Eats Strategy. Scott joins Tom to talk about how the events of 9/11 impacted the FBI.

How 9/11 Changed The FBI: Structural and Cultural Ambidexterity

9/11 fundamentally changed the FBI overnight. Scott remarks that for a long time after 9/11, the FBI was primarily focused on the attack on the Trade Center. That was the Bureau’s main investigation, and it was being worked on by all the FBI field offices, and virtually every foreign attache office in the world. Many scholars, through various organizational studies and surveys, assumed that the FBI would have created simultaneous frontline structures and processes to balance their two competing missions: national security and law enforcement. The scholars also posited that perhaps the FBI would engage in cultural ambidexterity, which would be to refuse to take on the mission of national security altogether. The FBI did something altogether unexpected and tackled both.

The Benefit of One Agency

“There was this rapid emergence of two clear, but distinct, identities, and eventually, you know, one new unified identity FBI, but some changes where, terrorism cases were centralized at headquarters...This was a big departure from the way that the FBI normally operated,” Scott tells Tom. By staying as a single agency, the FBI had better access to local law enforcement agencies and could take better advantage of defendants with information that could advance the national security mission.

A Shift In The Private Sector

Tom asks Scott to talk about any changes in the private sector he was personally involved in. The major change in the private sector post-9/11, especially with respect to financial institutions, was the induction of the Patriot Act which also paved the way for other significant changes. Financial Institutions and broker dealers had to harden the security of buildings and supply chains across the country’s infrastructure. There was also the explosion of no fly lists, watch lists and terrorist watch lists. Banks, building owners and brokerage companies had to navigate these systems often, and quickly. Scott was very involved in helping these institutions in their anti money laundering obligations, as well as their security obligations.

Looking To The Future

Tom asks Scott to share some reflections on 9/11, and for the future. Scott remarks that post-9/11, the country was more united and people were more compassionate to one another. The best of humanity in forms of kindness and outpouring of love was seen not just from Americans to each other, but from the rest of the world to America. He hopes that someday he can see that kind of love and unity again.

Resources

Scott Moritz | LinkedIn | Twitter

Fraud Eats Strategy

Looking Back at 9/11: Eric Feldman - A Wake Up Call

Thu, 09 Sep 2021 04:01:00 -0000

Eric Feldman is Tom Fox’s guest on this episode of Looking Back at 9/11. Eric is the Senior Vice President and Managing Director at Affiliated Monitors, a company that deals with monitoring large and small companies in the government contracting, construction, engineering, manufacturing, and financial services. He also conducts assessments of corporate ethics and compliance programs across many countries. Eric joins Tom to talk about the impact the events of 9/11 had on the role of Inspector General.

The Impact of 9/11 on The IG's Role

Eric explains to Tom that 9/11 was the most informative time of his career, and the careers of many other Inspector Generals. It was a refocusing moment for everyone. Eric got to work within the oversight function, but as part of the mission he was overseeing. "That focus on mission was it for me," he tells Tom. Eric expresses that understanding the mission helped make him a better Inspector General. IGs all over the world became more concerned with looking at the broader picture of how funds were being used at their agencies to fight the war on terror, instead of the minutiae of looking at time and attendance reporting.

The Importance of The IG Now

Tom asks Eric to elaborate on how the IG's role rose in prominence post-9/11. Eric explains that government IGs became "part of the team" in different ways. There is more collaboration now across the agencies that IGs oversee. There is also independence: Eric expresses that there must be a balance between collaboration and independence. IGs are especially important as they ensure that the dollars being spent on the war and mission are being spent properly.

A Wake Up Call of Unity

Eric reflects that 9/11 was a wake-up call for the United States. The country came together, and there was a level of unity and patriotism, as well as a sense of duty that overtook politics. Eric hopes that the people can return to that unity without another catastrophe.

Resources

Eric Feldman | LinkedIn | Twitter

Affiliated Monitors

Looking back at 9/11: Alex Dill - Patriot Act: The AML Response to Terrorist Threats

Wed, 08 Sep 2021 04:01:00 -0000

Alex Dill is Tom Fox’s guest on this episode of the Looking Back at 9/11 Series. Alex is a scholar and professor specializing in financial regulation, risk management and compliance. He also has corporate experience in the ethics of business practices in finance, bankruptcy, bond covenants, and debt markets. He joins Tom to talk about The Patriot Act’s impact on responding to terrorist threats.

How 9/11 Changed AML

Before 9/11, AML regulations were very lax and backward looking. The focus was on prosecuting crimes that were already committed, and prosecuting money laundering, more so than the financing of terrorism. Banks weren’t engaging in meaningful customer due diligence as they felt the process invasive. After 9/11, this all changed. Law enforcement agencies and financial institutions revamped their policies and procedures to take a more preventive approach to AML and financing of terrorism. This led to The Patriot Act.

The Financial Response

Tom asks Alex if he saw a similar regulatory response with non-financial institutions with respect to Patriot Act AML procedures post-9/11. “There was a huge amount of rulemaking that had to be done,” Alex responds. He adds that public companies adopted customer due diligence, and that it was applied more broadly to different sectors, but with a risk-based approach. Companies now had to file suspicious activity reports, not just banks. Customer identification was also introduced. “The Patriot Act sought to encourage cooperation among law enforcement agencies, and among the financial institutions themselves to share information and obtain information from foreign law enforcement authorities,” Alex tells Tom.

The Challenge With The Patriot Act

Alex explains to Tom that there are challenges with the Patriot Act. A major challenge is detecting the financing that goes into these attacks. Funds that finance these actions are sourced from both legal and illegal means, and that is a major issue. The transaction amount can be small, and this might pose a risk to some compliance officers.

Technology in Anti-Terrorism

Alex remarks that technology is very important moving forward in the fight against terrorism, as it has changed the way we function in our world. The downside of technology is that it has also helped create some of the compliance issues we have today. Social media platforms have helped to create polarization in the society, and programs like cryptocurrency have been used by criminals for money laundering, and financing terrorism. However, Alex ends with a positive note stating that the AML act of 2020 has been doing the work to help curb these issues.

Resources

Alex Dill | LinkedIn | Twitter

Looking Back at 9/11: Juan Zarate - The Treasury Department Responds

Tue, 07 Sep 2021 04:01:00 -0000

Juan Zarate is the Global co-Managing Partner and Chief Strategy Officer at K2 integrity. On 9/11 he was a prosecutor at the Treasury Department working on international enforcement issues, anti money laundering, anti-corruption and anti-terrorist financing. He joins Tom Fox to commemorate the 20th anniversary of 9/11. They discuss how his role changed, the Treasury Department response and what the tragic event means for him.

A Change of Mission

9/11 changed the mission of the Treasury Department. Juan tells Tom, “We went after terrorist financing to try to disrupt and dismantle Al-Qaeda's terrorist networks and infrastructure, and disrupt how illicit financing was flowing through the international system.” He recalls where he was on the fateful day and how seeing the smoke from the Towers and the Pentagon affected him emotionally. Something very different was happening, he recalls; the country was under attack.

He outlines the strategic, departmental and tactical changes implemented after 9/11 to fight terrorism. The President declared that we were now at war. “The attitude and the strategic direction of the government was [that] we now have to prevent terrorist attacks,” Juan recalls. “We have to disrupt and dismantle terrorist networks. And that led to an entire preventative paradigm for the counter-terrorism approach to the government.” The new mission of the Treasury Department was the following areas, Juan remarks: “How do you use financial information more aggressively? How do we think about the use of tools and authorities that the Treasury has, like sanctions, anti money laundering rules? How do we think about the relationships internationally with central banks, finance ministries? How do we get the world on board to disrupt terrorist financing, to rip these organizations out of the legitimate financial commercial world?” The Patriot Act was one tactical change, among others, that was implemented to achieve the new mission of fighting terrorism.

What 9/11 Means

Tom asks Juan, “What are your reflections now as we come up on the 20th anniversary of the day of 9/11, and really what it meant for America and for you 20 years later?” Juan responds that he has mixed emotions. He thinks about the victims and their families first of all. That day changed history, he says. “It changed the way that the U S government viewed the world. It changed the way that we operated our strategy. And it changed the sense of our vulnerability.” The recent events in Afghanistan make the 20th anniversary even more difficult for Juan. “I have very mixed emotions coming on the 20th anniversary of 9/11,” he concludes, “but I'm very proud of the work that we did. I'm proud of the people I served with and my sympathies go out to the victims and their families.”

Resources

Juan Zarate at K2 Integrity

Looking Back at 9/11: Gabe Hidalgo - Needing to Make a Difference

Mon, 06 Sep 2021 04:01:00 -0000

On the 20th anniversary of the 9/11 terrorist attack, Tom Fox and guests look back on the tragic event and what it meant for them personally, as well as how it impacted the world of compliance. Tom’s first guest this week is Gabe Hidalgo, anti money laundering compliance expert, who shares how the events of that fateful day changed the course of his career.

Looking Back

Gabe - who worked as outside counsel for insurance companies at the time - remembers turning on YahooTV as soon as he got to his office on 9/11 and seeing the second plane hit the World Trade Towers. He knew immediately that it was a deliberate attack. “I knew that this was kind of a hallmark moment,” he tells Tom, “that this was not an accident.” He details leaving the office in haste to get to his pregnant wife, and the obstacles and roadblocks he faced on the way. When they finally reunited at home, they were overcome with emotion. He remembers feeling gutted thinking about the unborn children who would grow up never knowing their fathers.

Needing to Do Something

Gabe needed to do something more than just shed tears about 9/11, he tells Tom. He started to think about how he could use his skills as an attorney. “I went down the path of looking in private industry, what I can do, and came across anti money laundering compliance, which I thought was fascinating. And I said to myself, I need a way for me to be able to get into that so that I can start making a difference.” He shares his journey into the field, and that it was exactly the right time and the right fit for him. 9/11 was a wake up call for America, he remarks. It made us realize that we need to do whatever we can to prevent anything similar from happening again.

Evolution of AML Since 9/11

Tom asks Gabe how AML compliance has advanced since 9/11. It’s much more difficult for terrorist financiers to move funds now, he responds. “A lot of institutions have strengthened and hardened their compliance programs to the point where they can monitor individual transactions as they're moving across the transactional workflow in the United States. They examine each and every transaction that's coming across from a correspondent banking perspective, which is probably one of the most high-risk channels for money movement.” Gabe and his colleagues have done great work over the past 20 years, which has helped law enforcement stop and apprehend would-be terrorists. However, we can’t be complacent, Gabe says.

Tom asks what 9/11 means for America. The 20th anniversary is a somber one, Gabe replies. 9/11 taught us not to be naive, that we’re not as protected as we think we are. He is proud of the advancements made to keep everyone safe, but the work continues. “It's a moment of reflection,” he points out. “We need to think about not only the people who have lost their lives, but everyone that was impacted - whether they were directly impacted through a family loss, or they were emotionally impacted by what actually occurred.”

Resources

Gabe Hidalgo on LinkedIn

World’s Most Ethical Companies 2022 with Doug Allen and Erica Salmon Byrne

Tue, 31 Aug 2021 04:01:00 -0000

Managing Director of Ethisphere, Doug Allen and Erica Salmon Byrne, EVP of Governance and Compliance, join Tom Fox on this week’s episode to talk about the World’s Most Ethical Companies award put on by Ethisphere every year.

Origins

Ethisphere was created to advance the standards of ethical practices. Doug says that their three tenets are “to define what's good in terms of how businesses do business with integrity; ...to measure and improve in all facets of integrity and then curating and convening organizations of like cultures and nature…” WMEC is the “purest manifestation of all these key tenets,” he continues, as it was established 16 years ago to “celebrate and recognize organizations that were doing business the right way.” The application process is rigorous, but it helps companies measure and assess their performance as well as give them a roadmap on how to improve. Erica comments that it “pulls the practical out of the theoretical… We spend a lot of our time taking those very broad strokes of guidance that we see from the regulators... and saying ‘What does this look like in practice?’”

How WMEC Has Evolved

The main survey applicants have to fill out for WMEC has become more expansive, as it is updated yearly. Doug and Erica tell Tom about some topics that were added as the survey evolved, including questions about supply chain compliance, human rights, culture and stakeholder engagement. Being a WMEC awardee is a powerful tool: companies who keep their purpose and ethos at the forefront outperform their competitors, Erica says.

Applying for WMEC

Applications for WMEC open in early August. Doug describes the timeline for the review process and when they announce the awardees. Tom comments that applying for WMEC is more important than winning. “Just by engaging with the application process itself,” Doug remarks, “you get a very clear and detailed description of where trends are going…” Tom adds that it can also be seen as a gap analysis. Erica agrees and walks through the application and review process. Survey scores, validating documents, and Ethisphere’s independent reputation analysis are all used to determine the ultimate winners, she explains. Tom asks who should apply. Doug responds, “This is a process we developed intentionally to be applicable to organizations around the world of any sector and industry, ...of just about any size as well.” Erica re-emphasizes the benefits of applying even if you don’t think you are ready. The feedback you receive from your application, as well as the access to great resources, is worth so much, she points out.

Resources

WorldsMostEthicalCompanies.com

MWEApplications@ethisphere.com

Erica Salmon Byrne on LinkedIn

Doug Allen on LinkedIn

The Compliance Entrepreneur’s Handbook with Kristy Grant-Hart, Joe Murphy, and Kirsten Liston

Tue, 24 Aug 2021 04:02:00 -0000

Kristy Grant-Hart, Joe Murphy, and Kirsten Liston are Tom Fox’s guests on this week’s episode of the Innovation in Compliance Podcast. Kristy is the CEO and founder of Spark Compliance Consulting, as well as an author and keynote speaker. Joe is currently the editor of the Compliance & Ethics Professional magazine, and the Director of Public Policy. Kirsten is a certified Compliance and Ethics Professional, an author, and a keynote speaker. They join Tom to talk about their book ‘The Compliance Entrepreneur’s Handbook’, and what insights compliance professionals can use from it in their organizations.

The Genesis

The Compliance Entrepreneur’s Handbook is about helping people who want to go into business in the compliance and ethics field. Kristy explains that there was an initial presentation and that the three of them were assigned sections of the book to write. “Each one of us wrote an original draft of those sections, switched them so that each person made comments on them, and then I did the edit where we put it all together. So it had essentially one voice but you can still pretty clearly hear the dynamics and the interesting stories of each individual person, and that's how it came to be,” she tells Tom.

What Do You Need

The book is structured to answer the questions of ‘What do I do now?’ ‘What decisions can I make?’ and ‘Who should I partner with?’ It shows entrepreneurs how to execute a compliance startup, as well as critical marketing, sales, and exit strategies. An exit strategy is especially important, and something entrepreneurs don’t think about in the beginning. “If your plan doesn't include an exit, then it's the wrong plan. You don't have to exit in five years but you should be thinking about making your business ready to sell,” Kristy stresses.

An Entrepreneur’s Advice

Tom asks Kristy, Kirsten, and Joe to share their top pieces of advice to individuals who wish to start the entrepreneurship journey. Kirsten emphasizes nailing down the money, setting up your account, and knowing how to read a balance sheet. “You need to make sure you’re selling something for a profit, and that that profit is reaching you soon enough to pay for the work to deliver it,” she remarks. Kristy stresses on planning to have a business. Most people get caught up in the idea of having a business but do not plan for it, nor do they take into account all the legal documents that are needed or putting their website together. Joe shares some insight for entrepreneurs who are introverts. “Don't think just because you're an introvert you can't do this. You just need to team with people who have complementary skills. One [other] piece of advice I have for anybody going into business is read the Wall Street Journal every day,” he says.

The Best and Worst Parts of Being an Entrepreneur

The best part of being an entrepreneur to Kirsten is owning the business. All the profit and all the successes are yours, and all the decisions are your own to make. On the other side, one of the worst parts of being an entrepreneur is that you own the business. Meaning that any losses or failures are yours to bear, and that your employees look to you to fix the problems that may occur. An advantage of being an entrepreneur to Kristy is the freedom to develop strategy, and the freedom to make choices without anyone telling you no. Alternatively, a disadvantage to her is managing the emotional aspect of it all. For Joe, the best and worst parts of being an entrepreneur is the freedom and control over what you do professionally but being treated like you don’t belong [in the compliance realm] because you’re a vendor.

Resources

Kristy Grant-Hart | LinkedIn | Twitter

Compliance Kristy

Spark Compliance Consulting

Joe Murphy | LinkedIn | Twitter

Society of Corporate Compliance & Ethics

Kirsten Liston | LinkedIn

Rethink Compliance

The Compliance Entrepreneur’s Handbook

Dennis Kucinich: The Division of Light and Power

Tue, 17 Aug 2021 04:02:00 -0000

Dennis Kucinich is a career politician who has worked at the municipal, state, and federal levels and is joining Tom Fox on the Innovation in Compliance to talk about his newest book Division of Light and Power. This book is a story of corporate espionage, corporate sabotage, bank extortion of a city, and a mob-directed assassination plot that took place in Cleveland back in the 70s when Dennis was the mayor at only 31-years-old.

What Happened in Cleveland

In Cleveland in the 1970s, there were two electricity companies: Munilight, a public company, and Cleveland Electric Illuminating Co, a private company. The municipal company was able to provide cheaper electricity to citizens of the city, and so became the target of an aggressive sabotage campaign on the part of CEI, so they could acquire the utility and have a monopoly on power in the city. They succeeded. As Mayor of Cleveland, Dennis tried to block the acquisition and became the target of a mob-directed assassination plot. Tom makes the point that issues like this are still happening, mentioning the recent Texas blackouts during a winter storm which were caused by negligence, incompetence, or criminal activity.

The Role of the Media

This was possible, in large part because of the complicity of the media. CEI had a massive advertising budget, and no qualms about bribing or otherwise “softening up” city council members to discredit Munilight. Tom points out that the press has a huge role in anti-corruption activities and asks Dennis how the media failed to examine the governance of the city of Cleveland, and Dennis responds that “he who pays the piper calls the tune.” The media was subverted to CEI’s agenda, and reporters who went against the party line were fired.

Accountability in Government

Tom and Dennis discuss the fact that government works – the question is who does it work for? Dennis says that if citizens want the government to be working for them, they have to keep their representatives honest by asking questions, demanding explanations, and refusing to be silent when something seems off. Otherwise, you are at the mercy of officials using their power to make a buck.

How to be Incorruptible

Tom asks Dennis what made him able to resist literal suitcases full of cash when they were offered to him, and Dennis says there is a Crosby Stills, Nash song called Teach Your Children with a line that goes: You, who are on the road, must have a code, that you can live by.” Dennis shares what his code is: an inner moral compass that is a simple understanding of what’s right and what’s wrong. He believes that when you do wrong, you pay for it, and that by leading a decent and moral life where you don’t need to worry about what you did or said – that’s an easy way to live: with a light heart.

Resources:

Division of Light and Power

Crosby, Still and Nash, “Teach Your Children”

Fighting Financial Crime and Terrorist Financing

Tue, 10 Aug 2021 04:02:00 -0000

To celebrate the 200th Episode of Innovation in Compliance, Tom Fox is joined by Dan Skolnick, the VP of Product Strategy for Financial Crimes at Lexis Nexis Risk Solutions to talk about fighting financial crime and terrorist financing with cutting-edge technologies. Dan got into the industry after a hot tip at a family party led him to Fircosoft, which was on its way to becoming an industry leader in financial crime prevention technology.

Ahead of the Curve

Financial Crimes experts are much further ahead than other kinds of misconduct investigations professionals, so Tom asks about the evolution of Dan’s professional roles over his career. Dan says that when he started working in the industry, he was Sanction Screening for OFEC - but within a year of starting in the industry, the US Patriot Act was implemented which caused a huge shift in the type of work being done. The job has gone from looking for a very specific type of information to looking for risk across your customer base. Financial Crimes experts are much further ahead than other kinds of misconduct investigations professionals and have the tools, resources and brainpower to prevent financial misconduct.

Deputizing the Talent

The government has, in effect, deputized financial services firms to help them with the terrorism financing problem that was being addressed with the Patriot Act. Because of the sheer quantity of data being collected and analyzed, financial services businesses had the information and know-how to be helpful to law enforcement and in foreign policy, developing a crime-fighting and enforcement culture. Today, you would be hard-pressed to find a bank without an executive who has that kind of enforcement or policy background.

Decision Memory and Reapplication.

Dan explains that a consequence of the emphasis on detection and prevention of terrorist financing is that you really have to prevent transactions rather than identify what happened in the past. In most cases, you need a human to intervene when you have a potential match - but there are more bad actors, more jurisdictions providing lists of bad actors, and more transactions happening on a daily basis than ever before - a technological solution is required.

The Patriot Act and Public Companies

Tom asks about the anti-money-laundering law that was passed this year which was the largest update to the Patriot Act since it was initially implemented. The new administration has made it clear that they are going to continue to fight financial crimes and terrorist financing. Dan agrees, and goes on to talk about how anti-money-laundering regulation is one of the few truly bi-partisan issues out there! Everyone expects more screening, more insights, and more reports, regardless of who is in charge.

The same is true of public companies - different industries that deal with a high volume of transactions are interested in these tools, and that has been a major push for Dan and his colleagues since being acquired by Accuity and Lexis Nexis.

Resources:

Accuity.com

Risk.lexisnexis.com

This podcast was sponsored by Lexis Nexis Risk Solutions and RegTech Pulse. RegTech Pulse examines the latest industry and technology trends that help organizations fight financial crime and streamline payments, so money and goods can move safely and securely around the world. Industry experts across the world join the conversation to share their insights and discuss best practices. RegTech Pulse is brought to you by Accuity, a LexisNexis Risk Solutions company, which helps power compliant and assured client transactions to build an interconnected and trusted financial ecosystem.

Have you ever wanted to start a podcast? Email Tfox@Tfoxlaw.com to tell your story and join the Compliance Podcast Network

Banking For The Future with Lauren Sparks

Tue, 03 Aug 2021 04:01:00 -0000

Tom Fox’s guest this week is Lauren Sparks. Lauren is the founder, Chairperson and President of Agility Bank, a woman-owned and led commercial community bank. Lauren has more than 35 years experience as a banking executive and has dedicated her career to helping growth-oriented business leaders achieve their financial goals. She and Tom talk about digital innovations for banking, and why community banks should not be written off as a thing of the past.

Fostering Small and Medium Business

Lauren founded Agility Banking because she felt that many women were being left behind in the decision processes in financial services. As a women-owned and women-led organization, Agility Banking is a minority depository institution. This designation offers many opportunities, such as having larger financial institutions and large corporations as partners. “Community banks fill a space and do lending that the larger banks have backed away from,” Lauren explains. Loans are harder to come by for smaller businesses and community banks like Agility are helping to mitigate that issue. With the technology that Agility is putting together, they can do smaller loans and bridge the gap that’s in the small and medium business market. Community banks can also pivot quicker than larger banks, as evidenced by the past few months.

Meeting Clients Where They Are

Agility is all about meeting clients where they are and creating innovations that can make banking easy and convenient. “So much about what we've built for the bank is about being on the client side of the desk,” Lauren stresses. “So more than just a checking account and really being able to adapt to circumstances and meeting the customer where they are, as opposed to always demanding that the client comes to the bank on the bank's terms.” The approach has been taking the perspective of a business bank and adapting to what the evolving small business market needs.

Looking Ahead

Agility is positioning itself for the ecosystem of the future. The banking industry is becoming more and more digital every day. As such, Agility always has to be prepared to spend money on new technology to make themselves available to their clients.

Resources

Lauren Sparks | LinkedIn

Agility Banking

Hitting The Magic Button with Heather Buker

Tue, 27 Jul 2021 04:01:00 -0000

Tom Fox’s guest this week is Heather Buker. Heather is the Product Manager at Allgress and oversees the full life cycle of development and QA processes. She has spent her professional life in the world of computer engineering until making her way into the cybersecurity space. Tom welcomes her to this week’s show to talk about a new innovation from Allgress around authorizations to operate in the federal sector.

All About Allgress

Heather explains that Allgress is for highly regulated industries such as technology, government, and healthcare. “Allgress in general is a global provider of next-generation audit, compliance, security, and risk management solutions for organizations and their business partners to meet business risk objectives,” she says. Allgress enables organizations to streamline these processes and manage assessment monitoring in a more simplified way, and without the need for a contingent of consultants.

Fed Ramps & ATOs

Tom asks Heather to explain what fed ramps and ATOs are and why they’re important. Fed ramps are federal risk and management programs that are government-wide. The programs provide a standardized approach to security assessments and continuous monitoring for cloud-based services. An ATO is the government giving you the authorization to operate a compliant cloud-based service. ATOs and fed ramps are necessary if you sell your service to the federal government. After acquiring your fed ramp or ATO, then you can focus on maintaining the continuous monitoring that the ATO provides.

How Allgress Maintains Your Federal ATO Effectively

“We're going to give you the dynamic preparedness assessment; we're going to automatically determine your impact level based on a survey; we're going to guide you through [attaining an ATO] step by step,” Heather tells Tom. Allgress completely streamlines this process via automation and creates the audit trail that its clients need. “When the auditors come and they have questions, you're gonna have all of the answers, and it's going to be in the single pane of glass view that Allgress provides,” she adds. Allgress provides all the evidence and policies necessary for when you’re testing to the federal controls.

The Impact of COVID-19 & What’s Next

The pandemic put a spotlight on the need for GRC solutions and exposed those companies that didn’t have those processes in place. It was a reminder to organizations that we never know when unexpected risk may strike, how we may be impacted, and how it may affect our organizational systems. Businesses have to start preparing for unexpected risks within our organizations. Heather explains to Tom that Allgress helps with this by automating organizational and partner risk assessment and leading them in the direction of a recovery plan. Businesses also need to be putting more importance on the usability of their products.

“User adoption is something that's so difficult to achieve when you introduce a new product to your workforce... It's imperative that GRC solutions continue to become more user-friendly and reduce that learning curve so that users are going to adopt the technology more quickly and with ease,” Heather remarks.

Resources

Heather Buker | LinkedIn | Twitter

The Groundbreaking Guide to Third-Party & Supply Chain Risk Management: How Exiger’s TRADES Framework Revolutionizes TPRM & SCRM in 2021 and Beyond-Part 6-Supplier Monitoring

Fri, 23 Jul 2021 05:10:00 -0000

Welcome to a special six-part podcast series, sponsored by Exiger, on the TRADES Framework, a conceptual, strategic and practical guide for Third-Party and Supply Chain Risk Management designed by Exiger to help organizations achieve supply chain resiliency and optimize risk management at any phase of maturity. In this concluding episode, I am joined by Brandon Daniels, President, Global Markets and Erika Peters, Managing Director, Global Markets Group Head of Tech Transformation to look at supplier monitoring and provide some concluding remarks.

Highlights Include:

S is for Supplier Monitoring.
Program implementation.
From ongoing monitoring to continuous improvement.
Your Suppliers eco-system.
The role of data aggregators and tech solutions.

Resources

Exiger TRADES Framework

Exiger Website

Brandon Daniels

Erika Peters

The Groundbreaking Guide to Third-Party & Supply Chain Risk Management: How Exiger’s TRADES Framework Revolutionizes TPRM & SCRM in 2021 and Beyond-Part 5, Evaluate Uplift

Fri, 23 Jul 2021 05:05:00 -0000

Highlights Include:

E is for evaluation.
Evaluation at the Strategic Level. The role of the Board.
What is the role at the Program Level? The Tactical Level?
What is the role of senior leadership?

Join us for our concluding episode, when Brandon Daniels and Erika Peters give a review of supplier monitoring and an update on how government and critical industry are leading the charge using TRADES to out-pace threats and vulnerabilities while minimizing third party and supply chain risk management gaps.

Resources

Exiger TRADES Framework

Exiger Website

Brandon Daniels

The Groundbreaking Guide to Third-Party & Supply Chain Risk Management: How Exiger’s TRADES Framework Revolutionizes TPRM & SCRM in 2021 and Beyond-Part 4, D for Determine Mitigations

Thu, 22 Jul 2021 05:00:00 -0000

Highlights Include:

D is for determine risk mitigation.
Solving problems and taking action.
Both critical and creative thinking required.
Coordination with the compliance function.
The Role of Due Diligence.

Join us tomorrow, where we discuss the step, evaluate the TRADES Framework uplift with Brandon Daniels and Josh Thiel.

Resources

Exiger TRADES Framework

Exiger Website

Aaron Narva

Carrie Wibben

The Groundbreaking Guide to Third-Party & Supply Chain Risk Management: How Exiger’s TRADES Framework Revolutionizes TPRM & SCRM in 2021 and Beyond-Part 3, A for Assess Current Risks

Wed, 21 Jul 2021 05:05:00 -0000

Highlights include:

A is for assessing risks.
What is the ESG angle?
Why is the maturity of your program critical?
How do you put this into practice?
Source provenance and authentic markers.

Resources

Exiger TRADES Framework

Exiger Website

Laura Tulchin

Peter Jackson

The Groundbreaking Guide to Third-Party & Supply Chain Risk Management: How Exiger’s TRADES Framework Revolutionizes TPRM & SCRM in 2021 and Beyond-Part 2-R for Risk Methodology

Tue, 20 Jul 2021 05:06:00 -0000

Welcome to a special six-part podcast series, sponsored by Exiger, on the TRADES Framework, a conceptual, strategic and practical guide for Third-Party and Supply Chain Risk Management designed by Exiger to help organizations achieve supply chain resiliency and optimize risk management at any phase of maturity. In this episode, I visit with Theresa Campobasso, Senior Account Manager, National Security and Intelligence and Matt Hayden, Deputy Lead of GovTech Solutions (Former Assistant Secretary of Homeland Security for Cyber, Infrastructure, Risk, and Resilience) on risk methodology.

Highlights Include:

R is for Risk Methodology.
Look at risk from multiple levels.
Determining your Crown Jewels.
Look at Macro Risks.

Join us in our next episode where we discuss how to assess current risks with Laura Tulchin and Peter Jackson.

Resources

Exiger TRADES Framework

Exiger Website

Theresa Campobasso

Matt Hayden

A Change in the System with Dan Zitting

Tue, 20 Jul 2021 04:01:00 -0000

Dan Zitting, previously Chief Product Officer, now holds the title of CEO at Galvanize, a software company that helps its clients achieve their goals and objectives. Tom Fox welcomes him back to this week’s show to talk about fraud risks, and what it means for the compliance professional.

A Period of Change

Rapid change during the pandemic is the main catalyst for the increase in fraud. The move to remote work created new susceptibility to cyber fraud. “The pandemic and the news, and noise created around it, created all kinds of new ways for clever social engineers to talk people into doing things they shouldn't be doing,” Dan explains to Tom. It’s important for GRC professionals to be aware of and ready for change, he adds. We have to realize that change has sped up and will continue to do so in the business environment, regulatory environment, and social justice areas. The rate at which change will increase will be much greater in the future than it has been in the past.

Choosing The Right Technology

Choosing the right technology to support anti-fraud programs is important. GRC professionals have to shift controls and assess risk fast enough to deal with all the changes that are occurring around them. Having the proper technology on hand can help make their jobs easier. “A lot of technology is effectively built around manually filling out forms, and creating workflows between people to capture risk or assess risk or evaluate controls, and that is just far too slow-moving,” Dan remarks. We need to create automation primarily from data and technology that can evaluate very quickly. We also need to be able to leverage machine learning which will help us identify data that we might not have otherwise known.

Fraud as a Bigger Focus & The Importance of Governance

How fraud connects to the broader array of cybersecurity risks makes it a major focus for CEOs and senior executives. Leaders are seeking to learn more and educate themselves on how compliance officials are analyzing and monitoring the risks, something that was not done as often in the past. Interest in governance within the compliance sector is also gaining headway. Dan explains to Tom that organizations need to have overarching governance strategies that dictate how they look at the incoming risks to the business.

Resources

Dan Zitting | LinkedIn | Twitter

Galvanize

The Groundbreaking Guide to Third-Party & Supply Chain Risk Management: How Exiger’s TRADES Framework Revolutionizes TPRM & SCRM in 2021 and Beyond-Part 1, T for Transparency

Mon, 19 Jul 2021 05:05:00 -0000

Welcome to a special six-part podcast series, sponsored by Exiger, on the TRADES Framework, a conceptual, strategic and practical guide for Third-Party and Supply Chain Risk Management designed by Exiger to help organizations achieve supply chain resiliency and optimize risk management at any phase of maturity. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market's biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world's largest banks, Fortune 1000 companies and government agencies and regulators. In this first episode, we consider transparency with Skyler Chi and Tim Stone.

Highlights include:

T is for Transparency. Taking stock.
Using internal and external elements.
What is inherent risk?
What is imposed risk?
3 Levels: Strategic, Program an Entry.

Join us in our next episode, where we discuss the Risk Methodology with Theresa Campobasso and Matt Hayden.

Resources

Exiger TRADES Framework

Exiger Website

Skyler Chi

Tim Stone

The New Digital Normal with Tracy Manning

Tue, 13 Jul 2021 04:01:00 -0000

Tracy Manning is the Director of Financial Crime at LexisNexis Risk Solutions, and is Tom Fox's guest this week on this episode of the Innovation In Compliance Podcast. She is a digital identity and financial crime expert, and currently leads the Commercial Strategy and Product Innovation for Financial Crime Market at LexisNexis. In this episode, Tracy and Tom are discussing the growth of digital transactions in the past year and what issues it may pose for compliance.

The Growth of Digital Transformation

Tracy remarks that the pandemic spurred digital growth, especially digital transactions. Digital commerce grew 44% last year, and its rate of acceleration is about five to seven years ahead. She adds that surveys show that these trends will not reverse, even as the world reverts to pre-pandemic environments.

Greater the Explosion, Greater the Risk

“With this explosion obviously we have greater opportunities, but I think perhaps greater risk,” Tracy says. While the vast growth of digital transformations is a plus and makes for greater opportunities for companies with respect to data, it also poses greater risks. Criminals have found new ways and schemes for evading financial crime control. Tracy explains key ways they leverage the anonymity of these faceless transactions. She adds that the onus is on companies to protect consumer data from these bad actors.

Key Questions & Guidance

Now that businesses are physically reopening, Tom asks Tracy to share some advice LexisNexis gives to companies. Tracy explains that companies are stumped on how they can transform their processes to better identify financial crime risk, create better customer experiences, and meet the emerging regulatory requirements. She adds that the most important challenge companies seek help with is achieving all these simultaneously. LexisNexis counsels these companies to keep their eyes on recent enforcement and newly published guidance due to the emergence of new threat schemes. It’s also important for companies to have a tool that can effectively meet regulatory demands, which can also create an improved customer experience. “Looking at digital identity is very, very critical...Digital evasion requires digital solutions,” she tells Tom.

What’s Next

As digital transactions evolve, Tracy stresses that companies need to evolve their compliance for this new digital normal by applying additional layers of digital identity intelligence within their organizations in a multi-layered approach. “An additional layer of digital identity intelligence is absolutely key to optimizing the customer experience...It can potentially allow you to identify good trusted customers and expedite their experience,” Tracy tells Tom. She adds that to fight financial crime, as well as having an additional layer of digital identity, companies need to have networks of their own.

Resources

Tracy Manning | LinkedIn | Twitter

The Evolution of eDiscovery in Compliance with David Carns

Tue, 06 Jul 2021 04:01:00 -0000

David Carns is the Chief Revenue Officer at Casepoint LLC, an eDiscovery platform for the artificial intelligence space. He is an attorney and technologist who has always been fascinated by the intersection between law and technology. Tom Fox welcomes him to this week’s show as they talk about his current role at Casepoint, the evolution of eDiscovery, and what it means for compliance and compliance professionals.

How Casepoint Has Evolved

Casepoint was initially focused on law firms but, as David explains to Tom, their expertise and knowledge on legal techniques are now spread out to all sectors and segments in the legal industry. The platform of Casepoint has also evolved from consultancy to predominantly software. Its legal discovery platform has moved beyond eDiscovery towards more of a development environment that supports legal workflows. “What Casepoint has become, is for many people a repository of either discovery ready data or data around internal investigations ...it has expanded quite a bit beyond just eDiscovery and its document management for a variety of use cases that we find today,” David tells Tom.

Subject Access Requests

The main challenge with respect to data discovery in Europe is subject access requests. “Companies or individuals don’t necessarily want to avail themselves or their data to US jurisdiction,” David remarks. There is a strong interest in having data centers based in Europe, he adds, along with a desire from European-based companies to use those data centers. There is, however, a concern from people within the EU about the privacy implications surrounding such a move.

The Shift to Cloud-Based Technology

The pandemic transitioned the global working environment to a remote one. With this, came the boost in the adoption of cloud-based technology. David explains to Tom that cloud-based tech has its advantages over on-premise tech in three major ways: convenience, efficiency, and its ability to quickly implement machine learning. It’s much easier for Casepoint to adopt cloud-based applications, and cloud-based tech passively applies machine learning from documents and provides feedback to the appropriate users. For all these reasons, it’s no wonder cloud-based tech was adopted and embraced so quickly during the work-from-home period, and it’s also why it won’t be going away even after we return to the regular work environment, David points out. He predicts that the technology will most likely be used in a hybrid way in the future.

Looking To The Future

Tom asks David what compliance professionals, lawyers, and firms need to be thinking about when it comes to eDiscovery, and data management in the future. David advises that companies and corporations should pay very close attention and keep a handle on all the locations of their data. “If there are only references to URLs or data identifiers, are we making sure that that data is being collected and preserved in a way that can be used for future investigations, litigated matters, jurisdictional issues, those sorts of things?” he argues.

Resources

Davis Carns | LinkedIn | Twitter

Filling Gaps in Data with Blockchain Technology

Tue, 29 Jun 2021 04:01:00 -0000

Brad Moore, the President and CEO of Global Cannabis Applications Corp, started his career in marketing, working at Kodak, where he got an exceptional education in how to sell. His company is creating innovative strategies and solutions in the cannabis space. Always someone to be on the cutting edge of technology. He and Tom are discussing blockchain technology, navigating an industry without nearly enough data, and helping end-users make the best possible decisions.

Push-Pull Education

Brand and brand awareness is how you “cross the chasm” between an idea and the market. In his current industry, there is a cultivator at one end and a consumer at another, but the data and understanding that should help regulatory bodies facilitate communication between the two aren’t available. This means there is a lot of work that has to be done in education. It’s using a push-pull strategy to provide the education required to do certain things or communicate certain things, and that’s the pull strategy – the education, and that is what is going to get the company over the chasm.

Unique Challenges

One of the challenges Brad faces in his company is the huge variances that can occur between plant to plant. It’s not like a formulation that goes into a pill or a vaccine, so the different regulatory bodies have had to make decisions about how to tax and regulate it. To make their products available, they have to abide by rules made by people who don’t have all of the data. Brad is using innovative technologies to try and change that. Advocacy for patients informs a lot of his work, particularly making sure that end users have all of the information that they need to make informed decisions.

The Importance of Branding.

He talked about the Brand “Citizen Green” and what it needed to do for the company and for the market. He makes the comparison to a parent company and its subsidiary brands. Ultimately it means one thing, however, which is better outcomes for medical cannabis patients – Citizen Green, that is what it means.

Process-Driven Approach

Tom asked Brad about the process-driven approach used at GCAC, and Brad describes the different stakeholders involved in the company and the industry as a whole, and how he spent a great deal of time learning from different countries and how they arrange different processes in the industry. This is how they started to identify areas for improvement and innovation. He is now using blockchain technology to help consumers learn about products – which also helps suppliers and retailers get the information they need to provide good service and better products. Thanks to Blockchain technology, there are now user experience data attached to every gram of product, which is critical because plants change.

Partnerships and Looking to the Future

Jeffrey Hayzlett, who Brad first worked with at Kodak has taken a role as chairman of the board at GCAC, and Brad explains how their partnership has evolved over time. This kind of good working relationship with experts is important during uncertain times. Brad goes on to talk about how the blockchain basis of the company has been valuable during the pandemic. He believes that the blockchain mechanism he is using to solve problems in the cannabis industry is going to be very broadly applicable to any business dealing with consumables, or that otherwise deal with a lot of variance in their products.

Resources

Brad Moore on LinkedIn

Cannappscorp.com // Info@Cannappscopr.com

CitizenGreen.io

The Digital Transformation of Compliance with Jesus Fernandez

Fri, 25 Jun 2021 04:01:00 -0000

Tom Fox’s guest on Day 5 of Microsoft Week is Jesus Fernandez. Jesus is the Senior Program Manager at Microsoft. He specializes in data intelligence, risk management, and policy compliance. He joins Tom to talk about his role at Microsoft, data analytics, and its role in compliance, and the future for this industry.

Driving Compliance Through Data Analytics

Tom asks Jesus to explain how he uses data in compliance. Jesus tells Tom that Microsoft uses data to decide which partners to keep conducting business with. Deciding which partners need support and where the company needs to focus its energy is vital, and analyzing the data helps them make those important decisions. Tom remarks that Jesus and his team not only use data analytics to drive compliance but to also help businesses run more efficiently.

Data From a Compliance Perspective

Tom asks Jesus to give an example as to how data analytics has helped improve operations at Microsoft. Jesus responds that it started from looking at data from a compliance perspective: examining deals with Microsoft clients that were suspicious, and paying more attention to them specifically. From that, Jesus explains that he and his team looked at the market of each of the countries in which Microsoft conducts business, to see how it was doing and if there were any deviations from the norm. "We want to look at them - at the partner and the customer ecosystem - and try to see which partners are doing great, which ones are not doing that well and try to connect why those activities could be," he tells Tom.

The Impact of COVID-19 on Digital & Data Analytics in Compliance

The pandemic has helped Microsoft teams to be more comfortable with the use of data analytics. The challenge with this, Jesus explains, is that companies may not be initially receptive to changes in their processes, especially if they have their own data processes that are working well for them. Due to the pandemic, employees are using more technology and are more willing to look at data and improve the way that they are working, based on the feedback they get.

What’s Next

Companies and compliance functions need to rely on more data in the coming years. Jesus adds that experts within our organizations need to be thinking about how data helped them answer some of the questions they may have had. One of the challenges companies will face in the future is that their data may be disconnected or without structure.

Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation at Microsoft.

Listen here to Microsoft Week episode 2, featuring Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group.

Listen here to Microsoft Week episode 3, featuring Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences.

Listen here to Microsoft Week episode 4, featuring Erica Toelle, Senior Product Marketing Manager for Records Management and InfoGov.

Resources

Jesus Fernandez | LinkedIn

Anti-Corruption Technology Solutions

The Future of InfoGovernance and Records Management with Erica Toelle

Thu, 24 Jun 2021 04:01:00 -0000

Tom Fox’s guest on this episode of the Innovation in Compliance podcast is Erica Toelle. Erica is the Senior Product Marketing Manager for Records Management and InfoGov at Microsoft. As a long-time member of the Microsoft community, she has been dedicated to growing the information governance and records management business and listening to customers and partners to make solutions better. Erica joins Tom to talk about her role at Microsoft, and how the info governance and record management space will evolve in the near future.

Improving Operations

Erica loves to help companies improve their operations using technology. It's interesting to work with an organization's compliance experts and help to translate their requirements into Microsoft technology, she tells Tom. “The pace of change in technology has been fast the last 20 years and there are often better ways of doing things, but you have to balance doing things the best way with disrupting productivity and business through change,” she remarks. She argues that it’s better to use a solution that everyone finds easy to use but only has 80% of the desired features, than one that has 100% of the desired functionality but which no one wants to use. “As the compliance person, if you make a solution that's too hard to use because it's your ultimate compliance dream, people are going to use their company credit card to buy a different cloud subscription….or figure out how to share files with people outside the company,” she says.

Translating Microsoft Offerings To Solve Compliance Needs

The main issue Erica sees with respect to translating Microsoft offerings to solve compliance needs is that there aren't clearly defined roles and responsibilities in the organization. “In order to really create a good offering around any of the compliance tools, you have to get the business decision-makers and the business experts together with IT, and then figure out how you want to work together and divide those roles and responsibilities,” she comments.

What’s Next

The records management industry needs to shift its thinking to a more electronic approach. In the coming years, we’re going to see artificial intelligence be leveraged more to deal with the volume of electronic records.

Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation at Microsoft.

Listen here to Microsoft Week episode 2, featuring Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group.

Listen here to Microsoft Week episode 3, featuring Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences.

Tune in tomorrow for episode 5 featuring Jesus Fernandez.

Resources

Erica Toelle | LinkedIn | Twitter

Microsoft 365 Compliance

A Progressive and Humble Leadership to Cybersecurity with Joseph Davis

Wed, 23 Jun 2021 04:02:00 -0000

Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences, is a trained medical practitioner, but his professional background is “almost 100% IT and cybersecurity.” He has always been interested in technology: in medical school he helped develop a program to assist clinicians in diagnosing their patients more accurately. He joins Tom Fox on Day 3 of Microsoft Week to talk about the role of cybersecurity in life sciences and the traits cybersecurity professionals need to do their jobs effectively.

The Role of Cybersecurity

Tom asks, “What is the role of cybersecurity in the healthcare life science industry today?” Joseph responds that it’s a must-have since this industry is considered critical infrastructure. People’s lives depend on keeping systems and processes safe from cyber attacks, he points out. Most medical devices now have communication components such as WiFi or Bluetooth - these are called connected medical devices - so they are vulnerable to cybersecurity breaches which can cause them to malfunction. Joseph tells Tom that it’s more imperative now for providers in the healthcare industry to vet their supply chain, but smaller companies may not have the resources to do so, leaving them more vulnerable to bad actors.

Serve with Humility

Cybersecurity affects every department, so leaders need to get everyone on board. This requires humility, diplomacy and flexibility, Joseph says. Tom asks him to talk about his blog post, Ego and the Role of Cybersecurity Leaders, and why you have to take ego out of the equation. “I like to serve humbly,” he responds. “The focus really needs to be on protecting the organization and safety... I think when we’re so focused on where we are in our career… our focus gets distorted.” Tom comments that most cybersecurity professionals he knows have a calm disposition. He asks why this is necessary and helpful in the role. You have to keep a cool head, Joseph answers. Bad things are going to happen, and many things will be out of your control, so you have to be flexible. “Control lightly” those things that you can control, and always remember that you’re working with a team. Tom quotes Joseph’s blog, “Every trust decision is a risk management exercise.” They agree that every decision - in life and in cybersecurity - carries some form of risk and is founded on trust of the outside world.

Keeping Clients Up-to-Date

Joseph says that his role at Microsoft is “to work exclusively with senior leaders at each of one of my customers to bring them up to speed on the modern workplace and how we're approaching cybersecurity in the more hybrid environment that we're living in now.” He finds that while some customers are eager to embrace innovation, others are entrenched in their traditional methods. “The problem with many of the customers that we have currently is that their approach is fighting the last attack or the last type of compromise that they had; whereas their threat actors are constantly evolving and finding new ways in,” he tells Tom. He and Tom discuss whether the defense and depth approach still has value. Joseph comments that identity has to be considered as well: “Attackers these days they're not really breaking in as much as logging on,” he remarks. He advocates for computer-aided interventions and data encryption as the last facet of security. “You can’t rely on the user to be your last line of defense,” he emphasizes.

Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation at Microsoft.

Listen here to Microsoft Week episode 2, featuring Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group.

Tune in tomorrow for episode 4 featuring Erica Toelle.

Resources

Joseph Davis at LinkedIn

Microsoft Security Blog

Blog post: Ego and the Role of Cybersecurity Leaders

Innovation Through Info Security with Abbas Kudrati

Tue, 22 Jun 2021 04:01:00 -0000

Abbas Kudrati is the Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group and is Tom Fox’s second guest on Microsoft Week. Abbas has spent the duration of his career providing thought leadership, strategic direction, and deep customer and partner engagement through Microsoft’s initiatives and operations. On this episode, he and Tom are talking about a range of topics surrounding info security and Abbas’ role at Microsoft.

The Evolution of Cybersecurity & Its Challenges

When security was first introduced, it was called IT Security, and its primary focus was securing everything within a network behind a firewall. Society has since moved from a firewall to the cloud. The focus on complaints within an organization has also shifted from local to multinational.

End-to-End Security

End-to-end security’s focus is people, process, and technology. Abbas says that focusing on end-to-end security means turning your attention to 14 different domains of policy. It means ensuring that the right people are on your teams and managing the security surrounding that. It means managing data access, business communication security, product security, and supply relationship security.

Risk Appetite & Risk Management

“You cannot implement security without having conducted a detailed risk assessment and understanding what is your current risk appetite,” Abbas tells Tom. When starting the risk management process, Abbas stresses the importance of having a threat model. “Define what are the various threats, and then embed those threats into your risk management,” he emphasizes.

What’s Next

In the near future, the citizens of the emerging South Asian economy will be using the internet much more, and that there will be higher demand for cybersecurity professionals. The demand will be impossible to meet, so there will be more automation. Tom asks him to elaborate on what’s next for Microsoft’s cybersecurity group. Abbas explains that the group is continuously improving its product to be more inclusive, and also that security and privacy are being built into their products by design and not an afterthought.

Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation.

Tune in tomorrow for episode 3 featuring Joseph Davis.

Resources

Abbas Kudrati | LinkedIn | Twitter

Abbas Kudrati book, Threat Hunting in the Cloud

Legal Compliance for The Future with Alan Gibson

Mon, 21 Jun 2021 04:01:00 -0000

Alan Gibson is the current Director of Legal and Compliance Innovation at Microsoft and is Tom Fox’s first guest on Microsoft Week at the Innovation in Compliance podcast. Alan has worked in various fields - from legal to compliance to business. He’s a thought leader and currently involved in helping companies manage compliance risks and measure program effectiveness. He and Tom discuss his role at Microsoft and what companies need to be thinking about in the future with respect to legal compliance.

Data Analytics in Microsoft

Tom asks Alan to explain how Microsoft implements its data analytics program for compliance. Alan responds that the focus was on first identifying which sales agreements and channel partners posed the most corruption risk to Microsoft. “Our compliance team partnered closely with our finance internal audit and our business team to figure out how we could use the data that we were collecting in our sales contracts and from our third parties to create this early warning and monitoring system to identify which contracts needed to be routed for additional compliance oversight,” Alan tells Tom. The business unit and frontline salespeople were then able to use this data to prove to the business leaders at Microsoft that they were identifying risky sales contracts, and this program was built into the business process to manage risky sales.

Challenges in Legal Compliance Innovation

One of the big challenges surrounding legal compliance innovation is helping individuals understand its ecosystem, Alan remarks. Another challenge is that delivering compliance solutions requires stakeholders. “It goes to working with law firms, working with compliance consultants, alternative legal service providers, legal tech vendors, and really helping people understand how all of this ecosystem works together to address these challenges,” he tells Tom. There is also the cultural challenge in that legal services have lagged behind finance and HR and their digital transformations.

What’s Next

Companies have to think about the direction they want their legal departments to go and what steps they have to take to get them there. “They need the greatest contract lifecycle management system,” Alan tells Tom. Companies have to consider whether the decisions they make will allow them to have the capabilities they want in the coming years. “...It's people, process, and technology; you have to think about your solutions or where you want to go on your digital transformation across all three of those dimensions,” Alan says.

Tomorrow’s guest on Microsoft Week is Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group. Abbas and Tom will be talking about innovating cybersecurity.

Resources

Alan Gibson | LinkedIn

Tech - The White Canvas for Creativity with Jedidiah Yueh

Tue, 15 Jun 2021 04:01:00 -0000

Jedidiah Yueh is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Jedidiah is a data innovator, a best-selling author, and the founder and CEO of Delphix. He has spent the last two decades decoding innovation and collecting and testing frameworks that motivate many successful entrepreneurs in technology. Jedidiah has invented software products worth more than $4 billion in sales. He joins Tom Fox to discuss digital transformation and digital disruption, and what companies need to know and do about both.

Technology, Creativity & Evolution

“What's interesting about technology today is it's an incredibly broad white canvas,” Jed begins. Creativity is applied to the development of technology as much as it is to the liberal arts, he tells Tom. “If you think about some of the things that you do as an English major where you're really looking for these themes and these tropes within works of literature… You have to do that for the world of technology as well.” Tech evolves on so many levels that you have to see and analyze, similar to what’s done in literary analysis.

Digital Disruption

When Jed first ventured into tech, his main objective was finding a concept or product that would give him a competitive advantage. He had the idea of taking the backup data from MP3 players and transitioning that into the technology enterprise. Jed says that he knew that the concept would be disruptive and that it would change the industry. “That's exactly what happened over the course of a decade,” he tells Tom.

Delphix

Tom asks Jed why he founded Delphix. In Jed’s previous company, a lot of customers had issues where they had to be restoring data to other locations to be able to use it. The demands for data efficiency had risen. Jed created Delphix to answer this market need. “The idea was we wanted to build a new architecture that was focused on enabling the multi-use of data for all of these strategic and valuable use cases that drive innovation and differentiation for companies,” he remarks.

COVID-19 & Beyond

The pandemic and the relocation to remote work was a profitable opportunity for Jed’s company. There was an acceleration of digital transformation. Tom asks Jed what companies need to focus on in the coming years. “I think companies really need to focus on what is real digital transformation and what is not,” Jed remarks. Real digital transformation changes the way your business operates. The overall ecosystem of the business has to be transformative. “If a company doesn't engage in a digital transformation and make its own data available to itself to make their business processes more efficient, frankly they're going to be left in the dust by their competitors who do so.”

Resources

Jedidiah Yueh | LinkedIn | Twitter

Delphix

The Evolution and Future of GRC with Dan Zitting

Tue, 08 Jun 2021 04:01:00 -0000

Dan Zitting is the CEO of Galvanize and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Dan was the Chief Product Officer of Galvanize before taking up the CEO role. Galvanize is a software company that helps its clients achieve their goals and objectives. Dan and Tom discuss GRC software, the role of GRC professionals, and why data is so important to a company’s operations.

The Evolving Role of GRC

GRC refers to a company's governance, risk management, and compliance capabilities in achieving its objectives. The pandemic has proven that GRC is a valued and impactful asset. As a result, the scope and demand for GRC professionals and their services have accelerated. “We had the ability to work through one of the most pervasive risk issues to come along in decades, and it demonstrated the value of risk management and the value of strong governance,” Dan tells Tom. “Our role is to think about how we can demonstrate that same level of value in all of the other areas of risk that were already on the radar.”

The Cost of Reputational Risk

Tom asks Dan to explain why reputational risk may be more costly than a fine. Dan explains that though reputational risks may be harder to quantify, the time it takes to undo the damage done is significant and tends to have a more lasting impact. “A significant loss of talent or employees and having to go rebuild that reputation and re-recruit...are real costs, and they are often much bigger,” Dan says.

Preventing NonCompliant Conduct

Preventing noncompliant conduct is just as important, even more so, than detecting it. “There are two key things,” Dan begins, “[The first being] the very nature of building strong governance programs in and of itself creates prevention.” As culture shifts, what was previously introduced as a detection mechanism becomes a prevention mechanism. In addition, advancement in technology is helping organizations prevent corrupt activities. Dan gives the example of data analytics and its machine learning model.

GRC in The Future

GRC is going to have a much larger and broader impact on the world because it's a more efficient and impactful way to bring governance into organizations. Dan tells Tom that compliance professionals need to embrace technology more: trying to evaluate governance programs and controls manually is ineffective and time-consuming.

Resources

Dan Zitting | LinkedIn | Twitter

Galvanize

A Digitally Fluid Future with Chenthil Eswaran

Tue, 01 Jun 2021 04:01:00 -0000

Chenthil Eswaran is the Practice Head of Enterprise Solutions at Aspire Systems and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Chenthil leads go-to market strategy, implementation, and is a thought leader in CX Transformation. Prior to his current role at Aspire, he held application development, application maintenance, and managerial positions. On this week’s show, he and Tom are talking about cloud and data storage, data security, and how compliance professionals can create a digitally fluid future for their companies.

Cloud Adoption

The pandemic caused businesses that were initially hesitant to engage in digital transformation to upgrade their operations. Chenthil tells Tom it’s a perfect time to take stock of the impact of cloud power on business applications. “We need a collaborative tech ecosystem that allows both systems and cloud applications to work in unison,” he remarks. “That way you get the ability to shift certain workloads to the cloud-based on the evolving demands. Basically, you should be able to prepare for the future without complicating the present.”

Best of Breed, All in One

There are two approaches to SAAS-based solutions: best of breed, and all-in-one. Best of breed describes a solution that is specific to certain types of work processes. Best of breed helps solutions establish a digital transformation strategy that’s decentralized, and for enterprises with multiple locations and time zones. All-in-one means looking for comprehensive solutions which cover the requirements pertaining to a specific industry. It is preferred by highly centralized enterprises, and the solutions are fully integrated.

Digitally Fluid Future

Chenthil tells Tom that the pandemic changed his company’s approach to business by essentially forcing them to change their mindset. Their focus became more on remote agility, scalability, and innovation. “We are now very keen on being prepared for a digitally fluid future which may call for 100% remote working efficiency anytime,” he says. Unless companies are aggressively going digital, they will be unable to meet the aggressive demands of their customers.

What’s Next

Tom asks Chenthil what compliance officers and executives need to think about as digital businesses evolve in the coming years. “They need to be more agile and tuned in to modern user demands,” Chenthil says. Autonomous business applications will play a big part in this as well, as this will be the future. “The decentralization of security controls will take prominence, and it will help enterprises keep remote issues undercurrent,” Chenthil tells Tom.

Resources

Chenthil Eswaran | LinkedIn

Aspire Systems

Building the Podcast Community with Zach Moreno and Rockwell Felder

Tue, 25 May 2021 04:01:00 -0000

Zach Moreno and Rockwell Felder are the co-founders of SquadCast. Their company’s mission is to make it easier for their clients and their clients’ guests to have meaningful conversations while offering the best quality in remote locations. Zach is a podcaster, an author, a developer, a designer, and an artist. Rockwell is a CPA and an entrepreneur. Zach and Rockwell join Tom Fox on this week’s episode to talk about collaboration, the podcast industry, and the ways Squadcast helps its clients.

Origins of Squadcast

Squadcast was founded to fix the problem of poor quality technology within the podcast community. Zach and Rockwell tell Tom how they started the company: “When [Zach] approached me with this idea...I was really ready and the fact that it was rooted at this intersection of podcasting and remote collaboration, which he and I think we're very fortunate to be exposed to early on in our career,” Rockwell says. Building a product that helps creators collaborate in a high-quality manner just made sense to him and Zach.

Growth & Viral Cycle Time

Tom asks how Squadcast has grown. In response, Zach brings up the concept of “viral cycle time.” This metric looks at the technology a podcaster uses, and how quickly they invite someone to collaborate with them on that platform or technology. “For Squadcast, the magic really comes from inviting a guest, connecting with them and recording together and having a flowing dialogue where the technology just kind of fades into the background,” Zach says. The biggest element of Squadcast’s growth comes from other people collaborating and experiencing the platform for themselves.

The Podcast Community

The podcast community is beautiful and welcoming, Zach emphasizes. He tells Tom that when he and Rockwell first launched, they were welcomed with open arms. “The community was so open and welcoming to Squadcast and us as new individuals and that is something that was magical that first time… and also something that we've continued to experience,” he says. It is a community of support, and where the creators of podcast shows are all collaborating with each other. “Amongst the content side of things, it's very open and very collaborative, and I think that's something that's pretty unique to podcasting.”

What’s Next

Zach tells Tom that he’s most excited about expanding Squadcast’s team. Hiring different team members and establishing a larger organization is a big focus for this year, he remarks. Maximizing their opportunities in software engineering, marketing, and sales is another venture as well, Zach says. Squadcast will also be launching a new product category called Remote Content Production, which is a foundation that applications will be built on. Another major release from Squadcast also on the way will be its collaboration with Dolby.

Resources

Zach Moreno | LinkedIn | Twitter

Rockwell Felder | LinkedIn | Twitter

Squadcast

K2's Integrity Matters - Gabe Hidalgo on Cryptocurrency Regulation

Tue, 18 May 2021 05:01:00 -0000

In this special episode of K2's Integrity Matters podcast series, I visit with Gabe Hidalgo. Hidalgo is a Managing Director at K2 Integrity. He has 20 years of legal, regulatory compliance, and Anti-Money Laundering (AML) experience working with wholesale and retail banks, FinTech companies, broker/dealers, and money services business entities. Hidalgo is a recognized subject-matter expert in the cryptocurrency and digital assets market and is able to help clients navigate and mitigate Bank Secrecy Act and Anti-Money Laundering (BSA/AML) compliance risks. In this podcast, we take a deep dive into the current issues around cryptocurrency regulation and where they may be headed down the road. Some of the highlights include:

The Current Landscape

Consumer and institutional push into crypto.
NFTs are growing in popularity. What is the significance?
Heavy institutional hitters buying in of late. Is the little guy now cut out?

Current Regulatory Climate

Alternative currency has gone from to an asset class being bought and sold for investing.
What are the views of Gary Gensler and where might the SEC go in terms of regulation and enforcement?
IRS and taxation issues.
What are the benefits of a strong regulatory environment for both the financial system as well as the companies in it?

Into the Future

Inevitability that there will be more regulatory guidance and rules; you have more and more mainstream institutions ready to buy or invest.
Whenever you have that much interest, the government has to get involved from a risk mitigation standpoint, and consumer protection standpoint.
Who is going to oversee it? Why types of products? Who falls in those product classes?

For more on K2 Integrity, check out their website, here.

Reframing The C-Suite Network with Jeffrey Hayzlett

Tue, 18 May 2021 04:01:00 -0000

Jeffrey Hayzlett is a global business celebrity, the CEO of The Hayzlett Group and the founder of The C Suite Network. He is a primetime television and podcast show host, author, and a keynote speaker. As a leading business expert, Jeffrey has shared his insight and expertise through various television networks and around the world via his travels. Tom Fox welcomes him to this week’s episode as they discuss the C-Suite Network, diversity, and the effects of COVID-19 on executives.

Pivoting in The Pandemic

The pandemic made Jeffrey and his team consider what they could do differently about their network conferences. “It really got down to the fundamental piece . . . we really don't have to be together, meaning face-to-face to do the work that we need to do,” Jeffrey tells Tom. Tom remarks that this approach transformed the C-Suite Network as its membership grew exponentially. The key element, Jeffrey stresses, is that everyone wants to come together to do something together, and to learn and share each other’s expertise.

Having the Hard Conversations

As executives, we need to have the difficult discussions surrounding diversity no matter how uncomfortable they may make us. “I think we all think we know what we know, and we all think we know what other people go through; and we don't,” Jeffrey says. We need to have frank and open discussions around diversity, and stop trying to coach our language, and just address these topics and issues. We should approach these conversations with the understanding that we don’t intend to hurt anyone.

The New Normal

Jeffrey tells Tom that the way we usually conduct our errands and our business will change post-pandemic. “I don't think you're going to have certain things go back to the way what people would say is normal, we're going to have whatever normal is.” Business events will also be smaller in capacity, Jeffrey states. “There's gonna be a real hybrid,” he comments: events will be partly face-to-face and partly online.

Resources

Jeffrey Hayzlett | LinkedIn | Twitter

The Hayzlett Group

The C-Suite Network

Compliance, Diligence and M&A: Part 5-Integration Issues After Deal Closure

Fri, 14 May 2021 05:01:00 -0000

Welcome to a special five-part podcast series sponsored by K2 Integrity. In this series, we have considered the intersection of compliance, diligence and mergers & acquisitions (M&A). I have been joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this concluding episode, I visit with Tom about integration issues after deal closure.

I hope you have enjoyed this special K2 Integrity sponsored series on compliance, diligence and M&A. For more on K2 Integrity, check out their website, here.

Compliance, Diligence and M&A: Part 4-Deals Through a Global Lens

Thu, 13 May 2021 05:01:00 -0000

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this episode, I visit with Tom about deals through a global lens.

Join us tomorrow for our final episode as we consider some post-closing integration issues.

For more on K2 Integrity, check out their website, here.

Compliance, Diligence and M&A: Part 3-Blinded by Familiarity, Avoiding Potential Reputational Issues

Wed, 12 May 2021 05:01:00 -0000

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this third episode, I visit with Hannah on how to avoid being blinded by familiarity so that potential reputational issues do not surprise you down the road.

Join us tomorrow as we consider deals through a global lens.

For more on K2 Integrity, check out their website, here.

Compliance, Diligence and M&A: Part 2-Concerns in Deal Making

Tue, 11 May 2021 05:01:00 -0000

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this second episode, I visit with Tom on concerns in the current deal making scene.

Join us in our next episode where consider avoiding potential reputational issues.

For more on K2 Integrity, check out their website, here.

Modernizing Compliance with Kayvan Alikhani

Tue, 11 May 2021 04:01:00 -0000

Kayvan Alikhani is the CEO and co-founder of Compliance.ai, a company dedicated to empowering professionals with the smartest regulatory and compliance change management platform. He has over thirty years of experience and expertise in software and cybersecurity. Tom Fox welcomes him to this week’s episode as they discuss modernizing compliance practices and helping risk practitioners do a better job of managing risk.

Red Tech

It used to be that compliance professionals could manage the pace and complexity of regulations and changes happening around them with simple tools. Presently, the scope of changes and complexity has increased, giving rise to a set of modern solutions that can capture, monitor, and take action on these changes. This modern technology is called red tech.

Compliance Meets AI

Tom asks Kayvan to explain what ‘Compliance meets AI’ means to him. Kayvan responds that it means using AI to help compliance professionals make regulatory changes. “Artificial intelligence emerging as a stable, reliable, and cost affordable…. allows for you to model a set of behaviors and be able to predict the outcome of a basically new behavior, or map behavior to a specific classification,” he tells Tom. He explains the necessary components that would make AI work in compliance.

Compliance.ai & Why It’s Unique

Kayvan founded Compliance.ai to answer the question of what can be done in terms of automation. His company removes the “speed bump” users encounter when accessing regulatory content. Content is curated within hours as opposed to days, weeks, and months. Simplifying the tasks of compliance officers allows them to have more time to assist their organizations with changes that may be happening at that particular time. Simplicity enables the organization to convey the proper message to its stakeholders more rapidly.

COVID-19 & Beyond

Kayvan tells Tom that due to the pandemic, his business got more focused on adding business continuity and improving business resiliency policies and making those policies accessible from anywhere at any time. Tom asks him what to expect in red tech risk and compliance in the coming years. “As more and more organizations start building these types of solutions we're going to see the formation of alliances across the sector where compliance is no longer used as a competitive advantage,” he explains. “The push for privacy regulations is going to be a big catalyst as well in terms of the common practices that are used both for maintaining data protecting data sharing data.”

Resources

Kayvan Alikhani | LinkedIn | Twitter

Compliance, Diligence and M&A: Part 1-Core Investigative Diligence

Mon, 10 May 2021 05:02:00 -0000

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this first episode, I visit with Hannah on issues relating to core due diligence issues.

Join us in our next episode where consider concerns in today’s deal making scene.

For more on K2 Integrity, check out their website, here.

Cybersecurity and the Importance of SOC with Justin Beals

Tue, 04 May 2021 04:01:00 -0000

Justin Beals is the CEO and co-founder of Strike Graph, a company helping customers get through their cybersecurity audits. He’s a serial entrepreneur with expertise in AI, cybersecurity, and governance. He founded Strike Graph with the goal to make cybersecurity standards easy to understand and easily accessible. Tom Fox welcomes him to this week’s show to discuss cybersecurity, auditing, and building maturity within an organization.

SOC/SOC2 Audit

Justin explains to Tom the origins of SOC: it was created to ensure that third-party vendors who trade with public companies, and the public companies themselves, were implementing effective cybersecurity practices. SOC2 Audit is a cybersecurity standard that focuses on security within an organization in a number of ways including HR practices, code of conduct, and other compliance liability issues. SOC2 analysis is about how data is encrypted and how new codes get put on servers. “The achievement of something like a SOC2 represents two things: one is an organizational maturity and the second is an assessment of that maturity by an independent party,” Justin tells Tom.

Trust is Currency

Tom asks Justin to share a few tips for when hiring a SOC2 auditor and why it is necessary. “The selection of the right auditor is important strategically because you're going to want to work with them for a while. Generally, you want to go back to the same auditor [because] it's more efficient,” Justin responds. Auditors we are familiar with know our practices and can measure them well. He points out that buyers and investors will pick the more trusted company; a company that has done a SOC2 audit is preferred over a company that hasn’t. Trust is what drives them and is what will influence buyers’ decisions.

COVID-19 and What’s Next

Tom asks Justin to reflect on how the pandemic has affected Strike Graph. Justin remarks that his business was established during the pandemic and is a remote work organization. He adds that interest has grown due to the pandemic, and it helped build his company’s success. With the pandemic, certifications and audits are great tools that can help build trust with customers. Justin remarks that in the future, it’s going to be more commonplace to expect vendors to share any form of private information to achieve audits or certifications.

Resources

Justin Beals | LinkedIn | Twitter

StrikeGraph.com

Reimagining Training with Rashelle Tanner

Tue, 27 Apr 2021 04:01:00 -0000

Rashelle Tanner is the Director of Compliance Learning Program at the Office of Legal Compliance at Microsoft. A senior attorney, she is responsible for the trust and integrity learning program for Ethics and Compliance. Rashelle develops and delivers learner-centered anti-corruption and ethical decision-making courses that empower employees to do business the right way. Tom Fox welcomes her to this week’s show to discuss how compliance professionals can incorporate and promote integrity in training, and how to reimagine training in innovative ways for the organization’s ultimate benefit.

The Importance of Integrity

Tom asks Rashelle to explain why integrity is integral to compliance. She stresses that people have to follow rules not just because they’re there, but also because they feel motivated to do so. The focus on “doing the right thing” is becoming less on what you can and cannot do, and more on your day-to-day decisions. Focusing on integrity will help you make more ethical decisions.

Compliance and Integrity Through Storytelling

Rashelle tells Tom about incorporating integrity training through the use of storytelling. She describes how her team takes employees through compliance-related scenarios, and ethical issues, with characters based on workers at all levels of Microsoft. The episodes are based on what motivates people, and how it impacts their decisions. Rashelle remarks that this venture has helped build employee engagement and continues to encourage them to get involved with compliance training. She stresses the importance of keeping the content suspenseful to grab employees’ attention; however, it must also stand alone so that anyone can follow along. It also needs to have specific language in the given content in order to reach the target audience.

Diversity and Inclusion in Compliance

Tom switches to the topic of diversity and asks Rashelle her thoughts on the role of diversity and inclusion in compliance, and how compliance departments can drive that conversation forward. He adds that diversity is natural while inclusion is completely different. Diversity is getting one’s foot in the door while inclusion is being completely embraced and listened to. Rashelle stresses that inclusivity is a responsibility, and one she and her team emphasizes at Microsoft, and even within their serial training programs. She states that representing all walks of life in their episodes is a way of reaching not just their local employees but their international ones as well and making them feel seen and heard.

Resources

Rashelle Tanner on LinkedIn | Twitter

The Learning Guild

Mapping Out Process with Stacey Hanke

Tue, 20 Apr 2021 04:01:00 -0000

Stacey Hanke is an author, keynote speaker, and the founder of Stacey Hanke Inc. The goal of Stacey Hanke Inc is to help leaders become their true selves by equipping them with the tools to increase their confidence and authenticity. Tom Fox welcomes her to this week’s show as they discuss influence and how it can help leaders and people who simply wish to learn how to become better employees.

The Importance of Consistency

Tom asks Stacey to explain why consistency is critical to influence. Stacey expresses that it shows our peers, customers, and employees who we truly are as business leaders. Consistency in all forms within your organization - from how you answer messages and calls, to how you show up for interactions - builds trust. The moment we stop behaving consistently, we run the risk of individuals second-guessing who we are, and that creates a break in trust. Trust is the backbone of influence. Trust comes from respect, and they both work together to drive influence, so leaders have to stay consistent and reliable.

Deliberate Practice

“What’s practiced in private, gets rewarded in public,” Stacey says, quoting Michael A. Jordan. She adds that the training and mentoring she does is about what she calls “deliberate practice.” Deliberate practice is focusing on a different aspect of whatever skill you wish to work on, and practicing each aspect on a different day. It’s the mindset that every time you show up, it’s an opportunity to practice the whole idea of influence. It’s to practice as you’re delivering.

Influence Virtually

Tom asks Stacey to explain how leaders can maintain their influence in a virtual environment. Stacey gives an anecdote of how she and her team went about doing so. She stresses writing down how you influence, engage, and interact in person, and then applying the same concepts to virtual meetings. She also advises leaders to adapt their messages based on where their listeners are.

False Feedback, and The Influence Model

“We don’t know what we don’t know,” Stacey says. She tells Tom about being given false feedback and gives the analogy of being a professional athlete being praised all the time. The true meaning of influence, she points out, is really consistency. Tom asks her to explain her influence model. She responds that it’s like a triangle with three “key drivers”: feedback, deliberate practice, and accountability. Feedback is what works and what doesn’t, and you can only build the feedback on deliberate practice. The final component is accountability which is simply improving our influence through the coaches in our lives.

COVID-19 has exposed the lack of consistency in influence now that we’ve all been pushed into a virtual environment. Adaptability to new platforms and to people should be our focus moving forward.

Resources

Stacey Hanke | LinkedIn, Twitter

StaceyHankeInc.com

Smart Automation for Risk Management: Bonus Episode-Integrity Analytics Collective

Fri, 16 Apr 2021 05:07:00 -0000

Today, we wrap up our multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc., with a special bonus episode where Parth Chanda, Founder and Chief Executive Officer (CEO), and I discuss Lextegrity’s Integrity Analytics Collective.

What is the Integrity Analytics Collective? I put that question to its founder Chanda. He related that it was launched in 2020 “in partnership with nearly a dozen partner organizations from across the world.” It’s ultimate goal is to “collaborate with thought leaders to further democratize data analytics for organizations of all sizes globally.” The Collective brings together the practitioners from member organizations “who are really ‘into the weeds’ practitioners, they are thought leaders in those organizations and they bring all of us together with as well.” What we all have in common is “a desire to raise the standard of data analytics for everyone who wants access to them.”

The Collective wants to help organizations of any size in the world to accelerate their data analytics as well as their automation efforts. At the core of the collective is building out a library of advanced data analytics, coupled with the ability to create analytics on the fly, through an out of the box solution. The Collective approaches data analytics in a way that opens up data analytics up to any organization. Chanda said, “it’s an ecosystem that we’re creating of ethics and compliance professionals to continue to add new analysis of the platform regularly, including new risk domains.”

The Collective has members from companies as small as under 100 to companies with thousands of employees. Chanda stated, “we understood very early on that this is going to be a massive a cross industry, cross ecosystem effort. Each of those partners has a different perspective on things. Some of them are focused more on behavioral science element of ethics and compliance. Others are really focused on the forensic auditing perspective, the policy and rules-based perspective. We wanted to really have stakeholders from across the knowledge spectrum.” All the while recognizing that “the baseline of analytics is fairly standard. This means if you bring in a forensic auditor to do an investigation, they’re going to have a standard tool set for fraud and corruption analytics that are fairly standard. That is the concept we’ve really democratized. Yet, with an analytics engine, while the standards are fairly democratized and standard across companies, they need to be largely configurable based on the industry, the business model and frankly historical issues.”

The goal of Lextegrity is to take insights, best practices and other information from its Collective partners and then incorporate them into your tools, modules and workflow modules. At the end of the day Lextegrity will have a more robust platform, which it will then share back with the partners or others in the compliance team. Chanda said, “part of our mission with the Collective is really to empower a lot of these expert organizations that do advisory work and provide them options to provide data analytics and automation to their clients, because they are the experts in their space. Again, it is really a difference in model for a software product company.” Moreover, “If there are new analytics, new ideas, new approaches that have worked for others, we want to know about them and make them available in the marketplace.” Chanda believes that it gives everyone a shared commitment to really move the needle forward for organizations and their risk management efforts to build this thought leadership ecosystem around data analytics.

For more on Lextegrity, check out their website here.

For more information on the Integrity Analytics Collective, click here.

Smart Automation for Risk Management: Part 5, Integrations and User Experience

Fri, 16 Apr 2021 05:00:00 -0000

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over this series, we have visited with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We have looked at the Lextegrity Product Suite, taken a deep dive into continuous risk monitoring, considered pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 5, I visit with Bonitatibus on integrations and the user experience.

We began with data integration, which is one of the biggest challenges facing every Chief Compliance Officer (CCO), compliance professional and indeed corporate compliance function. Bonitatibus said the starting point is to create software solutions that are intuitive, data-driven and integrated. Lextegrity has created various integrations in the pre-approval application, core integrations include HR systems, which are used to support approval logic. It also includes routing requests to an immediate manager through workflow. Next there is a prebuilt integration with a database check of sanctions, state owned entity and adverse media information. There can also be embedded and automated screening directly into any of the workflows. This can provide through put our third-party due diligence application process and compliance approver procedure. She ended by noting, “we have a pretty tool set that we can offer our customers with respect to integrations.”

We ended by looking down the road for Lextegrity. Bonitatibus is very excited about some of Lextegrity’s future vision and priorities. The company is very focused on continuing to prioritize integrations across the entire product suite to really continue to evolve the end-to-end solution and continue to break down those silos of managing spend risk and risks in general. The company will also continue to expand the analytics embedded in the workflow technology. Finally, and hopefully to the delight of Lextegrity customers, they want to have more and more powerful reporting and analytics and visualizations across all of the products. Great visualizations are as much of an art as they are a science. Yet Bonitatibus sees them as a very powerful tool. Lextegrity wants compliance professionals to “think of our products as a roadmap, where everything is modular.” This allows building out an entire end-to-end solution in a manner where can start on the journey and expand out “wherever it’s most helpful and beneficial to you. We would love to work with companies to take their compliance programs to the next level.”

Join us for our concluding special bonus episode, where Lextegrity Founder and Chief Executive Officer (CEO), Parth Chanda visits with me on the company’s Integrity Analytic Collective.

For more on Lextegrity, check out their website here.

Smart Automation for Risk Management: Part 4, Pre-Approval and 3rd Parties

Thu, 15 Apr 2021 05:00:00 -0000

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series, we are visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We have reviewed Lextegrity Product Suite, taken a deep dive into continuous risk monitoring, considered pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 4, I visit with Bonitatibus on pre-approvals and third-party due diligence.

We began with a discussion of the pre-approval process and third-party due diligence monitoring tools that Lextegrity has developed. Bonitatibus initially noted that often times the business folks see the compliance function as the department of holding things up. This led the Lextegrity team to look at questions such as “how do you build a system that is easy to use, intuitive gets users in and out of the system and gets them the answers they need as quickly as possible?”

The Lextegrity difference is that it can build workflows unique to your business. Bonitatibus noted the solution has workflows in 14 languages, soon to be 20. It can provide customers with template content, across multiple questionnaires. There is a library of content which based on an internal review of enforcement actions and other public source documents, all of which are configurable. She went on to say, “we implemented multiple workflows in over a dozen languages in a hundred countries and less than 90 days, in a new tech driven compliance program. That’s what makes our software really powerful.”

We then turned to the question of how companies are in many cases not using the pre-approval workflows efficiently. One of the pillars of Lextegrity is to be more data driven across all of our products, including in the pre-approval workflow. “The Lextegrity solution embeds analytics and thresholds directly into the preapproval process, which provides approvers with data to inform their decisions. This means you are not simply looking at the information which is provided by the submitter or the requester. It expands out to things like aggregate spend and aggregate frequency. For example, how many gifts has this government official already received? How much has this particular healthcare professional received in the context of a meal or a consulting fee?”

Join us tomorrow where explore integrations and the user experience with Bonitatibus.

For more on Lextegrity, check out their website here.

Smart Automation for Risk Management: Part 3, a Holistic Approach to Risk Monitoring With Data Analytics

Wed, 14 Apr 2021 05:00:00 -0000

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series we will be visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We are reviewing the Lextegrity Product Suite, taking a deep dive into continuous risk monitoring, considering pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 3, I conclude my two-part visit Miller about risk monitoring with data analytics.

We began with the Department of Justice’s (DOJ) 2020 Update to the Evaluation of Corporate Compliance Programs, (2020 Update), which mandated for the first time that compliance practitioners and the corporate compliance function have access to a company’s data lakes. Miller believes the DOJ 2020 Update has really been an eye opener for a lot of risk professionals and companies out there that they “need to do better.” Compliance professionals should have access to their own data as risk professionals, they need to have a plan and an actual program to monitor their company’s data. This works directly on the first two prongs of any compliance program; to prevent and detect actions which could be fraudulent, corrupt such as bribery, or other actions which could put your company in danger. This is even more true in 2021 as the DOJ is ramping up their enforcement efforts. Lextegrity provides a continuous monitoring solution that provides compliance and audit teams with a comprehensive way to keep a pulse on transactional spend and revenue risk.

Miller emphasized the key is that your continuous monitoring solution should be flexible and curable to your specific company. The Lextegrity platform provides analyses that are broken out in a variety of areas to look for specific types of risk in that general risk-based area. It allows you to identify transactions that could be associated with some wrongdoing like bribery, corruption or fraud. However, what many compliance professionals struggle with is separating the wheat from the chaff. In other words, they are bogged down in the details of a transaction such as gifts, travel and entertainment (GTE) spend, lack of approvals on discounts or third-party issues and do not have the ability to step back and look at a bigger picture.

We concluded by considering what connecting all these dots might look like. Miller said that by “connecting the dots of risk you start to see other things happen, you catch an exception in this area and now you say, well, so-and-so was a major part of that. Let’s see what else they’ve touched in this area or looking at the cross impact between employee spend and vendor spend, and then be on that in the compliance space”. You can also cross-reference hotline reports, due diligence metrics, audit reports, training completion data and indeed “all this other program information that compliance has a hand into that can feed into this transactional data.” It can truly provide to you the broadest look at your compliance risk.

Join us tomorrow where we explore pre-approvals and third-party due diligence with Kara Bonitatibus.

For more on Lextegrity, check out their website here.

Smart Automation for Risk Management: Part 2, Risk Monitoring With Data Analytics

Tue, 13 Apr 2021 05:00:00 -0000

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series, we will be visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We will look at the Lextegrity Product Suite, take a deep dive into continuous risk monitoring, consider pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 2, I begin a two-part exploration Miller about risk monitoring with data analytics.

We began with a discussion about what a continuous monitoring solution is. Miller said that it “provides compliance and audit teams with a comprehensive way to keep a pulse on transactional spend and revenue risk in their enterprise.” The Lextegrity application “features a library of dozens of prebuilt risk data analytics across a spectrum of focuses. We have risk-based statistical behavioral and policy-based, but really the key to our analytics is they are so configurable and contextual to your specific risks or your lines of business or the historical issues that your organization may have had so that the risk algorithm is actually tailored to your business and your exposure and not, um, some static configuration.” It can connect to a wide variety of EPR systems such as SAP, Oracle, Concur, Workday and others.

The Lextegrity approach is different as it is focused on prioritizing your efforts within this monitoring of spend and revenue data, seeing the full context of the transaction and its risk results altogether, so that you can focus on the risk of that as a whole. It also is more risk focused and less control focus. Miller related that the Lextegrity “scoring algorithm is calculated at an aggregated level across multiple analytics to help you cut on the false positives and the noise as well as to then better prioritize your transactions in line with risk parameters that you set.” The solution connects with our approval workflows, our pre-approval tool, as well as workloads within this specific tool, enabling specific analytics, such as validating your approved amounts, against your actual amounts and those people that you actually said you were going to pay is who you paid.

The Lextegrity solution can also take your third-party due diligence results and increase the risk scores of transactions with “high risk-third parties, as well any low risk third parties which are showing up in high-risk expense categories, beyond transactional risk scoring and highlighting the higher risk transactions for further review.” All of this allows the compliance professional to go “in and actually explore your data with that augmented risk detail and drill into different dimensions of your data, maybe geographic, maybe a subject, or a specific subject type or that spend nature.” All down into the actual transactional level of data.

Join us tomorrow where I continue my exploration of continuous risk monitoring with Miller.

For more on Lextegrity, check out their website here.

Fixing the Cadence Mismatch with Anil Karmel & Travis Howerton

Tue, 13 Apr 2021 04:01:00 -0000

Tom Fox’s guests this week are Anil Karmel and Travis Howerton, co-founders of C2 Labs. They both had leading positions in the government’s nuclear weapons program and left to found their company. They and Tom talk about “fixing the cadence mismatch” between digitally transforming heavily regulated industries and the need for compliance.

Technology vs Compliance

“Business processes in heavily regulated industries are built to standardize the way systems are built, designed, deployed and to protect the organization,” Anil remarks. “So you know really to transform technology business processes need to also be transformed… There's really been this need to fix this cadence mismatch between the need to be compliant and the need to modernize technology.” Travis adds that two-thirds of organizations find digital transformation challenging. Their goal at C2 Labs is to help clients modernize their business processes using technology tools, while maintaining compliance, and even reducing cost and risk.

RegOps in Compliance

“One of the things we've heavily focused on,” Anil tells Tom, “is bringing DevOps to compliance in something we're calling regulatory operations or RegOps - where now you have the ability to transform the culture coupled with the tools to allow compliance professionals to quickly develop and deploy applications and ensure that they are continuously compliant, to simplify and automate regulatory compliance in real time.” Travis comments on the value of automating repetitive processes: it allows humans to focus on analyzing data and making better decisions based on that data. Tom asks if they advocate data visualization. Travis responds, “Our focus is making sure that you're capturing the right stuff in the right way and the most cost-effective way, and that it's driving real world risk reduction and improving compliance posture.”

Digital Transformation in Action

Tom commends C2 Labs’ philosophy of ‘digital transformation in action’. He asks the men to describe what the term means to them and why they believe in it. Anil posits that “digital transformation is going to disrupt nearly every company and organization on the planet over the next decade.” The problem, especially in highly regulated industries, is making that transformation a reality. He describes C2 Labs’ approach, which is heavily based on automation of useful and necessary processes. “Automating stupid is not an accomplishment,” he quips. The best technology is useless if you don’t stay compliant, however. As such, the company ensures that every improvement has an audit trail and is compliant with regulatory guidelines. Anil and Travis tell Tom how their company handles audit trails, including their Time Travel feature.

The Future of Compliance

“Where do you see this journey going around digital transformation five years or maybe even 10 years down the road?” Tom asks. Anil and Travis respond that digital transformation is an inevitable part of the next few years, and how ready you are for it will determine the fate of your company. You need continuous compliance to manage digital transformation, so there must be both a cultural as well as technological transformation in the compliance space. The question to answer is, “How do we help optimize the implementation of these regulations in a way that's repeatable, that gets the outcome that was intended without it being the drain on business?” Their compliance manifesto outlines a set of principles that can guide the discussion, they tell Tom.

Resources

C2Labs.com

Anil Karmel on LinkedIn

Travis Howerton on LinkedIn

Smart Automation for Risk Management: Part 1, Introducing Lextegrity

Mon, 12 Apr 2021 05:00:00 -0000

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series, we will be visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We will look at the Lextegrity Product Suite, take a deep dive into continuous risk monitoring, consider pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 1, we meet Chanda, Miller and Bonitatibus who introduce Lextegrity and the Lextegrity Product Suite.

Lextegrity began through a frustration Chanda had with the then products available to him for a compliance solution from the data analytics perspective, which would utilize data for risk management. Out of this frustration, Lextegrity was founded by subject matter experts across compliance, legal and audit disciplines with a real passion for risk management. Chanda wanted to combine more powerful tools with a world-class user experience all in a software solution. This comprised a more powerful and highly flexible automation and workflow technology integrations with other enterprise systems. So, we thought “why not build that dream software solution that we all wished when we were in house, focused software suite focused on spend and counterparty risk, including fraud, bribery, corruption, asset misappropriation, sanctions, conflicts of interest, and then addressing those risks using workflow as well as data analytics across the lifespan of those risks.”

Chanda noted that within the space of digital transformation for risk management, Lextegrity is “right at the center of that transformation. Lextegrity has a workflow solution on one side that can really manage any workflow. The common ones are a third-party due diligence, conflicts of interest gifts, and hospitality, even industry specific workflows like HCP engagements and grants management for our life sciences customers.” Chanda said the Lextegrity system also creates workflows that integrate with Human Resources (HR) and financial systems to implement more powerful controls. “We have customers who approved donations in our system. We also have customers go to SAP to initiate the payment process, which connects to the Lextegrity system so that adds another layer of control.”

Chanda went on to explain that Lextegrity has “a risk monitoring data analytics solution that connects with ERP systems, HR systems to risk score, every single transaction, together with workflows to manage those transactions visualizations and to visualize that enterprise risk as well.” The bottom line is that “data really is at the core of what we’re doing, but it’s really, even more than that. We are really trying to solve internal control problems for our customers.” All of these factors have led to the emergence of Lextegrity as one of the most powerful risk and compliance platforms in the compliance space. Chanda noted that the Securities and Exchange Commission (SEC) specifically cited Lextegrity software in Alexion Pharmaceuticals’ Foreign Corrupt Practices Act (FCPA) resolution as part of their remediation credit, “which also helped them avoid the monitor”. Further, nearly 50% of the Lextegrity customer base today has selected the company’s products after a publicly disclosed FCPA matter. Lextegrity is “consistently being turned to help remediate programs, which gives us opportunities to be in front of authorities.”

Join us tomorrow where begin an exploration of continuous risk monitoring.

For more on Lextegrity, check out their website here.

Lessons About Leadership and Security with Paul Clayson

Tue, 06 Apr 2021 04:01:00 -0000

Paul Clayson has an interesting and eclectic career history: he went from real estate to politics - including working for two US Presidents - then to corporate finance and investing. He tells Tom Fox about his experience working as CEO of several technology companies after which he moved into consulting. He first consulted for AgilePQ, his present company, and was asked to join as CEO. Paul joins Tom to discuss the top lessons he learned as CEO, as well as security for technology in the present and future.

Timely Intervention

“...Encryption and security technology has lagged the development of computers,” Paul tells Tom. Computers are becoming smaller but existing encryption is too large to fit on these small devices. As a result, very few IoT devices have security on them. Paul feels strongly that it’s time to “catch up”.

Leadership Lessons for CEOs

Tom asks Paul to share his top leadership lessons as CEO. Paul says:

The CEO has more bosses than any other position in the company;
Your job as CEO is to get the best people and then create the environment for them to perform at their best;
Be transparent about everything;
He lives by two principles. Firstly, make gut decisions after finding all the data to support it; and secondly, it makes no sense doing those things well that you shouldn’t be doing at all.

He explains that the difference between the board of directors and the CEO is oversight and fiduciary responsibility versus operation and execution.

Security for the Present and Future

Tom and Paul discuss Paul’s role at AgilePQ and the company’s prospects. “This product is needed; it's just needed,” Paul emphasizes. He outlines the markets they are targeting, which even includes their competitors. “They don't really have a full security system that can operate on the smallest of IoT devices,” he points out. “We have that so we can join with them, license to them our technology.” He tells Tom that their software not only protects the present but is ready for future technology as well. “We built [our software] not only to protect the IoT devices, but we built it so that when quantum computers become a reality - they will be able to process so much data so quickly they can break many of the encryption systems that are in the marketplace today - we built our technology to be post-quantum secure.”

“What do board members, CEOs, and companies need to be thinking about for 2025 or perhaps even further, around security and encryption?” Tom asks. “People have to recognize that hackers and bad actors in the digital world are multiplying faster in many cases than the development of technology itself,” Paul responds. “Businesses today really need to be focusing on security at every level of the computing stack ... and they need to concentrate on multiple levels of security within each of those systems. He advises that security should be considered in the planning stage, not after you've already developed a product. “You need to think about it upfront and plan it as part of the operational aspect of the device... that you're building,” he comments.

Resources

Paul Clayson on LinkedIn

AgilePQ.com

Call Paul Clayson at (336)380-2800

Comprehensive Cybersecurity Management with Jenna Waters

Tue, 30 Mar 2021 04:01:00 -0000

Jenna Waters is a Cybersecurity Consultant at True Digital Security where she specializes in information security program development, industry compliance assessments, threat intelligence, and cloud security controls. She helps clients through the challenges of cybersecurity program development and holistic security consulting, and also consults companies across varying industries. Tom Fox welcomes her to this week’s show as they discuss technological safety within industries, and what her company is doing to curb cyber attacks.

The Micro/Macro Focus

Jenna is a USN veteran, and during her time in the Navy, she worked on highly sophisticated computer information systems and with a lot of other sophisticated technologies as well. Tom asks her to elaborate on the Navy’s approach to cybersecurity as opposed to the public and private sector. Jenna iterates that the Navy, as well as any other military, federal, or law enforcement agency, is focused on a very global, or what she calls a “macro threat” environment. They are focused on protecting the country as a whole from cyber and information warfare attacks. On the other hand, the private and public sectors have a microfocus: in industries or specific business types and the risks and threats those industries or business types may face.

“To End Security Breaches”

Tom remarks that True Digital Security strives to bring an end-to-end solution, and makes mention of the company’s statement “To end security breaches.” Jenna explains that it’s the company’s goal and that True Digital strives to be at the forefront of cybersecurity. Doing this means preventing breaches from occurring in the first place. However, in the event that breaches do happen, ensuring that attackers don’t acquire vital information is important. “Even if you suffer a minor breach, they're just stuck because we want our clients to have a very layered defense, an in-depth approach that prevents them [attackers] from getting something valuable,” Jenna says.

Software Inventory Management

“It’s the process of keeping an updated inventory of all your software and your applications from even the smallest minutia of an application used within your IT environment,” Jenna says in response to Tom’s question about software inventory management. She adds that it's one core aspect of overall IT asset management. It enables the recording of vital information such as software update cycles, as well as ensuring that all the critical security patches are applied. Software Inventory Management keeps records of the quantity of applications software that exist within an organization. It helps detect if there’s been a breach as the bit size of applications changes when a breach occurs.

The Impact of COVID-19

The pandemic has not changed True Digital’s approach very much, Jenna remarks. What the company has been doing is helping clients pivot without the notice of attackers. Remote working comes with its own challenges and insecurities, and so assisting clients and pivoting in a way that helps them continue to achieve their cybersecurity compliance program and development goals is important. The rise in attacks emphasizes the need for structural and legal practices and precedents. Jenna stresses that governments of the world, as well as public and private sectors, need to come together to denounce cyber attacks and enforce actual consequences for these actions.

Resources

Jenna Waters | LinkedIn

TrueDigitalSecurity.com

Knowledge Process Outsourcing with Jehan Jeyaretnam

Tue, 23 Mar 2021 04:01:00 -0000

Jehan Jeyaretnam is the Director and Head of Compliance Services at Acuity Knowledge Partners, one of the world’s largest knowledge process outsourcing firms. Jehan leads the Compliance Business Division, supporting clients with regulatory and anti-financial crime surveillance issues. Tom Fox welcomes him to this week’s show as they discuss ways of implementing knowledge outsourcing within work environments.

Knowledge Processing

Tom asks Jehan to define the term “knowledge processing.” Jehan explains that it is a point of view where you have the resources that are supported based on particular specialized knowledge. It’s an area where analytics and judgment reform is required, along with domain understanding and subject matter expertise. It is different from business processing in that it’s more than simply rules-led and considers knowledge offshoring functions.

The Four Pillars of Acuity

Jehan explains that there are four pillars of compliance within Acuity Knowledge Partners. He states that the company supports its clients by combining these four aspects:

corporate compliance, which focuses on monitoring and surveilling communications and marketing materials;
investment compliance and trade surveillance supports clients in the areas of investment guideline management from a market abuse perspective;
anti-corruption financial crimes, which tackles due diligence for clients, transaction monitoring from an anti-money laundering perspective;
forensic compliance, which takes a data science approach to compliance, while supporting clients who are based on-shore.

The Impact of COVID-19

Tom asks Jehan to explain how his approach to compliance has shifted or changed due to the pandemic. Jehan states that the area that needed to improve due to the pandemic was understanding how to continue supporting clients while maintaining the compliance culture around it. When employees are working remotely, it’s important to ensure that company culture remains embedded. Changing the model so that there's enough surveillance and approachability is very important. From a business perspective, the pandemic caused Acuity to take more of a conservative approach to the compliance function with respect to budgets. The work volume increased, however, employees operating from their homes allowed for increased communication.

Do More With Less

Companies need to be thinking about processing in the next five years, and how it may evolve. One way that Acuity supports its clients is by helping them do more with less. They create dedicated teams that can support them, by taking away some of the workflows that can be done offshore in a more cost-effective way. Freeing up your onshore teams and employees will allow them to be able to readily adapt to the changing workflows, environments, and operations. Because Acuity has implemented this model, they have provided a certain amount of flexibility in their workforce. Jehan advises other companies to do the same. If you want to increase efficiencies you need to "create a center of excellence" by bringing all the aspects of compliance together.

Resources

Jehan Jeyaretnam | Twitter, LinkedIn

AcuityKP.com

Being Intentional & Celebrating People with Chris Fuller

Tue, 16 Mar 2021 04:01:00 -0000

Chris Fuller is an author and the President and CEO of Influence Leadership Inc, an organization focused on serving businesses through the development and growth of their people. He is a keynote speaker and has facilitated many strategic sessions for large companies. This experience has given him valuable, best-practice insights. Tom Fox welcomes him to this week’s show as they discuss ideas and strategies to help you around leadership.

Mid-Level Management & Cultural Change

Chris wants to help leaders achieve their dreams, while also creating a great work environment for their employees. The day-to-day reality of leadership is a challenge, and new mid-level managers get burned out when they are promoted without proper preparation. "I have a strong focus on the first-time leaders, to prepare them so that they're set up for success, not set up for struggle," Chris says. Embedding this as a culture within an organization will have to involve senior leadership. "We start with the mid-level, we make sure that we equip and empower the new leaders, but then from an organizational effectiveness standpoint, we really want to impact cultural change at the senior leader level."

Being Intentional & The Inspired Leadership Pathway

Becoming an inspired leader means being intentional and purposeful. Chris gives an anecdote of going to see Hamilton, and he expresses that the kind of dedication put into the play is the kind of dedication we need to apply to the workplace. “If we take that to our daily lives, if we take that to our professional lives, how much inspiration and how much achievement can we start with? We can't have inspired results without intending to get there and being on purpose not on accident.” It’s part and parcel of Chris’ inspired leadership pathway which is about embodying a serving others mindset. “It's about being passionate and purposeful in what you do,” Chris explains. “It’s also about integrating operations with people and also being real and authentic in your relationships, while “executing with excellence.” The combination of cultural and fundamental execution is what will lead an organization to success.

“And”, Not “Or”

Chris’s style of leadership takes into account the “and” of everything: results and relationships; people and production. He utilizes both aspects and encourages leaders to do the same. “I've got to infuse that adventure and that sense of reality, the gritty reality of leading in the trenches with this infused adventure set to make it…. I'm going to equip and empower you but in the middle of it we're gonna have a blast.” People learn better through stories and when they’re having fun, Chris expresses. Culture is critical to a company’s development and ethical values, it needs to be emphasized from the top down. “A leader's behavior can tell the rest of the organization under them or those that witness them, that the cultural statements are simply a poster on the wall.”

The Race Method & Celebrating People

Tom asks Chris to explain the Race Method. Chris states that it’s one of the methods that came out of studying the Iditarod. The race methodology says: are you ready to run the race that is going to be mapped out for you, and what are those action steps that you need to do if your team isn't race-ready? You need to have action, or else the team is never going to be able to fulfill what you want them to fulfill. We have to teach them to do what we need them to execute. “We need checkpoints - evaluate the progress made and we can involve it. So ready, act, checkpoint, and evolve.” When employees do something right, we need to celebrate them, Chris adds. Make your values and culture clear, tie those literal behaviors together, and when they are activated in your employees, celebrate that to the fullest.

Resources

Chris Fuller | LinkedIn, Twitter

InfluenceLeadership.com

Learning Rather Than Training with Eric Shepherd

Tue, 09 Mar 2021 05:01:00 -0000

Eric Shepherd is the former CEO of Question Mark. In 2019 he stepped down and now runs a non-profit company called Talent Transformation, focused on helping individuals understand the future, leadership, and learning. Tom Fox welcomes Eric onto his week’s show as they discuss the ways organizations can better develop through a focus on learning rather than training.

The Rise in Technology

With the rise in technological advances and automation, machines will be replacing human tasks, and what this means is that individuals will need to acquire new skills. “People will need to learn new skills and be more agile in their approach to work,” Eric says. “Just as technology is going to disrupt a lot of jobs, we can also use technology to help us learn the skills required for the 21st century,” he adds. He iterates that communication, collaboration, and conflict resolution are some of the most important skills that need to be developed and nurtured. Eric also adds that employees will feel bitter at having been displaced, and it is up to society to provide learning systems to help them transition into new roles.

Talent Transformation Pyramid

Eric had a good understanding of assessing knowledge skills and abilities but not of assessing behaviors, emotional intelligence, or personality traits. Understanding how mindset and skillset would support readiness and performance was important. “How would people be ready to do tasks and how would they perform but being based on both their behaviors and social-emotional intelligence,” he adds. He explains to Tom that the concept was hard to explain to people, so he created the ‘talent transformation pyramid’, showing how personality traits and cognitive systems would support performance at an individual level, team level, and organizational level.

CEO Sets The Culture

Tom asks Eric what he sees as the CEO’s role in talent transformation, especially in regards to the coronavirus pandemic. Eric stresses that the CEO has to set the organizational culture and that that culture would differ depending on what business they’re running. In these uncertain times, employees are being bombarded with different fears that will affect their work performance. CEOs need to address those fears and establish a culture that says wellness, psychological safety, and inclusion are important. It has to come from the top, he argues.

Learning Through Culture

Eric reiterates that the majority of repetitive tasks are going to be replaced by machines. What this means for humans in the future is that there will be more focus on creativity, communication, collaboration, and cooperation. Learning through culture will see organizations become more successful because they are being more creative and embracing the possibilities of the future. “The company that can embrace those talents and those skills is actually going to be more efficient, and having greater efficiency would lead to greater profitability simply because they're more agile and they're more nimble.”

Learning Rather Than Training

Tom asks Eric to explain how the pandemic has changed his approach. Eric explains that now his company acts more as business advisors rather than doing actual assessments. With the impact of COVID-19, Eric has been uploading a lot of content to YouTube and his company’s website. Tom also asks Eric what companies need to think about in the next few years in regards to talent transformation. “Think about learning rather than training. Think about culture.”

Resources

Eric Shepherd | LinkedIn, Twitter

TalentTransformation.com

eric@talenttransformation.com

Talent Transformation by Eric Shepherd and Joan Phaup

Business and Financial Fraud: Yesterday, Today, and Tomorrow: Part 5 - Responding to Allegations of Fraud

Fri, 05 Mar 2021 06:03:00 -0000

Welcome to a special five-part K2 Integrity sponsored podcast, series Business and Financial Fraud: Yesterday, Today, and Tomorrow. Over the course of this series I have been joined by Joanne Taylor, a Managing Director at K2 Integrity. She has 20 years of legal, investigations and financial crime compliance experience, working within the financial and legal services industries. I am also joined by Ray Dookhie, a Managing Director in K2 Integrity’s Investigations and Risk Advisory practice, with more than 25 years of experience in compliance, integrity risk monitoring and management, and investigations. Over the series, we have considered the top fraud trends you might expect to see in 2021, what the regulatory landscape may well look like in 2021, best practices in fraud prevention, how to detect fraud and responding to fraud once it is uncovered. In our concluding episode, Part 5, Ray Dookhie joins me to discuss what a company should do after allegations of fraud arise.

Business and Financial Fraud: Yesterday, Today, and Tomorrow: Part 4 - Best Practices in Fraud Detection

Thu, 04 Mar 2021 06:02:00 -0000

Welcome to a special five-part K2 Integrity sponsored podcast, series Business and Financial Fraud: Yesterday, Today, and Tomorrow. In this series I am joined by Joanne Taylor, a Managing Director at K2 Integrity. She has 20 years of legal, investigations and financial crime compliance experience, working within the financial and legal services industries. I am also joined by Ray Dookhie, a Managing Director in K2 Integrity’s Investigations and Risk Advisory practice, with more than 25 years of experience in compliance, integrity risk monitoring and management, and investigations. Over this series, we will consider the top fraud trends you might expect to see in 2021, what the regulatory landscape may well look like in 2021, best practices in fraud prevention, how to detect fraud and responding to fraud once it is uncovered. In Part 4, Joanne Taylor joins me to review best practices in fraud detection.

Join us tomorrow for our concluding Part 5 where we look at responding to fraud after it is uncovered.

For more information on K2 Integrity, check out their website here.

Business and Financial Fraud: Yesterday, Today, and Tomorrow: Part 3 - Best Practices in Fraud Prevention

Wed, 03 Mar 2021 06:02:00 -0000

Welcome to a special five-part K2 Integrity sponsored podcast, series Business and Financial Fraud: Yesterday, Today, and Tomorrow. In this series I am joined by Joanne Taylor, a Managing Director at K2 Integrity. She has 20 years of legal, investigations and financial crime compliance experience, working within the financial and legal services industries. I am also joined by Ray Dookhie, a Managing Director in K2 Integrity’s Investigations and Risk Advisory practice, with more than 25 years of experience in compliance, integrity risk monitoring and management, and investigations. Over this series, we will consider the top fraud trends you might expect to see in 2021, what the regulatory landscape may well look like in 2021, best practices in fraud prevention, how to detect fraud and responding to fraud once it is uncovered. In Part 3, Ray Dookhie reviews best practices in fraud prevention.

Join us tomorrow in Part 4 where we look at strategies for detecting fraud.

For more information on K2 Integrity, check out their website here.

Business and Financial Fraud: Yesterday, Today, and Tomorrow: Part 2 - Regulatory Landscape in 2021

Tue, 02 Mar 2021 06:02:00 -0000

Welcome to a special five-part K2 Integrity sponsored podcast, series Business and Financial Fraud: Yesterday, Today, and Tomorrow. In this series I am joined by Joanne Taylor, a Managing Director at K2 Integrity. She has 20 years of legal, investigations and financial crime compliance experience, working within the financial and legal services industries. I am also joined by Ray Dookhie, a Managing Director in K2 Integrity’s Investigations and Risk Advisory practice, with more than 25 years of experience in compliance, integrity risk monitoring and management, and investigations. Over this series, we will consider the top fraud trends you might expect to see in 2021, what the regulatory landscape may well look like in 2021, best practices in fraud prevention, how to detect fraud and responding to fraud once it is uncovered. In Part 2, Ray Dookhie joins me to consider what the fraud regulatory landscape may look like in 2021.

Join us tomorrow in Part 3 where we look at best practices in fraud prevention.

For more information on K2 Integrity, check out their website here.

Going Back to the Workplace Safely with Julie Myers Wood

Tue, 02 Mar 2021 05:01:00 -0000

Julie Myers Wood, CEO of Guidepost Solutions, returns to the Innovation In Compliance podcast this week to talk about how companies can get back to the workplace safely. She tells Tom Fox that this far into the pandemic her conversations with clients have changed to address longer-term issues. Customers are asking questions about security protocols and how to keep people safe, as well as keep business open.

Increased Efficiency

Julie says that Guidepost Solutions delivers technology solutions customized to each customer’s needs and existing security platforms. For example, more and more businesses are looking for touchless technology so that they can protect their customers and keep their doors open. Tom comments that this improves business efficiency on a whole and credits the pandemic for forcing us to improve our processes overall.

Work From Home

Tom and Julie discuss the security challenges working from home presents. Julie remarks that companies have to think about creating campaigns to target those issues so that their employees can avoid problems. Tom asks her how her company handles doing investigations such as risk assessments - which are usually done on-site - remotely. It’s very challenging, she responds and describes the workarounds they have had to create to get the job done.

Diversity and Inclusion Initiatives

“We went to work as a company on diversity and inclusion initiatives, and I think that's really brought together people at various levels of our company in a new way - in a great way,” says Julie. “We want to make sure that people from all backgrounds feel included, want to come to Guidepost, want to stay at Guidepost, and that we're able to recruit folks from all different backgrounds, all ways of life.” Tom asks Julie to speak to the leaders that say that a diverse talent pool doesn’t exist in their industry. She responds, “They didn’t exist because you weren’t looking.”

Protecting Vacant Facilities

Tom mentions Guidepost’s advocacy for a cybersecurity vulnerability assessment for vacant facilities. He asks Julie why it’s important. She replies that they believe it’s just regular security maintenance to ensure that there are no new problems in the physical, as well as cyberspace. “There may be all sorts of new problems in their neighborhood that didn't exist before,” she reminds listeners. So if you’re thinking about reopening, it makes sense to do both a physical and cyber risk assessment.

Resources

GuidepostSolutions.com

JWood@guidepostsolutions.com

Business and Financial Fraud: Yesterday, Today, and Tomorrow: Part 1 – Top Fraud Trends in 2021

Mon, 01 Mar 2021 06:02:00 -0000

Welcome to a special five-part K2 Integrity sponsored podcast, series Business and Financial Fraud: Yesterday, Today, and Tomorrow. In this series I am joined by Joanne Taylor, a Managing Director at K2 Integrity. She has 20 years of legal, investigations and financial crime compliance experience, working within the financial and legal services industries. I am also joined by Ray Dookhie, a Managing Director in K2 Integrity’s Investigations and Risk Advisory practice, with more than 25 years of experience in compliance, integrity risk monitoring and management, and investigations. Over this series, we will consider the top fraud trends you might expect to see in 2021, what the regulatory landscape may well look like in 2021, best practices in fraud prevention, how to detect fraud and responding to fraud once it is uncovered. In Part 1, Joanne Taylor joins me to discuss the top fraud trends in 2021.

Join us tomorrow in Part 2 where we look at the regulatory landscape for fraud and misconduct in 2021.

For more information on K2 Integrity, check out their website here.

Fighting The Scourge of Human Trafficking with Dan Wager

Tue, 23 Feb 2021 05:01:00 -0000

Tom Fox’s guest on this week’s show is Dan Wager, VP of Global Financial Crime and Compliance at LexisNexis Risk Solutions. Dan is an executive with expertise in financial crime compliance and investigations. He and Tom discuss human trafficking, fraud and identifying the patterns of suspicious behaviors within an organization. Tom emphasizes, “All compliance professionals need to understand not only the risks around this area but also what the solutions are… The pandemic has caused an increase in this area because it's closed down other business opportunities for the bad guys.”

It’s All About Money

Human trafficking, sex trafficking, money laundering and the like are not crimes of passion, Dan points out. “Their focus is to make money and that desire does not stop during an economic crisis and a global pandemic… It all comes back to moving money.” The way in which these crimes are committed is changing, and compliance professionals need to be aware. Tom comments that commercial corporations are being targeted more now because “they’re not set up to fight this scourge.” Dan explains why this is so and gives an example of how banks have been inadvertently used in PPP fraud recently. “These things move together - disadvantaged businesses looking for funds and illicit financiers looking for outlets, people on the narcotics or human smuggling realms looking for ways to make money and retain money in a difficult environment - they all fit together.”

Reputational Risks

Tom comments that your company’s reputation will be severely tarnished if you are found to be even remotely involved in human trafficking and human slavery. Dan says that most companies understand this but are struggling to detect it. You don’t want to be a company that purchased PPE from non-vetted suppliers because you’ll go down along with them, he warns. The reputational damage is just one part of the equation. “What do you think happens to those kinds of workers when you have counterfeit and hard-to-get PPE, in this kind of environment where they can't even travel across the border or seek other employment? It is exploitation and health dangers on an epic scale,” Dan remarks.

Working From Home & Red Flags

Tom and Dan discuss the increased risk because of the move to work-from-home. Tom also asks about the risk that returning to work may bring. The speed with which remote work had to be implemented opened up new avenues for fraud, Dan says. Work computers are now sitting alongside personal network computers, and bad actors are using various ways to infiltrate both. Few companies are equipped to deal with these changed circumstances, which leaves them vulnerable. The way we conduct business has changed permanently, Dan remarks. This is good in many respects, but it opens up opportunities for fraud. He shares some red flags compliance professionals and financial institutions should look out for. If there is a dramatic change in how a company usually does business, that’s a major red flag, Tom and Dan agree.

Resources

Dan Wager | LinkedIn

LexisNexis Risk Solutions

Meaningful Meetings with Dr. James Kelley

Tue, 16 Feb 2021 05:01:00 -0000

Tom Fox’s guest on this week’s show is Dr. James Kelley, co-founder and CEO of qChange. qChange is a technology company that uses artificial intelligence to improve leaders’ skills and make meetings more impactful. James spent the last 12 years in academia before co-founding qChange. He chats with Tom about his academic research, his book, and how he is helping leaders become more impactful in meetings.

Customize the Message

James’ academic research was a five country study about consumers’ attitudes towards global brands. He studied various customer attributes and how it impacted their attitudes towards a brand. What he found was that global companies needed to tailor their narrative to reach customers outside of their local audience. This study has implications for internal communications around compliance as well, he points out. “I’ve always argued that if you could diversify your population inside the organization and tailor that messaging, the likelihood of compliance will increase drastically because you’re speaking the language of the individual.”

Crucible Moments

Tom and James discuss James’ book, The Crucible’s Gift. James details why he wrote the book, and shares some insights from his interviews with 150 “authentic leaders”. The greatest learning he took away from those interviews was that they all had a “crucible moment”. “What I found is that a majority of those I interviewed that I perceived as being really authentic took some sort of adversity moment and created an opportunity.” He tells Tom that their crucible moments led them to ultimately become more authentic. Tom shares his own crucible moment. “Learning to see the door and then have the courage to walk through, [that] was the biggest lesson for me,” Tom comments.

Making Meetings Better Through Technology

“[qChange] was born out of this notion that technology - the use of AI - could be a collaborator in a leader's journey, not a competitor,” James says. “So our whole entire company is predicated on the idea of prompting, measuring, growing, and predicting leaders’ and teams’ success in Microsoft Teams. We're very meeting focused: we believe that where leaders show up most is in a meeting.” He describes how their AI software prompts leaders to practice specific soft skills within meetings. The comprehensive feedback loop compares the leader’s self-score with how his team members rate them, culminating in a personal leadership score. Making it experiential and real-time helps leaders retain those lessons in a tangible way. James tells Tom that their solution is end-to-end. Tom asks him what he sees as the future of meetings, to which he responds that work is going to be hybrid. He shares how qChange is preparing for the future, and that they’re well-positioned to meet it with success.

Resources

qChange.com

qChange on LinkedIn | Facebook

James Kelley on LinkedIn

The Crucible’s Gift book

Uncertainty - The Blinders Are Off with Lisa Levy

Tue, 09 Feb 2021 05:01:00 -0000

Lisa Levy, CEO of Lcubed Consulting and author of Future Proofing Cubed, started her career in IT. “I grew up as a project manager implementing systems'', she says, “and watching those system implementations fail because people didn't understand what the new technology was doing or why it was important to them or how it was supposed to actually make their jobs easier.” That early experience led her to focus on “process and building teams that would understand how work is done and then how to use the technology.” She eventually founded Lcubed Consulting to champion better ways of doing work in order to become more agile. Tom Fox welcomes her to this week’s show as they discuss cross-functional collaboration, future proofing, and building agility within the corporate culture through adaptive transformation.

It Starts With People

“I realized that it's really about getting the right people doing the right work in a repeatable process and then using technology to enable it,” Lisa comments. Business success depends on people first, then process, then technology, she adds. She says that she established Lcubed Consulting to offer middle-sized companies expertise in four key areas: project management, process performance management, internal controls, and organizational changes. Working with her expert consultants helps her clients’ employees build their capacity in these crucial areas.

Cross Functional Collaboration

Understanding what’s going on around you as an employee is important, Lisa iterates. She advocates for cross-functional collaboration, so that each employee and team knows where they fit in the big picture. “If everyone understands where they fit in the flow of the business, we can then tie that into the work value that customers and clients receive,” she remarks. This makes certain that resources aren’t being wasted.

Future Proofing and Being Agile

Tom comments that the pandemic has made “the unknown unknowns almost business-as-usual.” He asks Lisa how companies can future proof their operations for whatever comes along. Lisa responds that you must build agility within your business as the first step of "future proofing." This is the core of their adaptive transformation framework. “Future proofing is about building a basis in corporate culture that embraces change,” she remarks. “A visionary leader is always looking to the next thing that they want to do...Operations is supposed to happen flawlessly and move with the needs of that visionary leader. And so if we start with a culture … and everybody understands that we really want to change on a recurring basis - that this is natural, it's how we grow, it's how we scale - and we have that foundation, and we know how to do our jobs, and we know how to use our technology, a business leader can do just about anything, and the business will follow.”

Getting the Message Out

Lisa wrote her book, Future Proofing Cubed, in 2019 before the pandemic. She tells Tom that COVID-19 has made the message that businesses need to be agile, very clear to leaders. She shares insight on how to create an adaptive culture throughout an organization. The tone from the top is important, but employees need to hear the same message from their direct supervisors. "In order to be successful we need to be able to get our people to move in the directions that we need them to…. with the least amount of resistance," Lisa remarks.

Resources

Lisa Levy | LinkedIn

LCubedConsulting.com

FutureProofingCubed.com

Building Hero Leadership with Tricia Benn

Tue, 02 Feb 2021 05:01:00 -0000

Tricia Benn is the Chief Community Officer at C-Suite, a digital platform that focuses on providing growth development and networking opportunities for business executives. She is also the General Manager of The Hero Club, an invitation-only membership organization for CEOs, founders, and inventors. Tom Fox welcomes her to this week’s show as they discuss creating collaboration among leaders to build business growth.

C-Suite Network

C-Suite Network helps business leaders in growth development by creating an ecosystem of content creation and distribution, Tricia explains. It is a community of leaders motivating and inspiring each other on multiple levels. It is a values-based organization, with an emphasis on how leaders, investors, and businesses put people first. Before the pandemic, it was done via face-to-face seminars but has since then gone virtual. Tom comments that with this pivot, an explosion of content that hadn’t been available to leaders and businesses before has now become available.

The Principle of Success

“The principle of success is what you define it as,” Tricia says. She emphasizes that as a business leader you have to be clear about how you define success. Tom asks her to explain the other services that her companies offer. Tricia says that C-Suite and The Hero Club provide whatever tools are necessary for the support of a leader’s content creation. With the pandemic, a lot of businesses have gone virtual, and C-Suite and The Hero Club accommodate for that. The main focus is about facilitating the access and intelligence needed for content providers, as well as the platform, to allow for business leaders to activate virtually. Implementing diversity is also important, Tricia stresses. Servicing everyone, and appreciating everyone's differences is essential to hero leadership.

The Lifeblood of Success

Innovation is the lifeblood of a business' success. It means putting one foot in front of the other every day. Without innovation, there can be no growth, and you end up losing ground. It is important to keep adapting. As things change around us, so must our methods, approaches, and our business models to better serve the environment in which we live. Tricia emphasizes that with innovation, it is important to never let the people you serve feel the pain of what you are learning. You must only let them feel the gains of that learning.

Resources

C-Suite Network

Tricia Benn | Twitter, LinkedIn

Integrity Matters: Assessing the Corporate Compliance Climate in 2021- Part 5-Preparing Your Company for What’s Next

Fri, 29 Jan 2021 06:02:00 -0000

Welcome to this special podcast series, Integrity Matters: Assessing the Corporate Compliance Climate in 2021, sponsored by K2 Integrity. This week I visit with Bob Brenner, Co-Managing Partner and Chief Legal Officer; Snežana Gebauer, Executive Managing Director and head of U.S. Investigations and Risk Advisory, Americas. Over the week, we will consider various regulatory and enforcement issues with the incoming Biden Administration. Topics include assessing the regulatory landscape resulting from the pandemic, what companies can expect from new administration priorities, anti-bribery/anti-corruption issues and enforcement in 2021. In this concluding Part 5, I am joined by Snežana Gebauer to consider a few key themes and how a company can prepare for what is coming down the road into 2021 and beyond.

For more information go to the K2 Integrity website.

Integrity Matters: Assessing the Corporate Compliance Climate in 2021- Part 4: Global Trends Impacting Risk & Compliance in 2021

Thu, 28 Jan 2021 06:03:00 -0000

Welcome to this special podcast series, Integrity Matters: Assessing the Corporate Compliance Climate in 2021, sponsored by K2 Integrity. This week I visit with Bob Brenner, Co-Managing Partner and Chief Legal Officer; Snežana Gebauer, Executive Managing Director and head of U.S. Investigations and Risk Advisory, Americas. Over the week, we will consider various regulatory and enforcement issues with the incoming Biden Administration. Topics include assessing the regulatory landscape resulting from the pandemic, what companies can expect from new administration priorities, anti-bribery/anti-corruption issues and enforcement in 2021. In this Part 4, I am joined by Bob Brenner and we consider what companies can expect from the global trends impacting risk and compliance in 2021.

Join us tomorrow as we conclude our five-part series by considering how your company can prepare for what is next.

For more information go to the K2 Integrity website.

Integrity Matters: Assessing the Corporate Compliance Climate in 2021- Part 3: Anti-Bribery and Anti-Corruption Enforcement in 2021

Wed, 27 Jan 2021 06:03:00 -0000

Welcome to this special podcast series, Integrity Matters: Assessing the Corporate Compliance Climate in 2021, sponsored by K2 Integrity. This week I visit with Bob Brenner, Co-Managing Partner and Chief Legal Officer; Snežana Gebauer, Executive Managing Director and head of U.S. Investigations and Risk Advisory, Americas. Over the week, we will consider various regulatory and enforcement issues with the incoming Biden Administration. Topics include assessing the regulatory landscape resulting from the pandemic, what companies can expect from new administration priorities, anti-bribery/anti-corruption issues and enforcement in 2021. In this Part 3, I am joined by Snežana Gebauer who discusses what companies can expect as priorities from new administration around anti-bribery and anti-corruption.

Join us tomorrow as we examine global trends impacting risk and compliance in 2021.

For more information go to the K2 Integrity website.

Integrity Matters: Assessing the Corporate Compliance Climate in 2021- Part 2: Priorities from the Biden Administration

Tue, 26 Jan 2021 14:17:18 -0000

Welcome to this special podcast series, Integrity Matters: Assessing the Corporate Compliance Climate in 2021, sponsored by K2 Integrity. This week I visit with Bob Brenner, Co-Managing Partner and Chief Legal Officer; Snežana Gebauer, Executive Managing Director and head of U.S. Investigations and Risk Advisory, Americas. Over the week, we will consider various regulatory and enforcement issues with the incoming Biden Administration. Topics include assessing the regulatory landscape resulting from the pandemic, what companies can expect from new administration priorities, anti-bribery/anti-corruption issues and enforcement in 2021. In this Part 2, I am joined by Bob Brenner who discusses what companies can expect as priorities from new administration.

Join us tomorrow as we examine anti-bribery and anti-corruption priorities from the incoming Biden Administration.

For more information go to the K2 Integrity website.

Pragmatic Security and Data Protection with Gary Chan

Tue, 26 Jan 2021 05:01:00 -0000

Gary Chan is the President of Pragmatic Security at Alfizo and specializes in data protection and security. Tom Fox welcomes him onto this week's show as they discuss the ways to help businesses leverage IT departments, enable sales, and meet compliance.

Why Information Security

When people buy information security, Gary explains, they're not looking for someone to go in and solve every problem. Clients want to look at information security from a business perspective: how will it help them generate revenue and protect only the things the business wants to protect while saving money? Gary calls this ‘pragmatic information security’ because it delves into the why. It is an approach that helps businesses understand what the highest risks are, and how to manage those risks.

Security Within Executive Branches

Gary finds that even the most sophisticated Board of Directors lack a proper understanding of data protection. They are more concerned with meeting compliance and avoiding fines. “They don’t really understand what security can do for them outside of keeping them from getting hacked,” he says. Tom comments that boards consider their reputation surrounding compliance more. Gary suggests tying data protection to the issues boards are more concerned about to get them to do something about it.

The Impact of COVID-19 on Security

From a business perspective, Covid-19 had a large impact. Security arms of firms were shut down as security isn’t seen as something that brings in revenue, Gary remarks. He adds that people’s behavior changed and that having the majority of your employees working from home increases your business risk. COVID-19 has been a golden age for hackers because stealing is easier, and they’re less likely to get caught. However, when businesses started reopening and companies realized that turning off security tools was dangerous, they have ramped up security. This time loss increased companies’ security expenses and boosted the demand for security and data protection from more people.

Resources

Alfizo

Start-Training.Alfizo.com

Gary Chan | LinkedIn

Integrity Matters: Assessing the Corporate Compliance Climate in 2021-Part 1 Assessing the Landscape from the Pandemic

Mon, 25 Jan 2021 20:01:17 -0000

Welcome to this special podcast series, Integrity Matters: Assessing the Corporate Compliance Climate in 2021, sponsored by K2 Integrity. This week I visit with Bob Brenner, Co-Managing Partner and Chief Legal Officer; Snežana Gebauer, Executive Managing Director and head of U.S. Investigations and Risk Advisory, Americas. Over the week, we will consider various regulatory and enforcement issues with the incoming Biden Administration. Topics include assessing the regulatory landscape resulting from the pandemic, what companies can expect from new administration priorities, anti-bribery/anti-corruption issues and enforcement in 2021 and preparing your organization for what is next. In this Part 1, I am joined by Snežana Gebauer who assesses the regulatory landscape resulting from the pandemic.

The Risks with Employee Data with Robert Meyers

Tue, 19 Jan 2021 05:01:00 -0000

Robert Meyers is the Channel Solutions Architect for One Identity, a software company that helps organizations establish an identity-centric security strategy. Tom Fox welcomes him to this week’s show to talk about compliance, data privacy, and employee data issues.

The Role of One Identity

“Most companies forget about employees, and this gets impacted by GDPR,” Robert says. His role at One Identity allows him to explain to companies where they can fit identity protections for employees. He also helps companies with their logging systems to prevent them from sending out sensitive information into their log store. Robert adds that he also works as a consultant for partners and helps with privileged access management.

Data Has a Life Cycle

“Data itself should have a life cycle,” Robert emphasizes. The concept of never deleting anything and keeping copies of everything is a bad idea. Data discipline and data management governance expects that you remove data at an appropriate time. Robert iterates that data privacy and data protection has to be integrated in operations because if it isn’t, it won’t be dealt with at all. In response to Tom’s question on who owns Compliance, Robert says that it has to be the Chief Operating Officer.

What’s Next

Tom asks Robert what businesses should expect to happen around data privacy between now and 2023. Robert says that there will be more risk assessment. Most breaches conducted within organizations are internal. He advocates for greater enforcement of laws and regulations as well as more legislation.

Resources

OneIdentity.com

Robert Meyers | Twitter, LinkedIn

The 100 Book Challenge: The Infinite Game by Simon Sinek

Fri, 15 Jan 2021 05:01:00 -0000

Tom and Nick Gallo discuss The Infinite Game by Simon Sinek. The author emphasizes that the game of business is not a short game but a long one, and leaders need to play the long game in order to be successful. Nick comments that making sure that your company is working together for the betterment of your employees - not just for profit - is crucial, and a vital part of playing the long game. Tom mentions Jeff Bezos as an example of a business leader who plays the long game.

Simon Sinek is an author, and inspirational speaker. He explores how leaders can inspire cooperation, trust and change.

Listeners can read Nick’s notes on each book at his LinkedIn page.

Resources

Tom Fox on LinkedIn | Twitter

Nick Gallo on LinkedIn

The Infinite Game by Simon Sinek

The 100 Book Challenge: The Fearless Organization by Amy Edmondson

Thu, 14 Jan 2021 05:01:00 -0000

Tom Fox and Nick Gallo discuss cultivating psychological safety within the workplace and innovation and growth, from Amy Edmondson’s book, The Fearless Organization. Tom expresses that a main aspect of psychological safety is creating a speak-up culture. Once your employees believe that you want them to speak up, your company can move forward.

Amy Edmondson is a scholar of leadership, teaming and organizational leading. She is currently the Novartis Professor of Leadership at Harvard Business School.

Listeners can read Nick’s notes on this book at his LinkedIn page.

Resources

Tom Fox on LinkedIn | Twitter

Nick Gallo on LinkedIn

The Fearless Organization by Amy Edmondson

The 100 Book Challenge: The Culture Map by Erin Meyer

Wed, 13 Jan 2021 05:01:00 -0000

In this episode of the 100 Book Challenge series, Tom Fox and Nick Gallo are talking about Erin Meyer’s book, The Culture Map. They discuss the dynamic of culture. Tom asks how a Chief Compliance Officer can communicate effectively within a multinational organization. Nick shares the eight axes that make up a culture from the book. He adds that understanding differing cultural norms and dynamics, and being able to communicate within that realm, is important for compliance practitioners.

Erin Meyer is a professor at INSEAD Business, based in Paris. Her work focuses on how the world’s most successful leaders navigate cultural differences in a multicultural environment.

Listeners can read Nick’s notes on this book at his LinkedIn page.

Resources

Tom Fox on LinkedIn | Twitter

Nick Gallo on LinkedIn

The Culture Map by Erin Meyer

The 100 Book Challenge: Influence by Robert Cialdini

Tue, 12 Jan 2021 05:01:00 -0000

Tom Fox and Nick Gallo talk about decision-making and what influences the process. Humans like to think of themselves as rational beings, but we are really emotional decision-makers who rationalize our decisions with logical arguments. Influence is also a large factor in how you make decisions, Nick adds - it’s how you get people to change their minds without coercion. Tom discusses one of his key takeaways from Cialdini, which is the theory of reciprocity, also known as reaping what you sow.

The six principles of influence are: reciprocity, commitment and consistency, social proof, similarity, authority, and scarcity. Nick gives a brief definition for each principle and shares his takeaways from Cialdini.

Listeners can read Nick’s notes on this book at his LinkedIn page.

Resources

Tom Fox on LinkedIn | Twitter

Nick Gallo on LinkedIn

Influence: The Psychology of Persuasion by Robert Cialdini

The 100 Book Challenge: Meditations by Marcus Aurelius

Mon, 11 Jan 2021 05:01:00 -0000

Tom Fox and Nick Gallo discuss the writings of the ancient Roman philosopher Marcus Aurelius and how to apply them to business leadership. Tom shares the impact that these writings had on him as a teenager with no consistent mentor, and how it provided him with a philosophy to guide his life. Nick talks about how Meditations teaches readers to change their mindset. Oftentimes we cannot control the outcome of situations, but we can control our adherence to the process, he says.

Marcus Aurelius was the most powerful man on earth in his time, yet he adopted the ancient Greek philosophy of stoicism to discipline himself and develop self-control. For this reason, he is known to modern scholars as one of the last good Emperors of the Roman Empire.

Listeners can read Nick’s notes on this book at his LinkedIn page.

Resources

Tom Fox on LinkedIn | Twitter

Nick Gallo on LinkedIn

Meditations by Marcus Aurelius

Nick Gallo and the 100 Book Challenge: Introduction

Sun, 10 Jan 2021 05:01:00 -0000

Special guest Nick Gallo joins Tom Fox for a six-part podcast series about books. In this introductory episode, they talk about Nick’s 100 Book Challenge for 2020, where his goal was to read or listen to a selection of 100 books. Nick shares how he curated his reading list, his methods for completing the challenge, and the insights he learned from the experience. One such insight is that learning is like flexing a muscle, and just like the other muscles of the human body, you must stretch it often to keep your mind healthy.

“This was one of the biggest accomplishments of my life,” Nick claims. Part of the motivation to complete the challenge was his desire for his company to be a learning organization, he adds. “If we’re constantly in an improvement mode, there’s a lot of magic to be unlocked.”

Tom and Nick share the five books they will be going over for the next five parts of the series:

Meditations by Marcus Aurelius
Influence: The Psychology of Persuasion by Robert Cialdini
The Culture Map by Erin Meyer
The Fearless Organization by Amy Edmondson
The Infinite Game by Simon Sinek

Listeners can read Nick’s notes on each book at his LinkedIn page.

Resources

Tom Fox on LinkedIn | Twitter

Nick Gallo on LinkedIn

Integrity Matters: Exploring the NDAA - Part 5: The Long View

Fri, 08 Jan 2021 06:05:00 -0000

Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week we have broken down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which are found in the recently passed National Defense Authorization Act (NDAA). Topics discussed included breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In this concluding Part 5, I am joined by again Gail Fuller to look at the long view under the new law.

For more information go to the K2 Integrity website.

For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.

Integrity Matters: Exploring the NDAA - Part 4: Changes to Governance

Thu, 07 Jan 2021 06:05:00 -0000

Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which are found the recently passed National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 4, I am joined by Chip Poncy as we consider some of the new governance models under the NDAA.

Join us tomorrow as we conclude our podcast series by taking the long view with Gail Fuller.

For more information go to the K2 Integrity website.

For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.

Integrity Matters: Exploring the NDAA - Part 3: New Law, New Opportunities

Wed, 06 Jan 2021 06:05:00 -0000

Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which are found in the recently passed National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 3, I am joined by Gail Fuller to look at some of the opportunities under the new law.

Join us tomorrow as we continue our podcast series by visiting with Chip Poncy on changes in governance brought about by the new law.

For more information go to the K2 Integrity website.

For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.

Integrity Matters: Exploring the NDAA - Part 2: Company Formation Reform

Tue, 05 Jan 2021 06:05:00 -0000

Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which are found in the recently passed National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 2, I am joined by Chip Poncy as we discuss the reforms around company formation.

Join us tomorrow as we examine that with this new law comes new opportunities.

For more information go to the K2 Integrity website.

For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.

An Evangelist for Document Governance with Jen Snyder

Tue, 05 Jan 2021 05:01:00 -0000

Jen Snyder is the chief evangelist at GovQA, a technology company providing compliance software for governments. Tom Fox welcomes her to this week’s show as they discuss the compliance challenges facing governments, and how her company’s software is helping combat those challenges.

Government Challenges

Tom asks Jen to explain why management of government requirements is so critical and difficult. “In the government industry, everything you're doing is being done with government money, so everyone has the right to understand what's being done with that money,” she remarks. She adds that many of the challenges the government faces are because the private sector is ahead in terms of documentation: while the private sector’s documents and records are digitized, the government’s are still on paper. The pandemic has mandated a remote workforce, but adapting to a new normal is not familiar to government culture, Jen remarks.

Data Governance

With data governance, there is both the tactical solution and the strategic solution. Tom asks Jen to elaborate on how GovQA helps companies in these areas. "What we do as a company is we look and follow each state's legislative rulings on how they need to manage data," she says. GovQA always follows the process of CEO departments and governor offices' data governance policies. Jen expresses that with the changes of the pandemic, and the civil unrest within the US, states are now re-evaluating their policies, and with that comes new data areas that need new governance.

Being Compliant

Jen talks about the software GovQA has in assisting companies with legal holds. She iterates that the software allows the organization to build an audit trail and then stores it within specific software, so it can be accessed when necessary. Customers can feel confident that their data is protected: the company follows federal standards and guidelines and even goes further to bring in a third-party auditor. Rigid adherence to compliance standards is part of GovQA's workplace culture, Jen emphasizes.

Resources

GovQA

Jen Snyder on LinkedIn

Integrity Matters: Exploring the NDAA - Part 1: The Big Picture

Mon, 04 Jan 2021 06:05:00 -0000

Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which recently passed a National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 1, I am joined by Chip Poncy who breaks down the big picture of changes under the NDAA.

Join us tomorrow as we examine the changes in company formation.

For more information go to the K2 Integrity website.

For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.

Compliance From the Front Lines with Adam Frey

Tue, 15 Dec 2020 05:01:00 -0000

Adam Frey, Managing Director at K2 Integrity, returns to the Innovation In Compliance podcast this week. He and Tom Fox have an interesting conversation about the important role of compliance in the organization, as well as how to create a culture of compliance from the front lines.

Owning the Risk

Tom comments on one of Adam’s catchphrases, “own the risk”. Adam explains that the front line must internalize the compliance risk of their day-to-day activities, as well as the business and personal impact of noncompliance. The back office as well as the front line must work together to have a seamless compliance solution. Adam says that this involves taking a holistic view of every transaction and the risks it presents. “I think it's important for them to understand how [compliance risks] can impact at an operational level... and that they're an integral component of preventing the company from potentially being in noncompliance… I think it's important not to see it as just something that is somebody else's job.” He shares that leaders should explain the ‘why’ of compliance. “One of the things that I find is that it's really important to demonstrate to everybody involved why something is important, not just tell them that it's important. I think they really appreciate when they can understand it, that they have a more of a stake in the outcome.”

Compliance as a Key Function

Tom and Adam discuss why compliance should have a seat at the table. Compliance is a key business function, they both agree. When management sees compliance as a collaborative partner instead of an obstacle, the front line will more likely come to compliance professionals with potential issues. “You get better buy-in when people understand that everybody is hopefully working towards the same goal and objective,” Adam says. Every employee should also internalize compliance as an individual function. This message and attitude should come from the top, as well as the middle and bottom, Adam argues. Compliance “has to be emphasized from the top until it gets internalized to the point where it becomes bottom-up, as well,” he says.

Training & Communication

“Where do you see training as a tactic that could be utilized here?” Tom asks Adam. “Training is absolutely one of the critical components of leveraging the tone from the top but also throughout the whole organization,” Adam responds. Training should be targeted and segmented according to the exposure and risk level of trainees. “It's important to have training not just on compliance, but you can integrate training on the actual tone from the top, on code of conduct, on compliance culture, where those issues are integrated into your training, so you're constantly re-emphasizing and reiterating those points as part of that process,” Adam continues.

Ongoing communication about the importance of compliance is also critical. Adam shares practical tips leaders and compliance professionals can use to spread the message of compliance both in word and actions.

Resources

K2Integrity.com

Adam Frey on LinkedIn

BMO Empower-We Can't Leave Anyone Behind with John Petrovski

Tue, 08 Dec 2020 05:01:00 -0000

Tom Fox welcomes John Petrovski, the Senior Director of Commercial Lending at BMO, to this week's episode. Tom and John discuss BMO's new business initiative BMO Empower, and its efforts to help low moderate income and minority communities.

Promoting Economic Diversity

BMO Empower’s mission is to promote inclusive economic recovery through six main initiatives. All their initiatives are geared towards financing black and Latinx owned businesses, as well as low income and women-owned businesses. BMO Empower provides financing for their business growth, as well as financial education. John explains how the money is distributed throughout the six initiatives that make up BMO Empower.

Supplier Diversity

John stresses the importance of supplier diversity. He feels that BMO ought to have more minorities among their supplier list especially since the company has been around for more than two centuries. A way he's sought to rectify this is through targeting and expressly buying from minority and women-owned businesses. "Not only will those efforts help address the issues of systemic racism but it's also good business," Tom quotes from John's press release. John adds that a public-private partnership is needed to fully achieve this, and that individuals need to do their part.

Resources

BMO Empower

John Petrovski on LinkedIn

Innovative Compliance Solutions with Nick & Gio Gallo and Ronnie Feldman

Tue, 01 Dec 2020 05:01:00 -0000

Tom Fox welcomes brothers Nick and Gio Gallo, co-CEOS of ComplianceLine, along with Ronnie Feldman, CEO and founder of Learnings & Entertainments to this week’s show. They discuss innovative solutions to some of the challenges that compliance leaders face.

Addressing Compliance Challenges

Compliance leaders often face challenges in getting management to address compliance issues. Tom asks his guests how they would counsel a client experiencing these challenges. Nick expresses that this new age demands modern approaches: you can’t use the same approaches as 10 and 15 years ago. He suggests leading with value and reaching across departments to get the desired attention from management.

The Game of Influence

Gio comments that employees aren’t all reading the DOJ guidelines, nor are they all pondering how to change their organization’s compliance policies. Ronnie adds that the innovation needed to bridge this gap is influence - leaders need to understand how it impacts change within an organization. He recommends learning activities that are short, fun, and interesting. Nick says, “This is 100% a game of influence. We’re either trying to influence our peers, we’re trying to influence leadership to get more budget, and really our mandate is trying to influence the behavior within our organization.” He adds that there are two sides to influence: the objective and the human side. We need both to transform our teams and organizations.

Building a Speak Up Culture

Tom asks how an organization can build a ‘trust and speak up’ culture. Gio advises having a collaborative relationship with third-party vendors to be able to access information that may help to resolve employee issues. Ronnie comments that before creating any training program to tackle this or any issue, leaders should start with their objectives in mind. Think about the communication channels available and obstacles you may face, he remarks. “The goal is to influence the social environment,” he says, “and the best way to do that is to be interesting and short, and I think entertaining, because then you can put that in more places, and they're gonna like you.” Gio adds, “We as compliance leaders and ethics experts need to be the ones who lead beyond those strict requirements and say, ‘Well, this is what quality means. This is what is going to get us to engagement. This is the type of partner that's gonna help us figure out the thing that we don't know yet.’”

The Importance of Active Listening

Tom asks, “What skills does a compliance officer need beyond being able to read the law or to read a spreadsheet?” Ronnie stresses the importance of being an active listener. He uses an example from his time doing improv to illustrate his point. “The compliance department as a profession needs to be better at integrating and melding with other departments and also bringing those views into their organization,” Gio says. There needs to be more diversity within the organization in order for compliance to function more strategically.

Why We Work Together

L&E and ComplianceLine’s partnership is so fruitful because both companies have a similar ethos, according to Nick. They’re both trying to impact the workplace in the same way, Ronnie adds. He points out that the Gallo brothers love trying new approaches to create solutions, and that it brings a synergistic energy to the partnership that allows them to work well together.

Resources

Create a healthy cyberculture: Stop bullying at work

Gio Gallo at LinkedIn | Twitter

Nick Gallo at LinkedIn

Learnings & Entertainments: Website | LinkedIn

Ronnie Feldman at LinkedIn | Twitter

The Regulatory and Business Case for Documentation with Brett Manwaring

Tue, 24 Nov 2020 05:01:00 -0000

Tom Fox welcomes Brett Manwaring to this week’s Innovation In Compliance podcast. Brett is a Managing Director, Financial Crimes Risk Management at K2 Integrity. Prior to joining K2 Integrity 8 years ago, he served at KPMG and JP Morgan Chase. Brett and Tom talk about the importance of documentation, from both a regulatory and business perspective.

Innovation Can Happen Organically

It’s a common perception that banks are resistant to innovation, Tom comments. In response, Brett remarks that banks, like most people, are resistant to change and innovation is closely tied to change. However, if banks realized what they have and what they can control, innovation could happen organically. A key component is understanding your data, he points out. K2 Integrity can help businesses organize their data into a central repository, which any department can access and leverage.

Poised for Innovation but Unaware

“When it comes to innovation,” Tom asks, “do you see smaller or perhaps midsized companies more poised to engage in innovation?” Brett replies that smaller companies are indeed more poised, but they often don’t know it. The reason they can innovate quicker is that they have less customers, transactions, and data to control. Less data equals more opportunity to innovate quickly. He shares tips on how companies can innovate but still remain compliant with financial regulations. One strategy is to do a data lineage exercise, which Brett says can set up companies for a positive yearly review with regulators. “[Great] reporting creates great discussion, and that great discussion creates great decision points, and those decision points - if they’re implemented correctly - are the basis for your yearly review with regulators.”

The Case for Documentation

To every line of business, including new products and services, there should be a compliance officer attached. “Every decision has a downstream impact,” Brett reminds listeners. “The decision you make is going to impact somebody else.” As such, the compliance officer helps the company to anticipate and mitigate the associated risks. “That will eventually lead to a good review at the end of the year from your regulator because everything’s ticked and tied and you thought downstream,” he adds. We face additional changes and risks due to the pandemic, so companies should make sure that their reporting reflects those changes. “The three most important things in any compliance program are the following: document, document, document,” Tom quips. “You laid out the business case of why documentation could be such a powerful business tool and a part of your overall business plan going forward,” he commends Brett.

Resources

K2Integrity.com

K2 Integrity on Twitter | LinkedIn

Brett Manwaring on LinkedIn

Building Trust and Communication Through Internal Reporting with Tori Reichman

Tue, 17 Nov 2020 05:01:00 -0000

Tori Reichman is VP Commercial at Vault Platform, a leading B2B enterprise software company. Vault Platform enables employees to report incidents and also “provides a single source of truth to the company so that the company can receive, manage and resolve incidents and also identify and manage risk around the company’s ethical and cultural health.” Her company’s offering and how it enables both employer and employee, is the topic of Tori’s discussion with Tom Fox in this week’s episode of Innovation In Compliance.

Building Trust

“One of the reasons I came to join [Vault Platform] is because there's something in it both for the employees and the employer,” Tori remarks. “It's really about building trust and creating trust between those two components.” Vault Platform can be used by organizations in a variety of industries to report on a variety of incidents. Tom asks how it can help companies with continuous monitoring and improvement of their compliance programs. Tori explains that Vault Platform allows companies to have real-time visibility into incidents occurring across the organization via the dashboard. “From an investigation resolution perspective, we also have always had the board at the center of it,” she comments. “[We are always thinking about] what the board needs to know to be able to provide guidance, to get that true visibility so they can see what’s happening.”

The Rise of Employee Activism and Cyberbullying

One result of the #MeToo and Black Lives Matter movements is that companies are facing social pressure to act with integrity. Employee activism is on the rise around the world because workers want to speak out - they care about working with companies that take meaningful action on issues. Tom and Tori discuss the importance of creating a climate where employees feel psychologically safe to speak out about their experiences or what they witness. Tom introduces the important topic of diversity and inclusion. Tori says that she is pleased that the conversation today is more about equity and inclusion than about what makes us different. “It’s about how do we bring our different selves to work together to achieve the organization’s objectives or society’s objectives,” she points out.

Cyberbullying is unfortunately becoming more common in the pandemic. Tom and Tori discuss this phenomenon, and Tori shares insights why it is so. One reason is that when people are under stress they are more likely to turn a blind eye to misconduct: they are focused on taking care of themselves, Tori says.

Resources

VaultPlatform.com

Vault Platform on LinkedIn | Twitter

Tori Reichman on LinkedIn

tori@vaultplatform.com

Engineering the Future with AI with Simon Moss

Tue, 10 Nov 2020 08:01:00 -0000

Tom Fox welcomes Simon Moss to this week’s show. Simon - who describes his background as “eclectic”, having worked in and led many companies over his career, including IBM - is now the CEO of Ayasdi, one of the most innovative companies in the artificial intelligence space. Simon and Tom discuss the important work Ayasdi is doing for its clients.

The Data Problem

Tom asks why AI can’t seem to keep up with the volume of data that needs to be reviewed for AML, ABC and trade sanctions. Simon disagrees that it’s an issue of volume. The problem is diversity and distribution. He says, “The problem with data now is that it is so diverse, so distributed, and we’re still trying to deploy products of extraordinary innovation - including AI products - in the same ways as we did in the 1970s.” He laments that we try to homogenize data into a construct, which uses 80% of our data management resources. “We have institutionalized redundancy in data management, and it is getting worse because of the proliferation of data sources.” While this structure works for data at rest, it is unsuitable for unstructured data and data in use.

A Unique Approach

“We don’t use the data model approach,” Simon remarks. Ayasdi believes that a company is represented in its data, so they create a model that is unique to each client. “...it knocks 40 to 50% off the time to actually deploy innovation,” he says. He explains why machine learning cannot effectively predict or discover crime or compliance issues. “Hypothesis-based machine learning is brilliant for finding a needle in a haystack... The problem with compliance is you’re looking for a needle in a stack of needles.” Ayasdi’s approach, on the other hand, is to let the data tell the story. “The breakthrough that Ayasdi uses,” Simon says, “is what’s called unsupervised learning as part of a machine learning process. In other words, we are not going to give the software a hypothesis of what to look for. We simply say, ‘Go find interesting stuff.’ Let the data tell us the story.”

Innovating for the Future

Ayasdi is engineering the operational diligence and deployment needed for the future. It was technology that drove the blue collar transformation of the early 2000s, and it is technology that will drive the transformation of the white collar industry over the next decade. “We're engineering our technology to make sure that we can service a customer expectation in the future,” Simon says. Tom comments, “It strikes me that the insights that could be generated [go] really far beyond the anti money laundering and fraud and corruption.” Simon agrees. He shares three examples of how Ayasdi has helped their clients gain valuable insights and profit from them. “What we're doing is we're creating true Alpha. We're creating true opportunity and we're creating true transparency. When those decisions are made, you know that the decision that has been created has all the explainability, all the referential insight that's needed, all the appropriate data, so that when a regulator comes in and says, Why did you do this? It's all completely supported.”

The true challenge of innovation, Simon argues, is that a solution works at scale. “The challenge is, How do you optimize the operating model of an institution? And you do that by looking at the institution as a whole.”

Resources

Ayasdi.com

Simon Moss on LinkedIn

The Six Elements of an Effective Compliance Program: 5 – Oversight and Reporting and Response and Enhancements

Fri, 06 Nov 2020 06:04:00 -0000

Welcome to a special five-part podcast series, The Six Elements of an Effective Compliance Program. This podcast series is sponsored by StoneTurn. To celebrate Corporate Compliance and Ethics Week, we will consider each of the six elements required for an effective compliance program. They include: Risk Assessment, Governance and Structure, Policies Procedures and Controls, Training and Education, Oversight and Reporting, and Response and Enhancements. Over this five-part podcast series, I will be joined by Stephen Martin and Valerie Charles, Partners at StoneTurn and Toby Ralston and Jamen Tyler, Managing Directors at StoneTurn. In this fifth episode, I visit with Valerie Charles on the twin topics of Oversight and Reporting: The Board’s Role in Compliance and Having a Speak Up Culture and Response and Enhancements: Continually Improving Your Compliance Program. Highlights include:

Oversight and Reporting-the Board’s Role in Compliance and Having a Speak Up Culture

What is the relationship between whistleblowers/hotlines/internal reporting/Speak Up culture and Internal Investigations?
3Rd Parties are still the highest FCPA risk. How and why has Due Diligence become even more important in the era of Covid-19.
How should a CCO educate the Board on their role within the Compliance framework?
How does a Board walk that fine line between management and oversight?
What types of questions should a Board be asking a CCO?

Response and Enhancements- Continually Improving Your Compliance Program

What are some of the key elements of Third-Party Risk Management?
In the 2020 Update, the DOJ strongly emphasized not simply oversight but continuous monitoring and continuous improvement. How can a CCO think through continuous monitoring and then using that information to improve a compliance program?
What are some strategies for Continuous Monitoring?
The 2020 Update mandated greater use of data by a CCO. Yet even with data, why is the human element so critical in any data-based solution?
Root cause analysis is now a separate Hallmark of an Effective Compliance Program. How should a CCO use root cause analysis in response and enhancements?

Resources

For more information on StoneTurn, click here.

The Six Elements of an Effective Compliance Program: Part 4 – Training and Education: Effectively Getting your Compliance Messaging Out

Thu, 05 Nov 2020 06:04:00 -0000

Welcome to a special five-part podcast series, The Six Elements of an Effective Compliance Program. This podcast series is sponsored by StoneTurn. To celebrate Corporate Compliance and Ethics Week, we will consider each of the six elements required for an effective compliance program. They include: Risk Assessment, Governance and Structure, Policies Procedures and Controls, Training and Education, Oversight and Reporting, and Response and Enhancements. Over this five-part podcast series, I will be joined by Stephen Martin and Valerie Charles, Partners at StoneTurn and Toby Ralston and Jamen Tyler, Managing Directors at StoneTurn. In this fourth episode, I visit with Jamen Tyler on effectively getting your compliance messaging out. Highlights include:

· In the Work From Home era how can you determine the effectiveness of your compliance training and communications?

· In the 2020 Update, the DOJ for the first time discussed short training and communications, focusing on one issue messaging. What are some of the trends you are seeing in such micro-learning? What about other types of training?

· In terms of compliance training frequency and cadence, what are you seeing as current best practices?

· What are the advantages of compliance ambassadors across a multi-national organization? Can they be outside the compliance dept?

Resources

For more information on StoneTurn, click here.

The Six Elements of an Effective Compliance Program: Part 3 – Policies, Procedures and Controls: the Backbone of Your Compliance Program

Wed, 04 Nov 2020 06:04:00 -0000

Welcome to a special five-part podcast series, The Six Elements of an Effective Compliance Program. This podcast series is sponsored by StoneTurn. To celebrate Corporate Compliance and Ethics Week, we will consider each of the six elements required for an effective compliance program. They include: Risk Assessment, Governance and Structure, Policies Procedures and Controls, Training and Education, Oversight and Reporting, and Response and Enhancements. Over this five-part podcast series, I will be joined by Stephen Martin and Valerie Charles, Partners at StoneTurn and Toby Ralston and Jamen Tyler, Managing Directors at StoneTurn. In this third episode, I visit with Toby Ralston on why policies, procedures and internal controls are the backbone of your compliance program. Highlights include:

Why is the Code of Conduct foundational?
Is one of the key functions of compliance policies to provide a deeper level of guidance?
What audience should a Code of Conduct, policies and procedures be written towards? Should they be translated into local languages? Should you have employees attest to reading them or use some other model to demonstrate effectiveness?
Why should Internal Controls for compliance be tied to your risk assessment? How do you do so?
Internal controls are often seen as financial controls. Can you discuss some instances of non-financial controls and their importance?

Resources

For more information on StoneTurn, click here.

Coordinated ESG with Andrea Bonime-Blanc

Tue, 03 Nov 2020 08:01:00 -0000

Tom Fox welcomes Andrea Bonime-Blanc to this week’s show. Andrea is the author of Gloom to Boom: How Leaders Transform Risk into Resilience and Value, and a foremost name in compliance. She recently joined the Board of Advisors of Crisp. Andrea and Tom talk about her new role, and the increasing importance of ESG.

Risk Intelligence as a Service

Andrea explains that Crisp provides risk intelligence as a service: their “series of algorithms search the open Internet and the dark web and a variety of other sources for potential risks affecting their clients,” she says. “It’s basically a way of giving an early warning system to the client on risks that may affect the brand.” She adds that having a transversal approach towards emerging risk is vital.

Compliance Should Be On Every Board

Tom comments that Andrea has written extensively about the need to have compliance professionals in the boardroom. She responds that it’s even more critical today: “Risks are an everyday occurrence, and we have a convergence of big strategic risks this year like we've never seen before…” A compliance professional brings a unique perspective regarding risk, regulatory and compliance issues that helps to create a holistic long term strategy for an organization, especially in today’s complex, interconnected world.

The Importance of Inclusion

Andrea and Tom discuss why inclusion may be even more important than diversity. “I think people are starting to realize there's some root causes here that need to change,” Andrea remarks. “And they're realizing that these are things that need to happen within their organizations in order to not just make their organizations reflect society more than they have, but to actually create competitive advantage. And that's really the bright side of this whole thing is, you're not just doing it to be a good citizen, you're doing it because it's good business as well.”

Moving Towards Coordinated ESG

Environmental, social, governance and technology issues are non-financial but can have a major financial and reputational impact on any organization, Andrea comments. As such, they need to be handled strategically to bring the most benefit to the company. The good news is that if you manage these issues well, you create better products and services. “Value is always the other side of the coin of risk,” Andrea comments.

Resources

GEC Risk Advisory

CrispThinking.com

Gloom to Boom: How Leaders Transform Risk into Resilience and Value

The Six Elements of an Effective Compliance Program: Part 2 – Governance and Structure: Ensuring a Strong and Functional Compliance Program

Tue, 03 Nov 2020 06:04:00 -0000

Welcome to a special five-part podcast series, The Six Elements of an Effective Compliance Program. This podcast series is sponsored by StoneTurn. To celebrate Corporate Compliance and Ethics Week, we will consider each of the six elements required for an effective compliance program. They include: Risk Assessment, Governance and Structure, Policies Procedures and Controls, Training and Education, Oversight and Reporting, and Response and Enhancements. Over this five-part podcast series, I will be joined by Stephen Martin and Valerie Charles, Partners at StoneTurn and Toby Ralston and Jamen Tyler, Managing Directors at StoneTurn. In this second episode, I visit with Stephen Martin on compliance program governance and structure. Highlights include:

· A CCO must have access and expertise. Who should a CCO have access to and what should be a CCO’s level of expertise?

· A compliance function must be adequately resourced programs – what does this mean in practice? How much budget should your compliance program have? What should be your compliance function head count? What about those outside the compliance function that assist compliance?

· Why should a Board have compliance expertise? What does the Department of Justice’s 2020 Update to the Evaluation of Corporate Compliance say about compliance expertise on the Board?

· Why should there be a Compliance Committee, separate and apart from the Audit Committee?

· Why should the Compliance Committee on the Board have a Charter?

Resources

The Six Elements of an Effective Compliance Program: Part 1 - Risk Assessments: Understanding and Managing Key Compliance Risks

Mon, 02 Nov 2020 06:04:00 -0000

Welcome to a special five-part podcast series, The Six Elements of an Effective Compliance Program. This podcast series is sponsored by StoneTurn. To celebrate Corporate Compliance and Ethics Week, we will consider each of the six elements required for an effective compliance program. They include: Risk Assessment, Governance and Structure, Policies Procedures and Controls, Training and Education, Oversight and Reporting, and Response and Enhancements. Over this five-part podcast series, I will be joined by Stephen Martin and Valerie Charles, Partners and StoneTurn and Toby Ralston and Jamen Tyler, Managing Directors at StoneTurn.

In this first episode, I visit with Stephen Martin on Risk Assessments. Highlights include:

Properly seen, an effective compliance program is an ongoing ecosystem. Why is an effective compliance program dynamic, requiring an ongoing, multi-disciplinary approach?
Businesses have traditionally had an historical bias toward financial and operational risk. Why have about legal and regulatory and reputational risks become so much more important in the era of Covid-19 and social justice movements around Black Lives Matter and Diversity and Inclusion? Why must these risks be assessed?
The Department of Justice mandated in its 2020 Update to the Evaluation of Corporate Compliance Programs that risk assessments be performed on a much more ongoing basis, such as when risks change. What does this mean in practice?
The Department of Justice said in its 2020 Update that compliance must break down silos and functional impediments to an effective compliance program. Why do you see this as so critical?
The 2020 Update mandated greater information from a compliance program be used to improve it. How do you leverage code and policy questions received into enhancements to an overall Enterprise Risk Management process?

Resources

For more information on StoneTurn, click here.

Engineering Transformation with EJ Marin

Tue, 27 Oct 2020 04:01:00 -0000

EJ Marin is the Director of Solutions Engineering at Nakisa. His role is to see customer challenges from different angles, identify patterns, and engineer solutions for the HR function for HR professionals. He chats with Tom Fox about the changing face of HR in this week’s show.

Organizational Design and Transformation

Tom asks EJ to define organizational design. EJ shares the traditional definition of organizational design, and contrasts this with his take on what it means. “Right now,” he remarks, “organizational design is more about agility [and] resilience, due to COVID and everything that’s happening… Now it’s all about adapting to the next normal: not to the new normal, but to the next things that are coming… It’s all about analyzing the organization and making sure that at the end of the day you’re adapting to the situation as fast as possible.”

Skills and capabilities that were optional before COVID, EJ points out, are essential to a company’s survival today. “Transformation needs to become a routine,” he argues. “You need to create these capabilities in your organization so you can easily reply, respond and adapt to the new challenges that we have in the marketplace today.” Tom asks if traditional HR departments are set up for that kind of adaptation. They have to adapt quickly, he responds. Their survival depends on being agile.

EJ outlines the steps of organizational design. They include assessing the organization, creating objectives, collaboration and making changes to the core HR systems. Nakisa helps to streamline the entire process using technology. EJ also explains the importance of HR data quality. “HR data is alive… [but] it’s very easy to get out of sync,” he tells Tom.

Diversity and Inclusion

Diversity and inclusion is a business asset. Companies that achieve it do better financially and in other areas. EJ shares three steps to help businesses go through a major transformation, such as a merger and acquisition, and keep this valuable asset.

Resources

Nakisa.com

EJ.Marin@nakisa.com

Empowering Adversary Intelligence with Luke Wilson

Tue, 20 Oct 2020 04:01:00 -0000

Tom Fox welcomes Luke Wilson to the Innovation In Compliance show. Luke is the Vice President of Intelligence at 4iQ. He has extensive experience in cyber threat analysis and counter-terrorism, having worked with the federal government for many years. Luke and Tom chat about trending cybersecurity issues in this week’s show.

The Adversary Intelligence Company

Tom asks Luke why 4iQ calls itself The Adversary Intelligence Company. Luke responds that their mission at 4iQ is to help their clients defend themselves against bad actors. “We're here to help you defend yourself from adversaries,” he says. “...We want to help you gather intelligence on those individuals so you can understand their TTPs [tactics, techniques, and procedures], what they're after, and how to prevent that from happening in the future as well.” He points out that good cybersecurity involves understanding your third-party service providers, including who is supplying data and infrastructure to them.

COVID’s Impact on Cybersecurity

“The impact of the coronavirus health crisis has been that it has accelerated, sometimes exponentially, trends that were already in play,” Tom comments. Luke explains how the pandemic has impacted the cybersecurity space. “It’s the perfect scenario for cybercrime and for cybercriminals to ramp up their attacks,” he remarks. Employees used protected networks at the office, but now that they’re working from home, that basic protection is not available. As a result, there has been an uptick in cybercrime, including ransomware phishing. Luke expects these trends to continue in 2021 and beyond: “I see a continuation of the threats that are out there now. A lot of what's going on is just a repackaging of what's been happening for a while now in the cyber threat landscape… I think we're going to see this going for a very long time until COVID-19 is not the main topic around the world.”

Luke and Tom discuss the measures the government may take to deal with financial crime. “Whenever you have a massive event like this [COVID-19 federal loans], you can expect that there will be some fraud going on,” Luke says. “But I probably would assess that they'll put a little bit more stringent criteria on there after what they've seen happening now with some of these loans.”

Resources

4iQ.com

4iQ on LinkedIn

COVID-19 Threat Report

Enabling Product Development Success with Josh Turpen

Tue, 13 Oct 2020 04:01:00 -0000

Josh Turpen is the Chief Product Officer of Jama Software. He says that early in his career he came to understand the importance of good requirements and testing, and the ability to tie it all together. Their Jama Connect solution, he argues, is “the premier requirements management test and risk tool… as it brings together requirements, test and risk in a way that our customers can have good traceability and good verification.” He and Tom Fox chat about the importance of being an enabler, as well as product development lifecycle management in this week’s show.

A Larger View on Risk

Josh says that Jama’s experience in diverse industries gives them a broader view of risk. With this wide expertise they are able to help their clients see how product requirements and tests tie back to risk, and how requirements, risk and tests change with product alterations. Tom comments that changing external risk - such as the present pandemic - calls for new risk assessments. Josh agrees. “Overall,” Josh says, “re-evaluating risk with external events in mind is a good practice. And you've gotta have a system that enables that.” He and Tom discuss document-based solutions versus item-based, and why he believes item-based solutions are better.

Managing Product Development

It’s important for engineers to know what they’re building and why, Josh says. He argues that it helps them make better decisions. That buy-in is a critical component of success: “One of the key enablers of success is that holistic picture that… everybody is bought in on and understand,” he says. You need to hire good people and be an enabler, he adds. “It’s not what you do. It’s what you can help your team do.” Tom asks him to define product development lifecycle management. Josh explains that it’s seeing the scope of the product development from end to end.

Resources

JamaSoftware.com

Josh Turpen on LinkedIn

How IsoMetrix is Disrupting Compliance with John Castner

Tue, 06 Oct 2020 04:01:00 -0000

John Castner says he had a ‘Sliding Doors’ moment, which led him to leave his teaching career to move into the software industry. John is the President and CEO of IsoMetrix, a risk and compliance management software company. Via their software, John says, “We focus on three things: change for good, partnerships that empower, and the possibility of a better world.” John joins Tom Fox on this week’s show to share how his company is disrupting the risk and compliance industry.

Moving Towards True Risk Management

Tom asks John to explain the difference between simply compliance and true risk management. John responds that risk management at its heart is really about understanding people and how we make decisions. People make decisions based on risk, not compliance, he argues. As such, companies should create a culture where people think about their decisions and the risks associated with the choices they make. “What I think risk management does versus compliance,” John comments, “is it forces another level of thinking, of assessing and then acting accordingly.” A risk-based decision-making approach gives people more ownership and accountability for their actions.

Disrupting Integrated Risk Management

John offers three ways IsoMetrix is disrupting the risk and compliance industry. Firstly, they believe in the interconnectedness of all parts of the business. Their software architecture breaks down the silos seen in traditional organizations and uses “golden threads” that show how each data point relates to every area of the business. Secondly, IsoMetrix posits that a company’s social capital greatly influences its sustainability and risk management. Lastly, John says, they are different because they embrace change and challenges.

Sustainability Post-COVID

Tom and John discuss the concept of sustainable business in the post-COVID world. John believes that the understanding of sustainability is shifting. “I think what COVID is going to do is make that word sustainability more holistic, almost like a circular concept... And I think that's going to include a lot of the decisions about the interconnectedness of all the various aspects of your business,” he points out. If you don’t focus on Environmental, Social and Governance (ESG) and sustainability, your business is at risk.

Resources

IsoMetrix.com

IsoMetrix on LinkedIn | Twitter

John Castner on LinkedIn

#NotMe - Leveraging Your Employees for More Effective Compliance with Andy Hinton and Ariel Weindling

Tue, 29 Sep 2020 04:01:00 -0000

Andy Hinton joined #NotMe as an advisor. He says that the move is “just a continuation of the mission that I had at Google and GE, which is to leverage the employee population to help organizations do better when it comes to risk detection, risk monitoring, and ultimately, risk management.” Ariel Weindling is the founder of #NotMe. His motivation was to try to solve the problem of misconduct, which he felt was being tackled very inefficiently. He says that he wanted his daughter to have a tool she could use to be safe in the workplace, so she would not be a victim or a witness of misconduct. Both men join Tom Fox on this week’s show for an interesting look at the #NotMe tool and how it helps organizations keep employees safe.

An Employee First Approach

Andy says that #NotMe has the right approach by putting employees first. He comments that it is “a tectonic shift” as other services are focused on the organization’s needs rather than serving and supporting employees. The goal of #NotMe is to change workplace culture and to make workplaces safe for everyone. Tom asks how they can implement that goal. Ariel responds, “We believe that safety is key in the workplace. Whether we are speaking about psychological safety or physical safety, they are key to an organization. They're key to an employee because employees are not gonna do good work if they are not safe. Safety benefits all stakeholders of the company.” He goes on to explain that misconduct is really about an abuse of power, and shares the two ways #NotMe addresses this issue. “[We want] companies to stop looking at an employee report as a liability, but rather as an opportunity to listen, to discuss, to communicate, and to course-correct.”

A Robust Reporting System Enhances Profitability

Tom cites research that companies with a robust reporting system tend to be more profitable. Andy agrees and adds, “The ability to energize and engage employees to do a better job around risk identification, risk reporting, and risk management is truly a potentially tremendous asset for an organization… When it’s appropriately leveraged, it does make the organization better… [in] profitability and revenue generation.” Ariel describes the features of the #NotMe app as well as the dashboard. The difference between #NotMe and other tools, he says, is that #NotMe belongs to the employee so it preserves and maintains their anonymity throughout. Andy points out that using an independent tool like #NotMe is essentially leveraging your employee population to help you manage risk.”

Prevention Starts with Reporting

Preventing workplace misconduct starts with reporting. Tom comments that #NotMe can provide continuous information that would help an organization continuously improve its compliance program. Andy adds, “#NotMe is an easy way to do that. By deploying it, promoting it you express to your employees that you are taking these issues seriously, and you're doing fundamental concrete things to address them.”

Resources

Not-Me.com

Ariel@not-me.com

Andy Hinton on LinkedIn

Measuring the Effectiveness of Training with Simon Greany

Tue, 22 Sep 2020 04:01:00 -0000

Tom Fox chats with Simon Greany, co-founder and Chief Learning Officer of Elucidat, in this week’s show. They discuss how technology can support communication and personalized learning, and how companies can scale online training beyond Zoom.

Technology Can Support Communication and Training

Technology can support communication and training through engaging, immersive online learning experiences, Simon says. He and his partners built Elucidat to make online learning scalable. Thus far, they’ve supported 17 million learners. Tom asks how the pandemic has impacted e-learning. Simon describes three ways COVID-19 has changed the industry:

There’s a shift away from face-to-face training;
Organizations respond to change more quickly;
More data is being delivered.

He describes how Elucidat is supporting organizations to make the shift from in-person to online training.

Personalizing Training

“We all consume training differently,” says Tom. He asks how Elucidat approaches the differences in how people learn. Simon responds, “A philosophy that we have underpinned our product by is people-centered learning. We have a philosophy around six pillars: respecting time is one of those, and being personal is another. That’s really about respecting the audience, taking time to understand their individual needs, context and perspectives, and designing learning experiences that take those into account and adapting to them… [Using] multiple ways to invite someone in and support them in a way that’s comfortable and contextually right for them, but also in the format that works for them as well.” He describes how Elucidat supports personalization by enabling organizations to crowdsource their expertise. “If you’re going to use someone’s time wisely,” he argues, “you just need to give them what is relevant to them, not everything… What the technology does is to support core messages so that you can adapt, but not replicate everything all of the time.”

Scaling Beyond Zoom

Tom asks Simon how training can scale beyond the limitations of Zoom. “What we see is that the sustainable, longer term strategy here… is to build digital online training experiences that can... be designed and iterated to really have that effect [the same effect as Zoom], but... can be rolled out in a consistent way,” Simon replies. “It’s a way of working that can actually be not only scaled, but lead to a higher quality over time, by pinpointing through data and analysis what’s working out there, and if it’s having the desired effect on the organization and its record keeping.”

Resources

Elucidat.com

Simon Greany on LinkedIn

For the Elucidat free Compliance Resource Guide, click here.

Exiger on the Evolution in Supplier Compliance in COVID – Third-Party Party Risk Management Solutions with Erika Peters and Skyler Chi

Fri, 18 Sep 2020 05:08:00 -0000

Welcome to the fifth and final episode of a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s largest banks, Fortune 1000 companies and government agencies and regulators. Over the past five episodes, we have put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider the Federal Government and Supply Chains with Carrie Wibben and Vishnu Anatatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.

Today, Part 5, we conclude with a review of third-party risk management solutions with Erika Peters and Skyler Chi. Peters is an Associate Managing Director based in Exiger’s New York office, where she focuses on the firm’s financial crime compliance and assurance practices. Chi is an Associate Director based in Exiger’s New York office. With nearly ten years of forensic accounting and investigative experience he leverages world-class technology (e.g., SQL, Python, Tableau, natural language processing and machine learning) in order to aid in financial investigations and government clients in bank/investment statement reviews and analyses, data analysis efforts, large document analyses, and extensive e-mail reviews.

For more information on Exiger, click here.

For more information on Erika Peters, click here.

Exiger on the Evolution in Supplier Compliance in COVID – Pillars of Good Compliance with Brandon Daniels and Carrie Wibben

Thu, 17 Sep 2020 05:08:00 -0000

Welcome to a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s largest banks, Fortune 1000 companies and government agencies and regulators. Over the course of the series, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider the Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.

In Part 4, we consider the pillars of good compliance with Brandon Daniels and Carrie Wibben. Wibben is a Senior Vice President, National Security & Intelligence, based in Exiger’s McLean office. As the former Deputy Director of the Defense Counterintelligence and Security Agency (DCSA), Carrie joins Exiger following a distinguished career in homeland defense spanning various government agencies – including the US Department of Defense, the Executive Office of the President, and the Special Security Directorate. Brandon Daniels is the President of Global Markets. A regulatory expert and technology practitioner, Brandon brings more than 15 years in senior management across the financial services, life sciences and energy sectors. He has a reputation for technological innovation in regulatory investigations and compliance management.

Join us tomorrow where we conclude our five-part series by looking at some of the new challenges and new solutions for third party risk management and investigations.

For more information on Exiger, click here.

For more information on Brandon Daniels, click here.

For more information on Carrie Wibben, click here.

Exiger on the Evolution in Supplier Compliance in COVID – Spotlight on Spotlight on Federal Government and Supply Chains with Carrie Wibben and Anantatmula

Wed, 16 Sep 2020 05:08:00 -0000

Welcome to a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world's largest banks, Fortune 1000 companies and government agencies and regulators. During this series, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider the Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.

In Part 3, we put a spotlight on Federal Government and Supply Chains. In this exploration I am joined by Carrie Wibben and Vishnu Anantatmula. Wibben is a Senior Vice President, National Security & Intelligence, based in Exiger’s McLean office. As the former Deputy Director of the Defense Counterintelligence and Security Agency (DCSA), Carrie joins Exiger following a distinguished career in homeland defense spanning various government agencies – including the US Department of Defense, the Executive Office of the President, and the Special Security Directorate. Anantatmula is a Senior Account Manager in Exiger Federal Solutions based in the company’s Tysons Corner office. His team is focused on OSD Acquisition and Sustainment, delivering critical time-sensitive assessments to Senior DoD Executives that facilitate informed decisions on large investments in the Pharmaceutical Industry and provide heavily researched solutions for illuminating technology products, programs, and sectors.

Join us tomorrow where we review the pillars of good compliance.

For more information on Exiger, click here.

For more information on Exiger’s government services, click here.

For more information on Carrie Wibben, click here.

Exiger on the Evolution in Supplier Compliance in COVID – Spotlight on Corporations with Aaron Narva and George ‘Ren’ McEachern

Tue, 15 Sep 2020 05:08:00 -0000

Welcome to a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s largest banks, Fortune 1000 companies and government agencies and regulators. Over this series, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.

In this Part 2, we put a spotlight on corporations and their challenges in managing third parties and with Supply Chain risk management. In this exploration I am joined by George ‘Ren’ McEachern, a Managing Director based in Exiger’s Silver Spring (DC Metro) office where he focuses on leading anti-bribery investigations and assisting multinational corporations and financial institutions with regulatory risk management. Also joining me in this episode is Aaron Narva, Head of Corporate Markets, based in Exiger’s New York office. He leads the development and delivery of Exiger's purpose-built AI-powered solutions for anti-bribery and corruption compliance. While at Exiger, Aaron has conducted in-depth testing and review of complex financial institution compliance and anti-money laundering (AML) programs both in the US and abroad. His experience includes detailed assessment of transactions, customer due diligence, and policies and procedures. He also helped to design and develop Exiger Diligence, the investigative due diligence arm of Exiger.

Join us tomorrow where we consider areas some of the challenges the Federal Government has on Supply Chain risk management.

For more information on Exiger, click here.

For more information on George ‘Ren’ McEachern, click here.

For more information on Aaron Narva, click here.

Helping Solve the Data Problem with David McLaughlin

Tue, 15 Sep 2020 04:01:00 -0000

David McLaughlin, founder and CEO of QuantaVerse, joins Tom Fox on this week’s show to discuss his company’s new risk management tool, Country Code Derivation. He explains that this capability was actually a part of their platform for some time, but they saw the need to offer it as a separate tool. “We found that there is a really specific and unique need for understanding the country code of transacting parties,” he says.

Identifying Risky Transactions

Tom and David discuss how Country Code Derivation assists organizations, including financial institutions, identify potentially risky transactions. David explains that this tool is a “multimodal, layered approach of sifting through different capabilities to accurately identify where somebody's jurisdiction is.” Determining jurisdiction of a transaction is a core part of understanding risk, David points out. The advantages of using technology versus a manual process are obvious: technology is more accurate and efficient, can validate malformed data, and saves time and money. Tom asks if regular organizations can use this tool. David responds that it’s valuable for an organization that needs to determine the location of a party, be it vendors or customers.

Compliance Officers Can Use It Too

Tom comments that Country Code Derivation can give compliance professionals access to data they may not have had access to before. David agrees. “It can provide compliance professionals with data that they need,” he says. “It can do it in a way that validates the accuracy of it. It can update it in a way that is automatic and systematic and regular.” Both men conclude that this tool is more important today - in the time of coronavirus - than it ever was. Many organizations have a data backlog because of the pandemic; Country Code Derivation helps to eliminate that backlog in quick time.

Resources

QuantaVerse.net

QuantaVerse on LinkedIn

David McLaughlin on LinkedIn

Exiger on the Evolution in Supplier Compliance in COVID – Spotlight on Financial Institutions with Tara Loftus and Samar Pratt

Mon, 14 Sep 2020 05:09:00 -0000

Welcome to a special five-part podcast series on the topic of Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID, sponsored by Exiger. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s Largest Banks, Fortune 1000 companies and government agencies & regulators. Over the next five episodes, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George Ren McEachern; consider Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.

In this Part 1, we put a spotlight in financial institutions. In this exploration I am joined by Tara Loftus, a Managing Director, who is a part of the Financial Crime Compliance Advisory practice focusing on anti-money laundering (AML) and anti-bribery & corruption (ABC) and Samar Pratt Managing Director who is also in the firm’s Financial Crime Compliance Advisory practice, specializing in audit and assurance.

Join us tomorrow where we consider areas where corporations have challenges on third parties and Supply Chain risk.

For more information on Exiger, click here.

For more information on Samar Pratt, click here.

For more information on Tara Loftus, click here.

The ROI of Business Ethics with Yonason Goldson

Tue, 08 Sep 2020 04:01:00 -0000

This week’s special guest is Yonason Goldson, expert in ethical leadership, TEDx speaker, and consultant. He joins Tom Fox to discuss why ethics matters, as well as five important lessons the COVID-19 pandemic is teaching us.

Trust - the Key to Business Success

Yonason shares a story that illustrates how one moment of disrespect can destroy trust between an employer and an employee. He explains, “When you create a culture of trust, that generates loyalty, it generates passion, it generates productivity... The employees are engaged and want to give their all... And so they're looking for opportunities to prove themselves by doing the best they can. And you have a company culture that thrives, it's vibrant, it’s exciting. People want to come to work, and success is a foregone conclusion.” How Alcoa’s market value increased by 900% because of Paul O'Neill’s ethical leadership is a testament to the value of building a culture of trust, he says. He then talks about the huge cost of worker disengagement and points out that “Companies that are ranked highest for ethics, they grow faster than average, employees report being more satisfied, being more energized, being more loyal, recommending this job to friends and family.”

Listening Is a Key Leadership Skill

Tom comments that the ability to listen is the second most important step in fostering a speak-up culture. Yonason says that listening is how we get to know other people, and the more we know other people, the more we know ourselves. “The more discussion there is looking from every possible angle, the more likely it is that the conclusions and the decisions that we reach are going to be the best possible conclusions and decisions that we can reach,” he remarks.

Lessons from Coronavirus

Tom asks Yonason to share the practical lessons about ethics that we can learn from the pandemic. Yonason summarizes them as:

Everything you do matters: the essence of ethics is to be aware of how your actions affect the world around you.
Protect your ethical health: behavior is infectious.
What you don’t see can hurt you.
We need each other.
Don’t wait for the next epidemic.

Secrets of Ethical Affluence

You can become ethically affluent by minding the CoDE of ethics. Yonason explains that this acronym stands for Communication, Diversity, and Ethics. He details why each aspect is important. Of diversity he says, “Diversity is not just cultural or ethnic diversity, it’s intellectual diversity. It’s having people coming from different points of view… and different experiences… That intellectual diversity stimulates thought and new ideas…”

Resources

YonasonGoldson.com

Yonason Goldson on LinkedIn

The ROI of Ethics

The Ethics of Epidemic

TEDx Talk: How I Became My Own Worst Nightmare

Ebook: The Secrets of Ethical Affluence

In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future - Part 5: GRC Then and Now

Fri, 04 Sep 2020 05:07:00 -0000

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I have visited with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over this week, we have reviewed the current Governance, Risk, and Compliance (GRC) landscape, looked at GRC at work, considered GRC and the investment community, reviewed GRC and K2 Intelligence FIN and today, in Part 5, we conclude with a look at GRC then and now.

I found most interestingly that Jeremy Kroll believes one of the key mainstays of GRC is something that many compliance professionals are only now coming to realize, which is that proactive compliance is more effective and more cost effective than reactive compliance. With the addition of technology, it is possible to do things not only more quickly and more efficiently but in a much more cost-effective manner. Jeremy Kroll noted, “What we’re seeing is the velocity of data available, the increasingly important role of technology, coupled with a multi-disciplined approach within organizations to create governance, frameworks, risk management techniques and abilities, and compliance programs that are even more essential now.”

Moving forward, compliance and ethics as well as GRC professionals, who are living and breathing the mission every day, are more fully operationalized down to the front lines. It is these risk management professionals who will be the ones first identifying the risk and risk management strategy. As Jeremy Kroll noted, “This will help you to flatten the curve and that risk particularly to your reputation or your business. I would say, come on over the water’s warm here, we’re growing very quickly. And I think as a proof point, the investment community is showing up every day at our doorstep. And they’re also thankfully investing in a lot of other businesses in our field and technology, RegTech, CompliTech, also professional services and advisory.”

We ended by agreeing that GRC is going to be one of the most exciting areas, including the outsourcing of compliance, which also includes training and education. Here Jeremy Kroll said, “we are taking people who are already in their forties, fifties, or even sixties, and we’re retraining them. And so, pivoting and making a career change and growing in this field, this is a growth field and we want that wisdom. We want that judgment. We want that business or life experience. And you can couple that with young employees and technology enablement, and then you can add tremendous value to clients.” It really does not get much better than that.

Check out the LinkedIn page for K2 Intelligence FIN here.

Check out the K2 Intelligence FIN website here.

In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future - Part 4: GRC and K2 FIN

Thu, 03 Sep 2020 19:42:00 -0000

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week am visiting with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over the week, we have reviewed the current Governance, Risk, and Compliance (GRC) landscape, looked at GRC at work, considered GRC and the investment community. In Part 4, we consider GRC and K2 Intelligence FIN and will conclude tomorrow with a look at GRC then and now.

Jeremy Kroll counseled that you must “start with an investigative mindset and understanding what the core risks are. Where is that inflection point? Sometimes you might find out a little bit late, but so long as you are quick to react and pivot, you can change the calculus. That means you have to be ready with enough resources internally. You need to make sure that you have a couple of key crisis response or organizations on speed dial because you can’t do everything yourself and your team is usually focused on doing business as usual.” He ended with “how do you be prepared and be in a position to make sure it is a normalized environment when you are dealing with a significant risk to your organization?”

Jeremy Kroll went on to note that it begins with asking some interesting questions such as (1) Do you have the internal resources to address this? (2) Do you need to look externally for support? Looking down the road (in an Einsteinian sort of way); (3) Can you see around the corner? And perhaps most importantly, (4) Do you know what trends or crises may impact you in 6 months, a year from now or 5 years from now?

Jeremy Kroll cautioned that complacency is the foe of preparedness. As he said, “I think the minute someone gets sort of comfortable and says, oh, we got this or we’ve gained this whole thing out. We figured it all out. That’s the beginning of the end.” To prevent this a business executive, senior management and the Board of Directors have to be great listeners and ask questions, such as what’s the next issue that’s going to become a trend? and what should I be looking out for in my business and also the businesses of my clients?

K2 Intelligence FIN has many services which act in concert and parallel. In the area of third-party risk management, it begins with enhanced due diligence platforms. K2 FIN is often called in by companies to conduct third party vetting; reverse or self-due diligence, typically in the case of preparing for a sale; social media due diligence – a proprietary platform we actually developed that helps analyze large volumes of associated content to show a bigger picture. This demonstrates that due diligence is not something you do once and walk away from – it’s something that should be conducted on an ongoing basis to make sure you have the lay of the land, you understand the risk environment, you know what has changed and evolved. This is particularly important in GRC frameworks.

Next is Portfolio Risk Management, where K2 FIN works closely with clients to develop a risk assessment methodology based on a systematic approach to risk which applies objective assessment criteria consistent with regulatory guidance and global standards. The methodology will utilize both qualitative data and key quantitative metrics to embed a given entity’s risk appetite into investment decisions and ongoing business operations and provide appropriate risk assessment and management of both portfolio and target investments. Adopting a consistent risk scoring methodology across risk areas will allow for more clear comparisons of risk across domains and investment targets and enable more effective ongoing risk monitoring, reporting, and mitigation.

Please join us for our final episode of this podcast series where we examine GRC: then and now.

Check out the LinkedIn page for K2 Intelligence FIN here.

Check out the K2 Intelligence FIN website here.

In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future - Part 3: GRC and the Investment Community

Wed, 02 Sep 2020 05:01:00 -0000

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I visit with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over this week, we are reviewing the current Governance, Risk, and Compliance (GRC) landscape, GRC at work, GRC and the investment community, GRC and K2 Intelligence FIN and will conclude with a look at GRC then and now. In Part 3, we consider GRC and the investment community.

It turns out that the investment community should be one of the biggest users of GRC platforms and technologies, particularly when we examine recent events around risk exposure in anti-money laundering (AML) and other illicit activity. Private equity is built to grow businesses and GRC is a key component as a solutions system. One regulatory area that Jeremy Kroll pointed to was AML, “AML was something you might hear about because of narco-traffickers and that some of the big money center banks were in trouble because they were banking drug dealers. After September 11th, everything changed. There was a wellspring of professionals entering the field, either they entered it because they wanted to serve in government or they wanted to pivot in their careers and go from being an auditor, a lawyer, an in-house risk manager into this whole area of fighting terrorism, through tracking, tracing, and reducing the threat of illicit finance. It only picked up steam and in part because of the whole financial collapse and crisis in 2008. Even beyond that, I think what happened was that the regulatory and enforcement bodies both in the United States and Europe have really committed to cracking down because there is money laundering going on.”

All of this has led Jeremy Kroll to conclude that investment firms are looking to invest in companies that can help mitigate these risks more than ever in a post-COVID 19 environment and that an increased innovation and growing number of solutions emerging. Please join us tomorrow where we look at GRC and K2 Intelligence FIN.

Check out the LinkedIn page for K2 Intelligence FIN here.

Check out the K2 Intelligence FIN website here.

In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future - Part 2: GRC at Work

Tue, 01 Sep 2020 05:01:00 -0000

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I visit with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over the week, we will review the current Governance, Risk, and Compliance (GRC) landscape, look at GRC at work, consider GRC and the investment community, review GRC and K2 Intelligence FIN and conclude with a look at GRC then and now. In Part 2, we consider some examples of GRC at work.

From the Foreign Corrupt Practices Act (FCPA) world, there is Siemens, which sustained a $1.6bn fine from both US regulators and German regulators for its institutional corruption. The case still remains a landmark settlement and clear failure of a GRC framework. While the company had the rules, policies, and procedures written down, their GRC controls ultimately failed because of a lack of adequate leadership and a culture that enabled corrupt behavior. Following the enforcement action, it became clear they had to reinforce their compliance controls and corporate governance framework.

We ended with some of the biggest takeaways. First, mitigate risk on an ongoing basis. Next, be proactive, not reactive. Finally, it is all about culture. Please join us as we explore this and other GRC-related issues over this podcast series. Tomorrow we examine GRC and the investment community.

Check out the LinkedIn page for K2 Intelligence FIN here.

Check out the K2 Intelligence FIN website here.

Caring for Compliance Professionals’ Well-Being with Lisa Beth Lentini Walker

Tue, 01 Sep 2020 04:01:00 -0000

Lisa Beth Lentini Walker says that there was something missing in the compliance and ethics space. Very often, compliance officers find it an isolating profession. She and her partner founded MentorCore as an avenue to improve the well-being of compliance professionals, and to provide the guidance and support they wished they had at the start of their careers. Lisa Beth chats with Tom Fox about the services MentorCore provides.

Four Pillars

“We can come together and make sure that the profession is more sustainable, welcoming, accessible, and inclusive, and because of this MentorCore was born,” Lisa Beth says. She explains that MentorCore is founded on the four pillars of mentoring, learning, community and development.

Reducing the Network Gap

LinkedIn reported that the three strongest factors that influence your network are your geography, the schools you attended, and the companies you worked for. One of MentorCore’s chief objectives is to reduce the network gap. Tom asks Lisa Beth what is a network gap. She explains that you would have significantly different opportunities based on your network. She argues, “I think that we have a real opportunity to try to find ways to reduce that network gap and break down barriers that prohibit really talented people from living to the utmost and being able to achieve the career successes that they want.”

5 Keys to Better Digital Health

Tom asks Lisa Beth to describe how we can improve our digital health. She shares five keys to improving digital well-being, including limiting screen time, focusing on your physical health, and finding a healthy balance. “You should be thinking about whether the digital part of your life is taking over everything and whether you’ve found what’s going to work for you from an overall holistic well-being standpoint,” she advises listeners.

Resources

MentorCore

MentorCore events

Lisa Beth Lentini Walker on LinkedIn

In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future - Part 1: GRC Explained

Mon, 31 Aug 2020 05:01:00 -0000

Over the week, we will review the current Governance, Risk, and Compliance (GRC) landscape, look at GRC at work, consider GRC and the investment community, review GRC and K2 Intelligence FIN and conclude with a look at GRC then and now. In this Part 1, we consider the current GRC landscape.

He concluded that GRC has become a much broader part of the conversation across the board. For example, this has become a larger part of the due diligence process for investors examining portfolio companies or acquisitions. Please join us as we explore this and other GRC-related issues over this podcast series. Tomorrow we examine GRC at work.

Check out the LinkedIn page for K2 Intelligence FIN here.

Check out the K2 Intelligence FIN website here.

Automated Policy Management: A Necessity Not a Luxury with Mark Delgado

Tue, 25 Aug 2020 04:01:00 -0000

This week’s guest is the Managing Director - GRC Business Unit at Mitratech, Mark Delgado. He and Tom Fox discuss why automating policy management is no longer a luxury, but a necessity given these unprecedented times.

A Cornerstone of Compliance

Policy management is a fundamental building block of compliance, Mark says. Without it you can’t guarantee compliance or operational efficiency. He shares why automating policy management is the only way to ensure both. Apart from the benefits to business leaders and compliance professionals, he argues that employees gain from being able to access all the relevant and up-to-date policy information in one place. The COVID-19 crisis has highlighted the importance of automated policy management, given the rapid and frequent policy changes in most companies.

Information Governance in the Time of COVID

“Even though we've gone through a period of a lot of change and disruption to operations generally,” Mark says, “regulators, with very few exceptions, have not chosen to retreat or delay implementation or enforcement of regulations around data privacy or financial services operations or any other codes or laws that come to mind. So as organizations now have to contend with remote workforces, the need for formal and comprehensive operational enforcement of information governance has become ever more urgent. So in this world, the risk of data that's pivotal to companies’ operations, or that contains sensitive or private information, being accessed and manipulated outside of the security of the corporate network, has massively increased.” He tells listeners how to choose a robust and comprehensive automated tool to help their business during and after this time.

Shadow IT Management and Advice for Business Leaders

Tom asks, “Mark, could you tell us about a shadow IT management solution and why you feel this is important?” Mark defines shadow IT: “Shadow IT covers the vast number of data sets that exist within an organization, but remain outside of IT’s control and often knowledge.” He explains how shadow IT management works and why it’s critical during normal business, but even more so in times like these.

Mark shares his top three tips for navigating the health crisis. Firstly, he says, “ensure that changes to operational practices could be clearly and accurately communicated… Second, eliminate as many informal or manual processes as you can… Thirdly… take control of your mission critical information.”

Resources

Mitratech.com

Mark Delgado on LinkedIn

A Conversation with Skillsoft and StoneTurn: Part 5 - Stephen Martin on Continuous Monitoring and Continuous Improvement

Fri, 21 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. Over the course of this series we have explored the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). Focused on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this fifth and final episode, I conclude with Stephen Martin on continuous monitoring and continuous improvement.

A new focus in the 2020 Update and FCPA Resource Guide, 2nd edition, was the new mandate for continuous monitoring and continuous improvement. But it all begins with your risk assessment. Martin said, “they are the most critical part of your compliance program because they frame what you are supposed to do overall in your compliance regime.” What has changed recently, with the 2020 Update is the emphasis around continuous program improvement and that it should be “guided by your risk assessment, which is something new.” This means that you must look at more than “simply a limited snapshot in time, but using risk assessment, that is based on continuous operational data and information across a number of functions so that you can have real time risk assessment and improvement of your compliance program.”

All of these developments have led to the clear conclusion that your compliance program should be a living breathing document. Martin said, “I think it’s more important today, given the guidance that came out, before you would talk a risk assessment that would be done once a year or once every couple of years, or perhaps you would do a program assessment. Now, what you’re expected to do is continually be evaluating your program and looking at data and information.” From there compliance officers and companies need to gather the data and look at is as an “ongoing review to update your policies, procedures, and controls, and tracking the information to incorporate into their risk assessments.”

Webinar

If you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here.

Resources

For more information on Skillsoft’s compliance offerings, click here.

For more information on the Skillsoft/StoneTurn partnership, click here.

For more information on StoneTurn, click here.

A Conversation with Skillsoft and StoneTurn: Part 4 - John Arendes on Assisting Your Risks

Thu, 20 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this fourth episode, I visit with Arendes on assessing your risks and using that process to then manage those risks.

The two recent releases of information in the form of the 2020 Update and FCPA Resource Guide, 2nd edition, make clear that companies must assess their risk and manage their risk. Years ago, there was this idea of one size fits all for compliance programs. The government’s thinking on this began moving towards taking into account a number of different risk variables that impact those businesses and what exposes them to areas of risk. This has led to the current environment where it is clear that one size does not fit all. Arendes said you should begin with the precept “to understand what the goal is of that risk assessment. What are you trying to get out of it? Is it a holistic view? Is it a specific area of risk or are there areas of data risks that we want to look at? The bottom line is to understand what’s your goal of the risk assessment.” Arendes also said an independent perspective should be sought. Using outside firms, having someone come in with an objective view is certainly an important part of your risk assessment.

Webinar

Resources

For more information on Skillsoft’s compliance offerings, click here.

For more information on the Skillsoft/StoneTurn partnership, click here.

For more information on StoneTurn, click here.

A Conversation with Skillsoft and StoneTurn: Part 3 - Jamen Tyler on Conducting Effective Risk Assessments

Wed, 19 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this third episode, I visit with Jamen Tyler on conducting an effective risk assessment.

We began with some of Tyler’s top tips for conducting a risk assessment. She began that everyone needs to understand that risk assessments are about putting together and thinking about all of your risks. This means typically thinking about risks falling into kind of four buckets. They are (1) financial, (2) operational (3) legal/regulatory and (4) reputational. While most companies are pretty well versed in conducting risk assessments for financial and operational risks; legal regulatory and reputational can be just as harmful. This means a company needs to think critically about those final two buckets of risk, in addition to the more traditional financial operational risks. This means targeting specific risk areas by subject matter and even breaking it down to specific geographies or business units, can be both more efficient. It can also help to insure you are conducting risk assessments on a timely basis.

Join us tomorrow where I visit with John Arendes, Vice President and GM of Global Compliance Solutions at Skillsoft, who helps us take a deep dive into assessing your risks and using that process to then manage those risks.

Webinar

Resources

For more information on Skillsoft’s compliance offerings, click here.

For more information on the Skillsoft/StoneTurn partnership, click here.

For more information on StoneTurn, click here.

A Conversation with Skillsoft and StoneTurn: Part 2 - Charlie Voelker on How a Risk Assessment Informs Your Code of Conduct

Tue, 18 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this second episode, I visit with Voelker on how a Risk Assessment informs your Code of Conduct.

We began with an exploration of why the Code of Conduct is so foundational to a compliance program in general. Voelker said, the “Code of Conduct is a way of capturing the risks and the issues that the organization faces. These are the major concerns that, that the organization has in terms of the type of business it is in, where it is operating and other factors of that nature.” Moreover, “by capturing those major issues within a training experience that is delivered across the organization and to all employees, it helps to level set everybody within the company in terms of what are those issues that are sort of top of mind for the company, what are the areas that as an employee needs to be focused on. Also, for employees, the Code of Conduct is a source of that information and also about where to go for more help. In many cases, a Code of Conduct will point to other policies or procedures or other resources that serve to provide that support that employees might need as they go about their day-to-day business.”

One of the key themes of the 2020 Update was of the importance of a risk assessment to all aspects of your compliance program. Additionally, the 2020 Update made clear the relationship between risk assessment and Code of Conduct training going forward. A risk assessment informs the content of the company’s Code of Conduct itself by identifying the topics and the issues that relate to the risks the organization faces.

Join us tomorrow where Jamen Tyler, Managing Director at StoneTurn, helps us take a deep dive into Risk Assessments.

Webinar

Resources

For more information on Skillsoft’s compliance offerings, click here.

For more information on the Skillsoft/StoneTurn partnership, click here.

For more information on StoneTurn, click here.

Why GRC is the Keys to the Kingdom with Matt Kunkel

Tue, 18 Aug 2020 04:01:00 -0000

Matt Kunkel saw a need in the market for “a platform that could act as a central nucleus and bring together and automate in a flexible, easy fashion, all of the different components that make up a traditional governance, risk and compliance regulatory program.” He, together with John Siegler and Dan Campbell, founded LogicGate to fulfil that need. Matt joins Tom Fox on this week’s show to talk about LogicGate’s GRC platform and how it helps businesses improve their bottom line.

Every Business Needs a GRC Champion

Matt wants to give business leaders the keys to the kingdom from a technology perspective. Leaders should be able to own and maintain Governance, Risk and Compliance (GRC) technology that grows and evolves alongside the company’s growth and evolution. A well run GRC program has multiple stakeholders throughout the organization, he points out, especially a champion who will advocate for a culture of risk and compliance. He shares six tips for choosing the best GRC solution.

Managing Third Party Risk

Tom asks about the key exposure points in third party risk and how LogicGate’s solution helps to manage those risks. Matt responds that the best GRC program is only as good as the third parties we use and the programs they have in place. He explains the role of their platform in managing third party risk as well as performing due diligence.

Risk is Good

Matt explains why all businesses should have a Business Continuity Playbook: it’s your Bible to tell you what to do when a disaster strikes, he says. He emphasizes that risk is good. “Risk is good. Companies are built and scaled and grow and achieve great things because they take on… additional strategic risk,” he remarks. It’s about evaluating where risk lies and taking the necessary mitigating steps that would enable you to take on more risk and drive better business outcomes. “I hope that we as an industry can elevate compliance professionals, risk professionals, security professionals to a spot where we can help the organization make strategic decisions based on risk to drive better top line outcomes, more revenue for the business. It’s not just about asset protection, it's about revenue generation,” he comments.

Resources

LogicGate.com

LogicGate on LinkedIn | Twitter

Matt Kunkel on LinkedIn

A Conversation with Skillsoft and StoneTurn: Part 1 - Toby Ralston on Your Code of Conduct

Mon, 17 Aug 2020 16:26:09 -0000

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director, and Stephen Martin, Partner. In this first episode, I visit with Toby Ralston on Code of Conduct.

Obviously, your Code of Conduct is viewed as a foundational document by the DOJ and Securities and Exchange Commission (SEC) as they laid out in the FCPA Resource Guide, 2nd edition. Yet many compliance practitioners struggle with how to benchmark a code of conduct. Ralston believes there are a number of ways that a compliance professional could potentially benchmark a Code of Conduct. He suggested “a matrix approach that uses a modified scorecard or a balanced scorecard where we measure objectives early and subjectively rank an individual Code. We then consider those components against the Codes of competitors and those recognized as best practice.” This can make such a benchmarking exercise a peer comparison, but that peer to peer comparison should not be limited to organizations in your industry. “We find that this approach helps us identify missing or underdeveloped topics as well as sections of a Code that likely need to be condensed or reorganized.”

Join us tomorrow where Charlie Voelker, Director, Compliance Products, Skillsoft, discusses how a Risk Assessment informs your Code of Conduct.

Webinar

Resources

For more information on Skillsoft’s compliance offerings, click here.

For more information on the Skillsoft/StoneTurn partnership, click here.

For more information on StoneTurn, click here.

A Conversation with Convercent and StoneTurn: Stephen Martin on Evaluating Compliance Programs

Fri, 14 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we have explored the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this fifth and final episode, I am joined by Martin for a discussion of evaluating compliance programs.

Resources

For more information on StoneTurn, check out their website, here.

For more information on Convercent, check out their website, here.

To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

A Conversation with Convercent and StoneTurn: Asha Palmer on Corporate Culture

Thu, 13 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we are exploring the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this fourth episode, we take a deep dive with Palmer into corporate culture.

Join us tomorrow, as Stephen Martin, Partner at StoneTurn discusses evaluating compliance programs.

Resources

For more information on StoneTurn, check out their website, here.

For more information on Convercent, check out their website, here.

To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

A Conversation with Convercent and StoneTurn: Michele Edwards on Creating an Inventory of Metrics

Wed, 12 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we will explore the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this third episode, Edwards and I discuss how a compliance professional can create an inventory of metrics by which to monitor and then improve a compliance program.

Join us tomorrow, as Asha Palmer, CECO at Convercent, discusses corporate culture itself to better monitor and improve your compliance program.

Resources

For more information on StoneTurn, check out their website, here.

For more information on Convercent, check out their website, here.

To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

A Conversation with Convercent and StoneTurn: Asha Palmer on Internal Reporting

Tue, 11 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we will explore the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this second episode, we take a deep dive with Palmer into internal reporting.

Join us tomorrow, as Michele Edwards, Partner at StoneTurn details how to create an inventory of compliance metrics.

Resources

For more information on StoneTurn, check out their website, here.

For more information on Convercent, check out their website, here.

To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

The Customer Relationship Evangelist with Josh Elledge

Tue, 11 Aug 2020 04:01:00 -0000

This week’s guest is Josh Elledge of Up My Influence, an influencer company that helps turn their clients into celebrities, as well as build sales systems for them. Josh chats with Tom Fox about the importance of building customer relationships, and he shares a process-oriented approach to doing so.

Building Influence

Tom reflects that your brand is not your image; your brand is your relationship with your customer. Josh comments that he chose his company name to speak to his market’s pain point: they want to build their influence and authority. He helps them implement simple processes to make that happen, he says. His podcast, The Thoughtful Entrepreneur, is one such step. “I think that everybody has a message that could possibly impact the world. My job is to help you get access as quickly as possible… All you gotta do is just focus on serving, serving, serving; going from platform to platform; …and just do it with a… relentless, unceasing devotion,” he says.

Preparation and Storytelling

Tom comments on the educational content Josh sends to his podcast guests to help them prepare for their interview. Josh responds that it’s a win-win-win for everybody: he helps his guests be prepared so that his audience can fall in love with them. “My job [as a guest],” he says, “is to show up and deliver as much value as I possibly can in a short amount of time as possible. So prep is important.”

He talks about the importance of storytelling in the sales process. First, he advocates spending time with your customers and giving them value for free. “If people get enough time and enough value from you on the front end, they're going to build that belief that you can solve their problems, and they will pay you for that.” Next, he says that your customers should be able to substitute themselves for the experience of the person in your story. This way, they’re building up a mental narrative about how your company can help them. This leads to sales, Josh says.

Give First

“You’re in business to bring far more value than what you ask for in return,” Josh points out. He believes in giving lots of value first. Your prospects will let you know when they're ready to take the next step, he says. Focus on building relationships. He invites listeners to explore his website to learn how they systematize relationship-building. Make it easy for customers to spend time with you, he says. “Just stop treating people like numbers and sales prospects! Just make it ridiculously easy for people to spend time with you.”

Resources

UpMyInfluence.com

The Thoughtful Entrepreneur Podcast

A Conversation with Convercent and StoneTurn: Rex Homme on Conducting Investigations and Ensuring Consistent Outcomes

Mon, 10 Aug 2020 05:08:00 -0000

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn. Over the course of the series we will explore the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this first episode, we take a deep dive with Homme into conducting investigations and ensuring consistent outcomes.

Join us tomorrow, as Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE discusses best practices in internal reporting.

Resources

For more information on StoneTurn, check out their website, here.

For more information on Convercent, check out their website, here.

To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

Suparna Goswami and the Compliance Evangelist Talk Novartis on HealthCare Info Security and Fraud IO

Tue, 04 Aug 2020 15:21:00 -0000

I was recently interviewed by Suparna Goswami about the Novartis corruption enforcement actions, both the US domestic and the international FCPA matter. Incidents of fraud at pharmaceutical giant Novartis that resulted in over $1 billion in fines worldwide might have been avoided if the company's compliance team used data analytics to detect patterns, says Thomas Fox, a compliance evangelist and author.

The Novartis case involved illegal payments and perks provided to physicians in exchange for prescribing certain drugs.

Too often, corporations' compliance teams lack access to the data that's necessary to do their jobs, Fox says in a video interview with Information Security Media Group. Pharmaceutical companies, for example, track doctors that prescribe their drugs. "The data is there. But the compliance function simply does not have access to that data".

In this interview, highlights include:

Novartis' fraudulent practices and how the entire episode played out in multiple countries;
Important lessons for compliance officers from this fraud case;
Why compliance teams usually are not able to leverage data analytics;

The Disaster Avoidance Doctor with Dr. Gleb Tsipursky

Tue, 04 Aug 2020 04:01:00 -0000

Dr. Gleb Tsipursky is an expert in the field of disaster avoidance. He joins Tom Fox on this week’s show to talk about his work, including how he helps leaders avoid decisions that lead to disaster.

Avoiding Disaster

“Avoiding a disaster is always preferable to recovering from it. So I believe to avoid disaster we have to understand where disasters come from. There are only two things that lead to disasters, and they both come from our decisions,” says Gleb. “...One is an active decision where we make a decision ourselves that leads to a pretty disastrous situation… The other type of disaster comes from when we fail to make a decision that we need to make to avoid a disaster.” Glen says that his mission is to help leaders recognize and overcome the cognitive biases that lead them into making disastrous decisions. These cognitive biases are the decision-making patterns that we fall into because of how our brain is wired, he points out. Our instincts are not wired for the modern environment.

Magical Thinking

Tom asks Gleb to describe the top three judgment errors - ‘magical thinking’ - leaders make that lead to disaster. Gleb responds that these are:

Overconfidence bias - research shows that the more confidence a leader exhibits, the worse their business performs. “When we should be confident is after we make a very carefully considered, data-driven, informed evaluation and then implement that decision,” he says.
Sunken cost bias - leaders tend to stick with a plan even when evidence shows it isn’t working, and they should pivot.
Confirmation bias - looking at the world in a way that confirms their beliefs, instead of letting evidence inform their vision.

Stakeholder Engagement

Gleb outlines three social intelligence methods leaders should employ to achieve their leadership goals. These are empathetic listening, rapport building, and curious questioning. These skills will help leaders influence and engage stakeholders. “People are not nearly aware of how much their emotions drive them,” he comments. He emphasizes that the essence of leadership is stakeholder engagement. He and Tom discuss helping leaders fight unconscious biases in their organizations. He shares practical ways leaders can overcome tribalism personally and within their businesses.

Resources

DisasterAvoidanceExperts.com

Free video modules: Wise Decision Making Guide

Never Go With Your Gut: How Pioneering Leaders Make the Best Decisions and Avoid Business Disasters

The Blindspots Between Us: How to Overcome Unconscious Bias and Build Better Relationships

Ascending Compliance Management with Gene Geiger

Tue, 28 Jul 2020 04:01:00 -0000

Gene Geiger of A-LIGN joins Tom Fox on this week’s show to discuss his company’s innovative compliance management platform, A-SCEND. Gene remarks that there was a market need to drive technology in the professional services space. “What we’ve been missing is driving automation and driving workflow and driving efficiency through technology, and that’s really what A-SCEND is meant to do. It’s meant to complement the people in the audit workflow to make the job as efficient and as automated as possible,” he says.

Built For Users

“The need for technology crosses multiple compliance standards,” Gene remarks. A-SCEND is built to comply with eight compliance standards in the cybersecurity industry. In addition, Gene says, users can input their own internal standards using the custom object module. He describes various features of the platform that helps clients automate their compliance workflow, and manage compliance tasks throughout the year, rather than just for the annual audit. A unique feature of A-SCEND is its ability to de-duplicate requests across multiple compliance standards, resulting in up to a 50% decrease in workload when preparing for audits. Gene points out how these innovative features allow their clients to do anytime, anywhere audits, and how both they and their clients were able to pivot easily to remote work as a result of the COVID-19 pandemic. Tom asks how feedback is built into the platform. Gene outlines several mechanisms, including their advisory board, surveys, and their customer support system. “We are able to build an application for compliance management that really meets the needs of the users,” he says.

The Future of Strategic Compliance

Tom and Gene discuss the future of strategic compliance. Gene predicts that there will be movement towards benchmarking, AI-based review and evidence collection, and data-driven metrics.

Resources

A-lign.com

The Economic Value of Convenience with Greg Dickinson

Tue, 21 Jul 2020 04:01:00 -0000

CEO of Omedym, Greg Dickinson joins Tom Fox in this week’s show to discuss his book, The Convenience Economy: B2B: Adapt Now or Pay the Price. They discuss an interesting equation about the value of convenience, and why giving convenience equals gaining control.

The Cost of Inconvenience

Tom asks Greg to explain his equation, Friction = Frustration = Cost. Greg responds that if your process impedes your customer’s buyer journey, then that friction will cause them to feel frustration, which will ultimately cost you. He gives examples of B2B processes that, while developed to help a company flow, actually frustrate the customer. Times have changed, and customers are now independent. If your process is friction-rich, Greg says, customers will go someplace else. “If you have developed all your processes to deal with them in a way that is built on what you want - and it has no consideration for them, for their journey, for their experience - then you have really harmed your ecosystem... If we can give convenience, we gain control.”

People Want to Watch

Greg points out that COVID-19 has accelerated some of the areas discussed in his book. Companies now must rethink how to onboard suppliers: he recommends smart watchable assets. “When people want to learn, understand, discover and comprehend something that they have to use, they want to watch,” Greg remarks. “You can onboard and get your third parties embracing your policy if you can communicate with a watchable asset.” He explains why supplier enablement should now include “cost plus convenience plus enablement, plus being able to sustain when something happens.”

Push vs Consume

Tom asks Greg about the push vs consume models. Greg explains the difference between the two approaches and why people want to consume information nowadays, not have it pushed at them.

Resources

Greg Dickinson on LinkedIn

Omedym.com

The Convenience Economy: B2B: Adapt Now or Pay the Price

Risk Mitigation and Corporate Discipline Baked into Culture with Cody Rodriguez

Tue, 14 Jul 2020 04:01:00 -0000

Tom Fox welcomes Cody Rodriguez to this week’s episode of Innovation In Compliance. Cody is CEO of Iron Orchard, a small private oil and gas operator that continues to thrive even in the midst of a shutdown of the energy sector due to COVID-19. He and Tom discuss his company’s risk management approach and how it informs their corporate culture.

Determining Commercial Viability

Tom asks Cody how they determined that Iron Orchard was a commercially viable idea. Cody responds that they had about 100 meetings with CEOs and investors, seeking their advice before deciding to go ahead and launch Iron Orchard. Even then, they decided to use their own funds for the first investments. “We want to make sure, just like in everything else we've ever done, that we did it ourselves and risked our own dollars before we ever risk anybody else's,” Cody explains. He describes how taking this approach led to increasing success as the company grew. People were willing to help them because of their humble approach. Cody says, “If you're willing to tell them how you think you could be better and how you think you could improve from their advice, people are generally very willing and open.” Tom adds that humility is an incredible leadership skill.

Corporate Discipline and Culture

Tom comments that physical and financial discipline is a strategy that is embedded in Iron Orchard’s culture. “One of the biggest things that I learned was risk mitigation and capital discipline,” Cody responds. “For us, it's never doing something that we can't stand the risk of losing everything we just did. And if everything goes [wrong]... can we sustain ourselves?” He explains that every decision is made through collaboration and teamwork. These corporate values of discipline and collaboration are responsible for their survival and growth even in the midst of the pandemic. “If the assets can't - even at the worst of times - support the team, then the team needs either to work a little harder, a little smarter to make sure that we can manage even through the most difficult times,” Cody says.

Resources

Iron-Orchard.com

info@iron-orchard.com

Engaging the Human Component of Corporate Culture with Lisa Ryan

Tue, 07 Jul 2020 07:01:00 -0000

Tom Fox and Lisa Ryan, this week’s guest, are both members of C Suite Radio and the National Speakers Association. Lisa spent 20 years in sales before embarking on her entrepreneurial journey in 2010. She brings a unique perspective to the subject of employee engagement, seeing it as an essential skill that leaders need to have.

An Essential Skill

In Lisa’s view, employee engagement is greater productivity, greater institutional justice, better health and safety, and many other ways of enhancing workers’ lives. As such, leaders should see improving engagement as an essential skill. “When that business owner can make that connection with their employees,” Lisa points out, “that employee is going to give a lot more effort.”

A Critical Part of Compliance and Corporate Culture

Tom comments, “If you focused on employee engagement, you would go a long way towards creating a viable and vibrant speak up culture and creating a two way street of communication.” Lisa agrees. She adds that people want to feel safe and know that if they approach their boss with a problem, their boss is going to take action on it. We’re wired for justice, she says. As such, engagement is a critical part of compliance.

“Company culture took a long time to develop, and it’s not changing overnight,” Lisa says. When a company makes the decision to focus on improving engagement, they must first assess where they are and then be committed to taking strategic steps towards their long-term goal. She shares how she helps clients to make those changes, and emphasizes that culture change must start at the top then go through every department of the organization.

On Curiosity

Tom says that one of the key characteristics compliance professionals must possess is curiosity.

He asks Lisa to talk about her blog post about curiosity around relearning an old skill. She responds, “Sometimes we have so much knowledge of the things that we can do and then we go and chase that next shiny object… that what we were doing before that was totally working, that was totally part of our skill set, just kind of fades off to the background… So there’s always that being a constant student, not only of the new technology, ...but also knowing that there was a lot of that foundation that we came from that we don’t necessarily want to leave behind.”

Resources

LisaRyanSpeaks.com

Lisa@Grategy.com

Lisa Ryan on LinkedIn | Facebook | YouTube

Navigating an Increasingly Complex Sanctions Landscape: How to Prepare for What’s on the Horizon

Thu, 02 Jul 2020 05:10:00 -0000

Welcome to this special podcast series “In Conversation with K2 Intelligence FIN: Navigating an Increasingly Complex Sanctions Landscape”. This series is sponsored by K2 Intelligence, LLC. This week I have visited with Adam Frey, Managing Director, and Eric Lorber, Vice President at K2 Intelligence Financial Integrity Network (FIN).

Over the week, we have reviewed the current sanctions landscape, discussed how to build a sanctions compliance program, walked listeners through what happens when you discover a sanctions breach or potential breach, considered new sanctions exposure. Today, Adam Frey and I conclude with Episode 5 by taking a look in that veiled land of the future by considering issues on the horizon and how to prepare for it.

Resources

For more information on K2 Intelligence FIN's Sanctions Risk Advisory Services, click here.

For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.

Navigating an Increasingly Complex Sanctions Landscape: New Exposures for Corporations and Shipping

Thu, 02 Jul 2020 05:04:00 -0000

Welcome to the podcast series: In Conversation with K2 Intelligence FIN: Navigating an Increasingly Complex Sanctions Landscape. This series is sponsored by K2 Intelligence FIN. This week I will visit with Adam Frey, Managing Director at Intelligence FIN and Eric Lorber, Vice President at Intelligence FIN.

Over the week, we will review the current sanctions landscape, discuss how to build a sanctions compliance program, walk listeners through what happens when you discover a sanctions breach or potential breach, consider new sanctions exposure and conclude with a look in that veiled land of the future by considering issues on the horizon. In this Episode 4, I am joined by Eric Lorber regarding new sanctions risk exposures for commercial corporations and in the shipping space.

Join us tomorrow for our concluding Episode 5 with Adam Frey as we peer down the road and consider some issues on the horizon for sanctions compliance.

Resources

For more information on K2 Intelligence FIN's Sanctions Risk Advisory Services, click here.

For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.

Navigating an Increasingly Complex Sanctions Landscape: What Happens if You Have a Sanctions Violation

Wed, 01 Jul 2020 05:03:00 -0000

Over the week, we will review the current sanctions landscape, discuss how to build a sanctions compliance program, walk listeners through what happens when you discover a sanctions breach or potential breach, consider new sanctions exposure and conclude with a look in that veiled land of the future by considering issues on the horizon. In this Episode 3, I am joined by Eric Lorber On what to do if you have a sanctions violation or think you may have violated a sanctions program.

Frey concluded by stating, “these are the types of sort proactive steps that I think OFAC and the regulatory authorities would really like to see. It is signaling is we are taking this seriously. It's very much a sort of a signal that we are on your side enforcement agencies and regulatory authorities.”

Join us tomorrow where I am joined again by Eric Lorber to consider new sanction risk exposures for commercial corporations and in the shipping space.

Resources

For more information on K2 Intelligence FIN's Sanctions Risk Advisory Services, click here.

For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.

Navigating an Increasingly Complex Sanctions Landscape: Building an Effective Sanctions Compliance Program

Tue, 30 Jun 2020 05:04:00 -0000

Over the week, we will review the current sanctions landscape, discuss how to build a sanctions compliance program, walk listeners through what happens when you discover a sanctions breach or potential breach, consider new sanctions exposure and conclude with a look in that veiled land of the future by considering issues on the horizon. In this Episode 2, I am joined by Adam Frey to learn about how to build an effective sanctions compliance program.

We conclude with a few thoughts on the constant pressure for cost-cutting in the compliance function, which has been made more acute during the time of Covid-19. Frey noted that it “ is a consistent pressure. But I think it's important to emphasize organizations really have to resist the urge to, to cut costs.” The reason is the cost of a compliance failure is so high and the regulators have said that all businesses must remain ever vigilant. The idea of cutting corners now in an attempt to reduce costs could really end up adding costs down the line in terms of fines and penalties down the road.

Please join us tomorrow where Eric Lorber returns to discuss the actions you should take if you have sanctions violation or even a potential. While it depends somewhat on the size of the organization.

Resources

For more information on K2 Intelligence FIN's Sanctions Risk Advisory Services, click here.

For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.

Dealing with Bumps in the Night with James Green

Tue, 30 Jun 2020 04:07:00 -0000

Director of Advisory Services at SAI Global, James Green, is this week’s guest on the Innovation In Compliance podcast. James’ role involves helping clients manage atypical risk concerns or situations, including business continuity, vendor risk, pandemic, workplace violence, and active shooters. He chats with Tom Fox about his company’s 360° view of risk management and how to survive risks that you never saw coming.

Compliance vs Operational Risk Management

James gives his perspective on the difference between compliance and operational risk management. Compliance, he says, is ensuring that you’re adhering to your own standards, policies and regulatory requirements. Operational risk management, on the other hand, is mitigating any risk to the company, no matter where it originates. Hurricane Harvey is a classic example of checking all the compliance and risk management boxes, but failing to mitigate the actual risk. Tom comments that compliance and risk management are much closer than just complementary: a combined approach helps a business create a more robust strategy for overall risk management.

360° View of Risk Management

SAI Global advocates a 360° view of risk management; risk and compliance need to be seen holistically. “We believe a company needs to be assessing risk in totality wherever it comes from,” James says. “And it doesn't matter where it comes from, because the goal is to increase your organization's resilience, right. That is really the goal of all of our collective functions, is that when there's a bump in the night, we can manage through it successfully, legally, ethically, to the satisfaction of our stakeholders.”

When Things Go Bump In The Night

Tom comments on SAI Global’s real-time risk management approach. He asks James how it allows an organization to be more agile and responsive to market conditions as they come up. James responds that while compliance and risk professionals are great at mitigating issues that just happened, they need to also be aware that there will always be unknown and unanticipated issues. “...The problem is in our world, there's always an unknown that's coming up. Right now we're living through COVID-19 which was unknown to a lot of us,” James points out. “There's always something that's gonna happen. There's always another bump in the night. So you can't be planning based on what happened in the past. You need to be agile. You need to be nimble.” He gives tips on how to determine if a risk is strategically acceptable, and the role risk management should play in the corporation.

COVID-19 and Supply Chain

They originally saw COVID-19 as a supply chain issue, James says, and started advising their clients about it in January. It became much more than that, he remarks. “Supply chain really needs to be embedded in your risk model... because it can damage what your suppliers and vendors do, it can damage your brand to your customers.” He shares useful COVID-19 resources that his company has made freely available to the public.

Resources

SAIGlobal.com

COVID-19 Resources

James Green on LinkedIn | Twitter

Navigating an Increasingly Complex Sanctions Landscape: The Current Landscape

Mon, 29 Jun 2020 05:02:00 -0000

Welcome to this special podcast series; In Conversation with K2 Intelligence FIN: Navigating an Increasingly Complex Sanctions Landscape. This series is sponsored by K2 Intelligence FIN. This week I will visit with Adam Frey, Managing Director at Intelligence FIN and Eric Lorber, Vice President at Intelligence FIN.

Over the week, we will review the current sanctions landscape, discuss how to build a sanctions compliance program, walk listeners through what happens when you discover a sanctions breach or potential breach, consider new sanctions exposure and conclude with a look in that veiled land of the future by considering issues on the horizon. In this Episode 1, I am joined by Eric Lorber to review the current sanctions landscape.

The bottom line is that sanctions are here to stay and every business needs to understand their impact to your company.

Please join us tomorrow where we discuss building a sanctions compliance program with Adam Frey.

Resources

For more information on K2 Intelligence FIN's Sanctions Risk Advisory Services, click here.

For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.

Intersecting Law, Technology and Compliance with Melissa Koch

Tue, 23 Jun 2020 04:01:00 -0000

Melissa Koch is the CEO of InFront Compliance, an online assessment and reporting tool for highly regulated industries. She is a business, technology and data lawyer by trade, with over 20 years experience. As such, she has been at the forefront of the changing landscape of compliance. She chats with Tom Fox about how her company helps its clients navigate the intersection of law, technology and compliance.

The Intersection of Law, Technology and Compliance

“It’s always at the intersection that I think the most interesting things happen,” Melissa tells Tom. When you view compliance as an ecosystem - the intersection of law, technology and compliance as a unified field - you are able to see how they all work together to create an environment of collaboration and communication. Collaborative vendor risk management in particular, she explains, views compliance as an ecosystem with many stakeholders. It’s a way to facilitate lines of transparency between these stakeholders to enable reliability and consistency and to help define your company’s overall compliance posture. “And the foundation is really about communication and making sure you know who’s involved, what they’re doing, and having those sight lines and having that visibility to make much more informed decisions… on how to manage the compliance landscape.”

Embracing Data In Real Time Vendor Management

Tom asks how data fits into the collaborative ecosystem. Melissa responds that InFront Compliance embraces data because you can’t get the transparency to make better decisions without it. InFront creates and curates libraries of assessments for organizations in highly regulated industries such as financial services. Ensuring that their businesses stay compliant in a fast changing regulatory landscape, is one way InFront serves their clients. They also foster a “continuous culture of compliance” so their clients can see where they have gaps and close them before they become a problem.

Building Resilience

A business is resilient if it’s able to bounce back quickly after an event that impacts its operations. Melissa remarks that resilience, policy development and change management all work together to make sure that your organization can effectively navigate any sudden and/or unforeseen changes. One way your company can build resilience is to adopt a dynamic and practical approach to policy development, Melissa says. “For those organizations that are adaptable and fluid in their ability to navigate change, are policies that live and breathe with the organization. So they are created specifically for that organization and how that organization does business. But they also have built into the policy regular review periods... It makes sure that everything is accurate and reflective of how that organization does business and when it's not, then it changes... Those policies are there to help support the organization when there's been a stress event for the organization.”

Resources

InFrontCompliance.com

Email: melissa@infrontcompliance.com

The True Cost of Financial Crime with Dan Wager

Tue, 16 Jun 2020 04:01:00 -0000

Dan Wager heads Financial Crime Compliance Strategies at LexisNexis Risk Solutions. His global team focuses on identifying market opportunities, merger acquisition opportunities, regulatory developments, and product development in the areas of anti-bribery, anti-corruption, money laundering, sanctions screening, and sanctions enforcement. He joins Tom Fox on this week's show to chat about the key findings of LexisNexis' report, The True Cost of Financial Crimes, and its implications for compliance professionals.

Understanding Financial Crime

"One of the things I'm trying to do," Tom tells Dan, "is bring people like yourself on the podcast to really help the anti-corruption compliance specialist who's in the commercial corporation understand financial crimes." Dan comments that LexisNexis has been doing this report for five years but at the regional level. This report, by contrast, is a global roll-up overview, where they are bringing the regional studies together into a global view, to see the true cost as well as challenges and trends facing the industry.

Key Insights

Dan and Tom discuss the key findings from the report, including:

The true cost of compliance globally is in excess of $180 billion a year.
Each region has its own compliance risks and issues.
Non-bank payment providers pose various compliance challenges, in particular for clearing banks.
The increasing compliance burden has an adverse impact on attracting and retaining talent.
The proper use of the right technologies can assist in offsetting costs and making better compliance decisions.

A Layered Approach to Compliance

Using a layered approach helps a compliance professional think through the risk management of their compliance program, recognizing that implementing financial crime compliance initiatives can provide broader benefits to their business. Dan explains that the layered approach to compliance starts at the front gate, and it involves using technology to determine whether the person or proposed action poses a compliance risk. "The layered approach means before you spend something on someone or give money to someone or buy something from someone you should have vetted them," he points out. Tom asks about page 45 of the report. Dan says that it's about using the right technology for your business' needs. That is what will reduce labor cost, he points out. "It doesn't mean that you can hire cheaper labor. It means you have fewer people to accomplish the same compliance because you're automating and accomplishing through technology much of the rote work."

Resources

LexisNexis Risk Solutions

Study: The True Cost of Financial Crimes

Why Lawyers Need To Listen (To Non-Lawyers) with Brendan Egan

Tue, 09 Jun 2020 04:01:00 -0000

Tom Fox chats with President and founder of Simple SEO Group, Brendan Egan, in this week's show. Brendan is a podcast host as well as a contributing author to Entrepreneur Magazine. His recent article entitled Marketing Dos and Don'ts During A Crisis is the focus of discussion on this week's episode of Innovation In Compliance.

Marketing During A Crisis

"Your marketing is really what's going to drive your business and drive your revenue and determine whether or not you're successful," Brendan tells Tom. In day to day business, and especially during a crisis, you need to look at marketing based on your short-, medium- and long-term objectives. Brendan points out that you shouldn't make any knee-jerk decisions that would impact your long-term growth or integrity. Instead, make short-term alterations to your marketing during a crisis that demonstrates how you're supporting and looking out for your customers. Your medium and long-term plans will most likely be unaffected, Brendan says.

Why Lawyers Need To Listen

Legal and compliance practitioners need to understand the importance of marketing, especially in these times. Brendan remarks that marketing is a grey area with a lot of overlap: marketing can overlap into a company's culture, into the legal space, and even the compliance department. The most successful businesses take a company-wide approach to marketing. In addition, companies need to be fluid in order to respond proactively to a changing world. Tom comments that Simple SEO Group's time horizon approach allows them and their clients to respond to ever-changing information in a productive manner.

Marketing Is Essential

Tom asks, "How are you helping corporations think through how they can effectively market in an economic dislocation?" Brendan responds that he started Simple SEO Group during a recession, so he is well versed in helping businesses make money in spite of the economic downturn. "During a recession, marketing becomes that much more important," he says. "It almost becomes… an essential service." More and more companies are turning to digital marketing because their usual marketing channels are drying up, he says. Survival is a matter of being open to new marketing opportunities, especially online, so you can continue to grow during COVID-19 and beyond.

Resources

SimpleSEOGroup.com

BrendanEgan.com

Article: Marketing Dos and Don'ts During a Crisis

Book: 101 Tips From The Marketing Masters

Revolutionary Recruiting with Mary Ann Faremouth

Tue, 02 Jun 2020 04:01:00 -0000

Tom Fox met Mary Ann Faremouth at the National Speakers Association’s (NSA) Winter Conference. He was immediately enthralled with her passion for recruiting. Mary Ann is the founder and CEO of Faremouth & Company, a national recruiting and consulting firm. She also networks with a consortium of recruiters, sharing jobs and helping candidates. Mary Ann describes herself as a “holistic recruiter”: she looks at the whole person when placing candidates, as she believes this more human approach works best for these times. She chats with Tom about her book, Revolutionary Recruiting, and shares practical advice for job seekers as well as employers.

The Faremouth Method

Tom asks Mary Ann to describe the Faremouth Method. She explains that it is the 5-step process she uses to place candidates. These 5 steps are:

Know yourself: do an inventory of your skills and talents.
Ask better questions.
Step out of your comfort zone.
Take the time to do it right.
Be a hunter.

She says, “The Faremouth Method helps me really identify who that person is right now, what their purpose is, what their passions are, and that helps me align them with a position that's gonna fit that.”

A Win-Win Approach

“...if we take the time to understand what their [candidates’] passions are, what their skills are, what their transferable skills are, we can place them in positions where the retention rate is a lot higher. Candidates are happier because they're feeling a sense of purpose. The clients are happier because people aren't leaving, and so it's a win-win for everyone.” Mary Ann and Tom discuss why her holistic approach makes good business sense. Tom comments that Mary Ann brings not only her professionalism to the table, but also candidates and clients trust her advice. She responds that her motto is ‘Integrity Personified’, and that doing the right thing for everyone is one of her key values but it is also just good business. “If I make a good match, everybody's happy,” she points out. “Then guess what happens? That client’s gonna send me his vendors, that applicant’s gonna send me his friends.”

Key Mistakes Employers Make

Revolutionary times such as these, require a revolutionary approach to recruiting, Mary Ann argues. In the new normal, both job seekers and employers have to be willing to think outside the box. Tom asks Mary Ann to outline the key mistakes employers make when they’re looking to hire a new employee. She responds that employers often have unreasonable demands and expectations. Going forward, they have to look realistically at the job and its requirements, and look for a candidate with those transferable skills, Mary Ann says. She shares some insights about the post-COVID job market.

Another mistake employers make is that they don’t ask the right questions during interviews. She advocates asking more hypothetical questions so that employers can gauge the potential employee’s problem solving skills, and if they have the right mindset to be part of the team. Mary Ann then shares some insightful and practical advice for listeners to prepare themselves for the future. Life is ultimately about relationships, she remarks. Ask yourself, What can I do in service of others? “Maybe this is the time for us to look at these worst of times being the best of times for us to improve and to learn what our skill set might be that we can refine to help make a contribution to the greater good,” Mary Ann comments.

Resources

Faremouth.com

Revolutionary Recruiting book on Amazon | Barnes and Noble

USA Daily Times

The Price of Business podcast

Leveraging Value From Data with Amy Hilbert

Tue, 26 May 2020 04:01:00 -0000

This week's guest on the Innovation In Compliance podcast is Amy Hilbert of Casepoint. She joined Casepoint to help build out their services for federal, state and local, and international government agencies, and to help ensure that the company had the right people, processes and contracting methods in place. She chats with Tom Fox about Casepoint's services, and what they can do for compliance professionals.

Products and Services

Amy describes Casepoint as a legal technology platform, whose first component is e-discovery. Their clients use them "to help work through large volumes of data so they can narrow down to key pieces they need, either for a FOIA request, for an investigation, for certifications… or to actually go to litigation," Amy says.

Moving Government To The Cloud

Tom asks Amy to describe the unique requirements government agencies must face as they move to the cloud. Amy responds that every organization, including the government, has to look at their risk posture before moving to the cloud. Since the government's mandate is to protect the data of its citizens, they have to adopt more stringent policies and procedures. Amy points out, "Anything that goes into the cloud has to be FedRAMP certified."

Project Management As The Key

Amy and Tom discuss why Casepoint was able to secure an exclusive contract with the SEC. "They [the SEC] went to great extents to make sure that they were really picking a solid solution based on the functionality and capabilities of the company," Amy says. "I think the key for Casepoint was our ability to handle some of those complex data types that we received." Tom remarks that Casepoint is not simply a technological platform and solution, but project management is also a key part of the company. Amy agrees that Casepoint's project managers are a key part of the company's success: they ensure that clients leverage the technology in the best way possible to get the most efficiency in their workflow.

How Compliance Professionals Can Benefit

Two case studies illustrating how Casepoint helped clients are shared. She points out that maintaining metadata is the key to data analysis. Tom comments that the case studies emphasize for him the services component as well as the workflow process, which would enable the user to "quickly and efficiently be able to use the data that you've been able to synthesize for them… Oftentimes in a corporation, compliance practitioners who are lawyers may not understand or be able to pull as quickly other types of information. So having that sort of in-house expertise ... seems critical to me," Tom says.

Resources

Casepoint.com

Defining and Building Effective Compliance Programs - What’s on the Horizon?

Fri, 22 May 2020 05:07:00 -0000

In this five-part podcast series, sponsored by K2 Intelligence FIN, we have considered defining and building effective compliance programs. I have been joined in this series by Michelle Goodsir, a Managing Director at K2 Intelligence, and Gail Fuller, Financial Integrity Network (FIN) Vice President. Michelle has 25 years of financial crime compliance experience which includes fraud risk management, anti-bribery and corruption, corporate security and investigations, sanctions, and Anti-Money Laundering (AML) program experience working within the financial services industry and the US government. Gail focuses on developing, refining, and implementing FIN’s quantitative and qualitative risk rating tools. She leads engagements focused on helping FIN’s jurisdictional and private sector clients understand their exposure to financial crime risk and develop and implement strategies to mitigate their risks.

Over this series we have considered key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In our conclusion, Part 5, I visit with Gail Fuller as we look into that veiled land of the future and view what’s on the horizon for compliance. Highlights include:

What are regulators looking for when it comes to compliance? Regulators are looking for professionals to be proactive and creative problems solvers.
If compliance was an area that was previously not sufficiently funded, what are three things people need to do now if things are cut even further? Reinforce your commitment to compliance; rethink geographic distribution of your compliance team; and think through technology investments.
Thinking about this whole series, we talked about a lot of tips… what are the areas you’d suggest our listeners focus on as they look to rebuild or enhance their programs? Be sure to communication your compliance priorities clearly, leverage personnel to more fully operationalize compliance and then harness and pursue technologies.

Resources

K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance

K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance

K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption

K2 Intelligence DOLFIN: https://www.finintegrity.com/dolfin.html

Defining and Building Effective Compliance Programs - Ongoing Compliance-Training and Culture

Thu, 21 May 2020 05:07:00 -0000

In this five-part podcast series, sponsored by K2 Intelligence FIN, we consider defining and building effective compliance programs. I am joined in this series by Michelle Goodsir, a Managing Director at K2 Intelligence, and Gail Fuller, Financial Integrity Network (FIN) Vice President. Michelle has 25 years of financial crime compliance experience which includes fraud risk management, anti-bribery and corruption, corporate security and investigations, sanctions, and Anti-Money Laundering (AML) program experience working within the financial services industry and the US government. Gail focuses on developing, refining, and implementing FIN’s quantitative and qualitative risk rating tools. She leads engagements focused on helping FIN’s jurisdictional and private sector clients understand their exposure to financial crime risk and develop and implement strategies to mitigate their risks.

Over this series we are considering key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In Part 4, I visit with Gail Fuller on how to facilitate ongoing compliance training, communications and re-emphasizing culture in an organization.

Some of the highlights include.

What are some of the key components to a successful training program? They include comprehensive, tailored; effective training which is built into the culture; it is continuous and employees are held accountable.
Especially given all that is going on in the world, how can organizations ensure they are giving employees the right blend of in-person and online training? Regulators are neutral on method but a blend is really ideal as people learn in different ways. You should design your training program to take advantage of each form of training’s benefits. Finally be sure to make it engaging.
Once training is complete, how can entities ensure their teams are able to report issues? A kley is to have two buckets- one which is inward facing (governance focused) and a second which is outward facing (interactions with regulators).

Resources

K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance

K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance

K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption

K2 Intelligence DOLFIN (relevant for the training section): https://www.finintegrity.com/dolfin.html

Defining and Building Effective Compliance Programs - Compliance on a budget: Solutions for entities of all sizes

Wed, 20 May 2020 05:07:00 -0000

Over this series we are considering key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In Part 3, I visit with Michelle Goodsir on the challenges around budgeting for compliance.

Some of the highlights include.

· Budgets have long been stretched in compliance. How can organizations make the most of it between teams? By working across teams and skillsets; leveraging resources as a utility across functions.

· Are there technology solutions that can help? Yes innovation can occur at institutions of all sizes; case management; screening tools; data analytics.

· What if financial organizations do not have all of these capabilities internally? There are a variety of solutions you can utilize. They include working with a third party or other external firms; maintaining compliance on a budget is not insurmountable; investing now for cost efficiencies in the long term.

Resources

K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance

K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance

K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption

K2 Intelligence DOLFIN (relevant for the training section): https://www.finintegrity.com/dolfin.html

Defining and Building Effective Compliance Programs - Giving compliance a seat at the table – why compliance should be a part of business strategy

Tue, 19 May 2020 05:08:00 -0000

Over this series we will consider key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In Part 2, Michelle and I discuss why compliance needs to be an integral part of your business strategy going forward.

What has evolved recently in the landscape that has made the role of compliance more challenging? There has been a plethora of guidance from different regulators to address emergency situations; managing costs; reviewing alerts in a timely manner.
You mention that Compliance is often seen as an overhead cost – why should entities think of it differently? There are a variety of costs around the following, enforcement action costs vs. cost of compliance; operationalizing compliance; building compliance in from the beginning vs. retrofitting a program to maintain compliance; outsourcing compliance.
How can organizations make sure compliance protocols are carried out every day? Through a variety of tactics including regular training, communication, action; culture of compliance; tone from the top; compliance at business meetings.

Resources

K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance

K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance

K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption

K2 Intelligence DOLFIN: https://www.finintegrity.com/dolfin.html

A Holistic Approach to Third-Party Risk with Brenda Ferraro

Tue, 19 May 2020 04:01:00 -0000

Tom Fox welcomes VP of Third-Party Risk at Prevalent, Brenda Ferraro, to this week's Innovation In Compliance show. They discuss Prevalent's 2020 Third-Party Risk Management study, its key findings, and implications for compliance professionals.

A Holistic Approach

Brenda describes Prevalent's mission as "...delivering a unified third-party risk management platform that's going to enable businesses to better reveal and interpret and alleviate risk by simplification and speeding risk mitigation awareness …" Prevalent does this through "economic approaches with standardization, how to use networks, how to leverage completed content gathering and making sure that we're doing the big bang for the buck," Brenda says. She emphasizes the importance of a holistic and economic approach.

Key Findings and Recommendations

Tom and Brenda discuss why Prevalent commissioned The 2020 Third-Party Risk Management study and its key findings and recommendations. Brenda says that the objective of the study was to provide "a state of the union" on third party risk as well as actionable recommendations to the industry. She lists some of the key findings, including:

a lack of process which lessens third party program effectiveness;
third party risk management is a team sport;
many companies lack confidence in their risk management programs and the results they're getting;

That companies need a comprehensive risk management process is the study's predominant recommendation. Brenda critiques the compliance industry's affinity for questionnaires, which just expose vulnerabilities but do nothing to mitigate them. She remarks, "...if you don't have a way to track and monitor your performance indicators and your risk indicators, then what you're doing is, you're spending a lot of time with questionnaire fatigue, gathering content administratively, identifying risks, and then it stops there. So we've got to get to the point where we're looking at inherent risk and residual risks qualitatively and quantitatively so that we can end up doing what's best for the company moving forward." She argues that industries need to work together to identify and address vulnerabilities across sectors. Working together and sharing information will help everyone elevate their risk posture and reduce vulnerabilities.

Resources

Prevalent.net

2020 Third-Party Risk Management Study Report

Defining and Building Effective Compliance Programs - The Biggest Issues in Compliance Today

Mon, 18 May 2020 05:10:00 -0000

Over this series we will consider key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In Part 1, I visit with Michelle Goodsir on the biggest challenges in compliance today. Some of the highlights include:

What are the biggest compliance issues facing banks in the U.S.? They include coronavirus implications; impact of economic crisis; costs of compliance programs; maintained expectations from regulators.
What are some of the global challenges emerging? They include the regulatory focus on AML and sanctions; managing competing needs of compliance programs; incorporating and enhancing technology.
How can these organizations keep pace? You should prepare now for challenges later; managed services; leveraging teams for cross-functional needs.

Resources

K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance

K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance

K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption

K2 Intelligence DOLFIN: https://www.finintegrity.com/dolfin.html

Playing The Long Game with Leigh Vickery

Tue, 12 May 2020 04:01:00 -0000

Leigh Vickery of Level 2 Legal, joins Tom Fox on this week’s show to discuss her company’s innovative managed services for the legal and compliance industry. She shares how they help clients get to the next level using a strategic combination of data and behavioral economics.

Helping People Solve Problems

Leigh shares her eclectic career background and how she came to the legal industry without any legal training. “I love helping people solve problems and… seeing the big picture and the patterns and processes across the business or industry,” she says. Level 2 Legal shares her vision: they see themselves as problem solvers whom their clients can count on. “How that manifests itself now is in e-discovery, compliance investigations, solving legal problems, or helping our clients understand how those legal issues affect their business outcomes.”

Long Term Relationship-Builders

Success depends on staying nimble, Leigh tells Tom. “We're very much long term relationship-builders as a company,” she points out. As things change, Level 2 Legal is able to innovate to stay relevant. This is how they built the company from the first. Leigh comments that it took commitment, money, collaboration and a willingness to fail fast and change direction. Her job is to drive those initiatives and keep the company looking around the corner.

A Different Perspective

Tom is intrigued by Leigh’s statement that she brings a new perspective to problem solving as well as innovation. He comments that a general counsel’s job is to protect the company from legal violations, whereas a compliance officer must remediate those violations. Ironically, however, most compliance officers were first general counsels. He says that his objective with this podcast is to bring innovative solutions to compliance officers to help them in their role. Leigh responds that every company should have someone who thinks differently to help the business innovate and improve.

A Different Approach

“Our services are completely designed to enable [our clients] to do what they need to do better, to help them predict where they’re going to have a problem…” Leigh says. She describes her company’s role as being there to help their clients look good. She explains that they’re able to fulfill their role through a strategic combination of data and behavioral economics. Their approach is collaborative, holistic and creative, she says; they are playing the long game. Tom asks her to define what it means to play the long game. She responds that it’s about thinking for the next generation. Because her company used this approach, they were able to survive and thrive through the present crisis. “The value of thinking long term is just table stakes now to be able to survive and thrive,” she comments.

Resources

Level2Legal.com

Call Leigh Vickery at (903)245-9183

The Role of Wellbeing in a Thriving Culture with Mari Ryan

Tue, 05 May 2020 04:01:00 -0000

Mari Ryan is the CEO of Advancing Wellness and author of The Thriving Hive: How People-Centric Workplaces Ignite Engagement and Fuel Results. She joins Tom Fox on this week's show to discuss the role of employee wellbeing in a thriving business culture.

Assessing Wellness

Many of the concepts and strategies concerning ethical values and corporate culture that Mari espouses, says Tom, are the same that a compliance officer would use. He asks Mari how her company helps clients assess their employees' wellbeing. She describes her two-part process: the first part is the qualitative and quantitative assessment, and the second part is creating a strategic plan to operationalize a culture of wellbeing in the workplace.

Wellbeing Is Crucial to Business Success

"Wellbeing can serve as a foundational element to the culture of the workplace and to creating business success… You need to have engaged employees to create a sustainable business," says Mari. Wellbeing is physical, emotional and financial; it involves feeling connected to your purpose and to other people. Mari adds, "If I'm feeling more thriving in my wellbeing, then I am more likely to be engaged, to be productive, to be connected to the purpose of the organization and making contributions that are going to make for happy customers, happy colleagues and help everybody achieve their business goals."

Employee Wellbeing Is An Indicator of Organizational Culture

Mari posits in her book that employee wellbeing is an indicator of an organization's culture. She tells Tom that culture is the behaviors, norms, assumptions, and rituals within the organization. Purpose and values work together to form culture. If employees feel cared for and that their wellbeing is considered, the culture will be healthy.

Wellbeing During and Post COVID-19

Tom asks how Mari is counseling clients during the crisis. She responds that during a crisis we have to think about things from a different perspective. Stress is the major issue that everyone, no matter their circumstances, is dealing with during the pandemic. We will also have to deal with stress post COVID-19, she points out. She outlines the various types of support people will need after the pandemic.

Resources

Mari Ryan on LinkedIn

AdvWellness.com

Innovation In Data Security with John Myers

Tue, 28 Apr 2020 04:01:00 -0000

John Myers is the founder and CEO of Chorus Consulting. He has been an e-discovery and digital forensic professional for almost 30 years, assisting clients with data identification, preservation and analysis. He chats with Tom Fox about his company’s innovative approach to data forensics and information governance.

Innovation Begins Here

Tom is intrigued with Chorus Consulting’s tagline, “Innovation Begins Here.” He asks John to explain the significance of the tagline. John responds that it “represents our approach to our client projects and the way we approach our investigations... We're really continuously working to find better ways to exceed our clients’ expectations, thus we're innovating.”

Data Security and Information Governance

Most companies don’t truly know to what depth or breadth their data is secure, John posits. Chorus Consulting helps its clients understand the “what, why, and who” of their data, as well as their internal security measures. John says they help clients discover and correct potential security issues because it's critical to know whether these internal measures are actually protecting them as well as their data. Tom comments that this data security risk assessment can prove to regulators that a company has assessed their data and has put a risk management strategy in place based upon that assessment.

John views information governance as an evolving discipline. “Information governance really provides the framework for clients to make good decisions about what information they're keeping, how long they're keeping it, and who and what should have access to it,” he says. He explains how his company helps his clients in this area. He also shares five practical steps to mitigate information risk.

Proactive Approach to Data Forensics

Tom asks, “You advocate utilizing forensic services in a proactive as opposed to a simply reactive basis. Can you talk us through how we would help a client do that?” John responds that they deploy real-time monitoring methodologies and technologies to ensure that corporate intellectual property or knowledge doesn’t leak out of the organization when an employee leaves. At the same time, they help their clients ensure that new employees do not bring data that they shouldn’t have into the organization.

Resources

John Myers on LinkedIn

ChorusConsulting.net

Second Chances for People and Electronics with John Shegerian

Tue, 21 Apr 2020 04:01:00 -0000

Tom Fox chats with John Shegerian, an entrepreneur who is passionate about serving up second chances. They talk about what motivates him, and how his company ERI helps organizations protect their data while protecting the environment.

Serving Second Chances

After the Rodney King riots in Los Angeles, John co-founded Homeboy Tortillas with Father Greg Boyle as an outreach program to employ gang-impacted youths. He recalls father Greg's tagline, “Nothing stops a bullet faster than a job.” Their way of doing business became a phenomenon in post-riot Los Angeles, and eventually, thousands of young people were employed in many different industries, which changed their lives positively. John says, “I only wanted to do businesses that made the world a better place, that made an impact... it always had to have a bottom-line way beyond just profit... All the companies that I'm involved with, I always looked for people that are part of what has been historically marginalized parts of society… Our core mission is recycling electronics at ERI, but recycling lives is what we really do in giving people a second chance.”

Recycling Electronics

Tom comments that recycling is becoming more important in today's technologically-based world. He asks John to describe the business of ERI. John says that ERI recycles old or discarded electronics. He calls it the dark little secret of the technological revolution since nobody considered what would happen to our old electronics: they just made great technology that made our lives better. As a result, old electronics were dumped in landfills and it became - and still remains - the fastest growing solid waste stream in the world. Chemicals such as arsenic, beryllium and mercury leach into the ecosystem when electronics are dumped. This is very bad for people, for plants, for animals, and for the water supply, John says. “There's no reason to throw the stuff in the landfills because you could keep it above ground. You could recycle them responsibly and everything can go for beneficial reuse,” John argues. “You could be zero waste.”

Protecting Data

John’s message to governments and corporations is that recycling their old electronics is good for their business, good for their privacy, and good for the environment. He explains how he helps companies assess their e-waste recycling risks. In today’s context of the Coronavirus, it's more critical than ever to protect your data, John says. Bad actors seize opportunities like this crisis to take advantage. “If they got your old hardware they could pull your hard drives or other data containing materials, reverse engineer the information and have a heyday with regards to monetizing any data that’s contained in old hardware,” John points out.

A Giveaway For Listeners

John is giving a free copy of his book, 101 Tips From The Marketing Masters, to the first 10 listeners who reach out via email to book@themarketingmasters.com. He is also running a $0.99 promo on the Kindle edition on Amazon.

Resources

ERI

Email for a free copy of John’s book: book@themarketingmasters.com

Buy on Amazon

Systematizing Success with Ben Wolf

Tue, 14 Apr 2020 04:01:00 -0000

This week’s guest on the Innovation In Compliance podcast is Ben Wolf, founder and CEO of Wolf’s Edge Consulting. He chats with Tom Fox about how his company helps entrepreneurs systematize their business operations to achieve their goals.

From Lawyer To Consultant

Ben describes his career path from corporate attorney to founding his own company as a “twisting and turning journey.” He relates how he was introduced to the Entrepreneurial Operating System (EOS) framework, and the success the company enjoyed as a result of implementing it. After three years, he realized that he wanted to help other organizations grow in the same way. “So I went out on my own,” he says. Today, his consulting company helps other entrepreneurs implement EOS.

The EOS Process

Tom asks Ben to describe the EOS process and how he helps entrepreneurs use EOS to grow their business. Ben responds that a business must be able to carry out its goals in order to be successful. “It’s just critical for any business to be able to have a good structure for how to set goals and then create discipline and accountability for getting those done,” he points out. The EOS is a framework for running all aspects of a business. In particular, it aims to help strengthen the six key areas of the business: vision, people, data, process, issue solving and traction. It helps companies achieve:

Vision - getting everybody in the organization on the same page.
Traction - getting people executing on the vision with discipline and accountability.
Healthy - having a professional, functional, cohesive and functional leadership team.

Ben relates how companies can contract an EOS implementer like Wolf’s Edge, if they think it would be a good fit.

Ben’s Podcast

Tom says he was honored to be a guest on Ben’s podcast, Win Win - An Entrepreneurial Community. Ben shares two reasons why he started the podcast and why he chose its name.

Resources

Wolf’s Edge Consulting

bwolf@wolfsedgeconsulting.com

EOSWorldwide.com

A Roundtable Discussion on the AI Ethics For Business Course

Tue, 07 Apr 2020 04:01:00 -0000

In this week’s Innovation In Compliance show, Tom Fox, together with guests Sean Freidlin, Yan Tougas, and Patrick Henz, have a roundtable discussion about their experience with taking Seattle University’s free course, AI Ethics For Business. They chat about what they felt were the highlights of the course, as well as the opportunities for improvement.

Patrick Henz

Patrick likes how trainers from different disciplines work together as a team to present the course. He suggests that this interdisciplinary approach could be used by companies for compliance training, since compliance is becoming more of an integrated function, mainly due to budgetary constraints. Patrick emphasizes the importance of continuous learning: the world is changing so quickly that we cannot rely solely on our university training to keep abreast.

The topic of robotic process automation was missing from the course, Patrick thinks. He believes that psychology and ethics, topics discussed in the first module, are relevant for all compliance practitioners. He comments, “We’re not only here to identify the bad employees but furthermore to protect the good employees, which includes protecting them against themselves…”

Yan Tougas

Organizations using and/or creating AI must create their own set of governing values and principles from the outset, Yan points out. Two of those values should be transparency and agency. “If we are going to use AI to make some critical decisions about people’s welfare,” Yan says, “…we need to create room in the process for a human to make a final decision.” He points out that the pressure to rush to market is one reason companies do not create their own values and principles around AI. “We need to be extra careful and make sure that we don't let this pressure to get to market and this pressure to adopt AI blind us from the homework we need to do up front,” he comments.

Yan appreciates the Operational Readiness document in Module Three, which he describes as a practical tool compliance practitioners can use. On the other hand, he thinks that the user interface and the quizzes at the end of each module could be improved.

Sean Friedlin

Sean finds it refreshing that a large corporation such as Microsoft has partnered with Seattle University to create free training for the public good. He hopes that more companies would embrace these types of partnerships in the spirit of corporate social responsibility. Sean sees this as the emergence of a deeper commitment to ethics as AI develops. He notes with interest that the Vatican has joined in this conversation.

Sean poses two interesting questions:

What impact will COVID-19 have on AI advancement?
What makes a good online learning experience?

Having the subject matter experts as narrators and anchors throughout the course establishes their credibility; Sean views this as a pattern other course creators should follow. He finds the course content too text-heavy, however, and the UI design mobile unfriendly.

Tom Fox

The exercise emphasized for Tom the need for companies to start with ethical values and accountability for the entire organization. You cannot simply ask those involved with these cutting-edge questions to be the sole corporate repository of ethical and moral values, he argues. Put these values in place now, enshrine them throughout your organization so when the

business opportunity or a crisis arrives, you would already have the framework in place to make a decision aligned with your company values.

The course is a good reminder to consider governance and structure as part of your compliance regime, Tom comments. It was a positive experience overall; however, it may not work for ongoing communications or training due to time.

Resources

Seattle University course- AI Ethics for Business

Rome Call for AI Ethics

Rome Call

Vatican joins IBM, Microsoft to call for facial recognition regulation

Going Beyond DDQs with Jed Gardner

Tue, 31 Mar 2020 04:01:00 -0000

Tom Fox chats with Senior Vice President of Linedata Technology Services, Jed Gardner in this week’s show. They talk about how Linedata’s solution protects companies within the financial sector from cybersecurity risk and how this leads to increased productivity and profitability.

Mitigating Cybersecurity Risk

Jed says that LineData addresses three main challenges within the financial sector. They provide 1) cloud computing solutions to investment firms; 2) cybersecurity that is SEC- and FINRA- compliant; and 3) 24/7 managed support services that are both remote and on premises from their security operations center.

Tom asks Jed to explain how Linedata helps investment firm senior executives address cybersecurity risk. Jed replies that his company is “...providing a level of confidence to senior executives within investment firms that they are protected on a day-to-day, week-to-week, month-to-month basis… The way we’ve been addressing that is by providing levels of service and reporting that do meet the SEC and FINRA requirements, but really push beyond that.” He says that Linedata’s reporting capabilities allow them to use their tool sets to provide a day-to-day view.

Jed comments that categorizing data and defining its locations are important considerations in providing their services to clients. He points out that regulated businesses, in particular, should classify their data and understand where it is, understand the risks, and its impact on the business and stakeholders. As such, businesses should have prevention technologies and policies in place to protect their live and archived data.

360° Risk Analysis

Jed and Tom discuss Linedata’s approach to cybersecurity with vendors down the supply chain. Jed comments that senior executives want to know all the risks to their business since they ultimately become personally responsible for it. A proper risk analysis, like the 360° risk analysis Linedata offers its clients, can unearth hidden risks. Jed describes the 360° risk analysis process. He remarks, “Being able to implement that for businesses and provide feedback on a regular basis allows us to correctly protect them as much as we possibly can, but also gives the senior executives confidence…”

Beyond DDQs

Tom asks, “...can a compliance solution increase business efficiency and productivity leading to an increase in profitability?” Jed responds that using managed services such as Linedata add value by giving time back to key members of staff, who are then able to provide value back into the business. This increased productivity is what leads to increased profitability. He explains how Linedata gives time back to investment firms by taking away the tedious due diligence questionnaire (DDQ) process. He adds that his clients now have time “to look at how to enable the business to be more productive through the more efficient implementation of security and compliance and then, in turn, utilizing that knowledge to then allow the business to operate more freely and more efficiently.”

Resources

Linedata.com

Navigating CFIUS Risks with Business Intelligence: Part 5 - Effective Monitoring and Compliance Officer Solutions for CFIUS

Fri, 27 Mar 2020 05:07:00 -0000

Welcome to a sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, using a proactive approach to navigate the CFIUS process, compliance frameworks for risks under CFIUS and cyber risks and access controls under CFIUS. Today, in this concluding Episode 5, I visit with Him Das on effective monitoring and compliance officer solutions for CFIUS.

Highlights include:

What is a monitorship and how does this work?
What will this looks like when it comes to CFIUS?
What can companies prepare for in advance of being put under the eye of a monitor?

Navigating CFIUS Risks with Business Intelligence: Episode 4-CFIUS, Cyber Risk and Access Control

Thu, 26 Mar 2020 05:07:00 -0000

Welcome to a sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, using a proactive approach to navigate the CFIUS process, compliance frameworks for risks under CFIUS and effective monitoring for CFIUS. Today, in Episode 4, I visit with David Holley on the CFIUS and cyber risk and access control.

Highlights include:

Is it just cyber security companies, or how does CFIUS weigh this risk?
What steps can investors take to mitigate this in the initial processes?
What does an ongoing compliance framework look like to help catalyze continued success?

Navigating CFIUS Risks with Business Intelligence: Part 3 -CFIUS and Compliance Frameworks for Export Control, Financial Crimes Risk and Anti-Corruption Compliance

Wed, 25 Mar 2020 05:07:00 -0000

Welcome to a sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, using a proactive approach to navigate the CFIUS process, CFIUS and cyber risk and access control, and effective monitoring for CFIUS. Today, in Episode 3, I visit with Him Das on the CFIUS process regarding compliance frameworks for sanctions, export control, financial crimes risk and anticorruption risks.

Highlights include:

When it comes to sanctions and export control, what is CFIUS examining?
What sectors are particularly vulnerable to new export control rules and why?
How can entities leverage due diligence to mitigate these issues?

Demystifying ESG with Rakhi Kumar

Tue, 24 Mar 2020 13:01:00 -0000

Tom Fox chats with Senior Managing Director of State Street Global Advisors, Rakhi Kumar, about some of her company’s initiatives to make Environmental, Social and Governance (ESG) more approachable for business leaders.

Building For The Future

Rakhi says that risk keeps evolving and that ESG is a new type of risk. ESG issues tend to be seen as intangibles and nonfinancial. However, they create long term value for the company if managed correctly. She says that State Street’s mission is to invest responsibly to enable economic prosperity and social progress. This means they manage for the long term, which is why social issues inform their strategy. “From a fiduciary perspective what we keep focus on is financial materiality and research informing our decisions ... to ensure we're focused on value creation,” Rakhi notes. “ESG is an opportunity to build for the future and create long term value.”

Improving ESG Reporting

Tom comments that State Street’s research found that less than 25% of companies they evaluated had identified, incorporated and disclosed material ESG issues into their strategy. He asks Rakhi how her company is helping to improve this. She shares State Street’s stewardship initiatives to highlight ESG in the boardroom. In addition, they are raising awareness about the need for standardization across the market. She describes the R-Factor tool which provides a framework to measure “the performance of a company's business operations and governance as it relates to financially material ESG issues facing our company's industry.”

Holding Companies Accountable

Rakhi says that her company will use its proxy voting power to get companies to improve their ESG performance. You can go to State Street’s website to apply for your company’s ESG score, as well as how you rank in relation to other companies.

Resources

R-Factor

Navigating CFIUS Risk with Business Intelligence: Part 2-Navigating CFIUS Through Proactive Management

Tue, 24 Mar 2020 05:07:00 -0000

Welcome to a sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, CFIUS and compliance frameworks, CFIUS and cyber risk and access control, and effective monitoring for CFIUS. Today, in Episode 2, I visit with Him Das on navigating the CFIUS process through proactive management and compliance solutions.

Highlights include:

What is CFIUS looking for?
How do you even begin a filing?
What compliance frameworks do you need to get through the process?

Navigating CFIUS Risk with Business Intelligence: Part 1-Identifying Threats and Vulnerabilities

Mon, 23 Mar 2020 05:07:00 -0000

Welcome to a sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through proactive management, CFIUS and compliance frameworks, CFIUS and cyber risk and access control, and effective monitoring for CFIUS. Today, in Episode 1, I visit with David Holley on using business intelligence to identify threats and vulnerabilities under the CFIUS process.

Highlights include:

A broad overview of CFIUS
What role does business intelligence play?
What threats and vulnerabilities should be identified and mitigated?

Customizing Proactive Compliance Monitoring with Jordan Domash

Tue, 17 Mar 2020 04:01:00 -0000

Jordan Domash, General Manager at Relativity, is this week’s guest on the Innovation In Compliance show. He chats with Tom Fox about his company’s Relativity Trace solution, and how to use it in your compliance program.

A Proactive Approach

Jordan describes Relativity Trace as “...a communication, surveillance, and monitoring tool built on top of the Relativity platform for compliance purposes.” Tom asks him how it can be used in a proactive approach to compliance. He responds that when potential issues need to be investigated, Relativity Trace can sift through millions of files using machine learning, search, and human review to detect risk proactively. He points out that their out of the box policies can detect issues such as bribery, corruption, and price-fixing. In addition, companies can configure their own rules based on the compliance risks that are relevant to their business. When there is a potential compliance violation, the system will proactively generate alerts.

Relativity One

Tom asks Jordan to talk about another discovery solution Relativity offers, namely Relativity One. Jordan responds that Relativity One is the SAAS version of Relativity: it’s an e-discovery tool that can help you search and review content as part of an investigation, and then create reports. Each activity that happens in Relativity leaves a permanent audit trail, which ensures that the review process is defensible.

Document Security

After you self-disclose, the first thing the government asks is if your documents are secure, Tom comments. He asks Jordan how their solution handles security. Jordan describes the tools in Relativity Trace that ensure data security, including the legal hold tool. He reiterates that every action in Relativity is audited. “It's all exportable. It's all filterable. It's all searchable. So it's very possible to take a look at your audit trail and find the relevant behavior or the whole history of the matter, the investigation or the combined process, and share that with regulators.”

Tom asks how the solution deals with false positives, in answer to which Jordan outlines various measures built into Relativity that handle this problem. “It’s not just the Machine Learning that can help you reduce false positives right away, but it’s a full collection of tools that Relativity Trace gives you to go through your process quickly… and identify risks in your business,” Jordan comments.

Resources

Relativity Trace

Utilizing the Virtual Assistant with Daniel Ramsey

Tue, 10 Mar 2020 04:01:00 -0000

Daniel Ramsey, CEO and Co-Founder of MyOutDesk, a virtual assistant company that helps small to medium-sized businesses get leverage, is this week’s guest. He joins Tom Fox to discuss the untapped resources of virtual assistance.

Starting the Business

Tom asks Dan to recount why he founded MyOutDesk. Dan responds that he started a successful real estate practice, but soon realized that he needed more leverage in order to grow his business. However it was hard to find detail-oriented people who could fill in his roles, so he hired a few virtual assistants to do the paperwork and was amazed at their capabilities. From there, Dan says, he asked them if they had connections to other virtual assistants and he started MyOutDesk, which now has about 1200 employees in the Philippines.

Blending and Cost Effectiveness

Dan believes in a blended work chart, where a portion of a company's employees are US based and everyone else is across the globe, and that companies are going to move toward this. It’s not a question of ‘if’, but ‘when’, Dan says. Everyone in your pipeline that is doing the work of running an existing system or process can and will someday be outsourced, which cuts down on costs significantly. According to Dan, one of his employees costs one quarter of the cost of a US based person to employ, meaning that there is incentive for businesses to have a virtual workforce.

Vetting and Ongoing Monitoring

Dan offers advice to business owners about the vetting process of hiring an outsourcing provider. MyOutDesk does an FBI grade background check on all their employees, as well as a medical check to ensure they don’t have any debilitating illnesses that could hinder their productivity. He adds that business owners should ensure their potential outsourcing providers have wide scale experience and are licensed to operate in the countries where they provide their services. For ongoing monitoring of their virtual assistants and using the captured data for continuous improvement, they should invest in some task management or accountability platforms, which are inexpensive to implement and are an easy way to ‘juice’ the relationship between employer and virtual assistant.

Talent On Demand

MyOutDesk’s solution is talent on demand: when a client comes to them, the company does a thorough consultation about the client’s specific needs, and by the next day the client would have someone ready to work with them. This is beneficial to entrepreneurs, small to medium sized businesses, or any compliance officer running a large operation.

Resources

Daniel Ramsey on LinkedIn

MyOutDesk.com

Text SVP to 31996

Coronavirus Risk Exposure with Ben Locwin

Tue, 03 Mar 2020 05:01:00 -0000

Ben Locwin chats with Tom Fox about COVID-19 and the risk management issues associated with the disease in this week’s Innovation In Compliance show.

What is Coronavirus?

Ben says that coronaviruses have been around for a long time. During flu season, about 10% of patients with upper respiratory symptoms test positive for a type of coronavirus. The epicenter of the outbreak of this particular strain of the coronavirus is Wuhan, China, and there seems to be some correlation with the open air markets there. Though it’s suspected that the virus may have crossed from animals to humans, the nexus of the disease is unknown. He goes on to explain how the virus got its name and how it affects human cells.

Symptoms and Spread

Tom asks about the symptoms of the coronavirus (officially called COVID-19) and how it spreads. Symptoms, Ben says, include respiratory symptoms similar to a chest cold, such as coughing, having trouble breathing, and fever in more severe cases. In a relatively few cases, patients experience organ failure and septic shock and other serious issues, including death. Ben explains that this particular coronavirus spreads through aerosolized droplet infection: when an infected person coughs or sneezes in a public place, fine particulates of saliva and mucus are introduced into the air. Anyone there can inhale these particles and contract the disease. They can start experiencing symptoms within 2 to 14 days.

Common Sense Prevention

Ben comments on the stigma associated with COVID-19. While travel restrictions and other such responses make good sense, he points out that the outbreak of the virus is not yet a pandemic. If you’re experiencing upper respiratory symptoms, see your healthcare provider right away to have a test done. Your sample will be sent to the CDC for testing to determine if you have COVID-19. He advocates common sense prevention measures, the most important of which is hand hygiene: wash your hands regularly. When you’re in a public place try not to touch your eyes, nose or mouth and don’t touch food without washing your hands first. Face masks may also be useful. If you feel ill, stay at home, he advises.

Smart Risk Management Practices

Tom comments that many businesses are struggling with how to manage the risk associated with the disease. He asks Ben to give some advice in this regard. Ben responds that companies should take a smart approach. While you shouldn’t start panic buying and selling, and cease all travel, you should certainly limit non-essential travel whenever possible. “That’s just essentially limiting our exposure to risk,” he says. Tom adds that there are a number of modern communication tools that can be used instead of traveling to meetings. It’s sad that it takes situations like this to force companies to examine their business operations, Ben comments. However, by cutting out non-critical practices, businesses not only limit their risk exposure, but it also allows them to employ operational excellence.

Resources

CDC.gov/Coronavirus

Ethics and Compliance In The Morning Show with Sean Freidlin

Tue, 25 Feb 2020 05:01:00 -0000

This week’s guest on the Innovation In Compliance show is Sean Freidlin, Director of Product Marketing at SAI Global. He and Tom Fox chat about the article he recently posted on LinkedIn, Rise and Shine: The Morning Show’s Wakeup Call to Corporate America.

Overlapping Themes

Sean says that the central themes in movies often overlap with the common themes in ethics and compliance programs. In particular, he noticed that Apple’s flagship program, The Morning Show, tackles almost every issue that compliance teams build training about or write about in their code of conduct. Issues such as sexual harassment, diversity and inclusion, whistleblowing and retaliation are issues that many companies deal with. Sean comments that he applauds the risk Apple took to make the show, which shows their commitment to speak up about abuse of power when they see it.

Compliance and Ethics Issues

Tom asks Sean what is the general story arc of The Morning Show. Sean summarizes the plot, which includes a sexual harassment scandal, and comments that the show explores the butterfly effect on the culture and the people working there, as well as the corporate politics that are involved in managing a scandal. Sexual harassment is one of the top two issues that ethics and compliance professionals have focused on in the last year, according to Sean. He highlights several lessons ethics and compliance professionals can garner from the show, including:

Some people don’t know what isn’t allowed;
There should be a deeper commitment to communicating company values and policies;
The show highlights the role personal connections and relationships play in perpetuating a culture where people don’t do the right thing.

A Dilemma

You might find it harder to do the right thing if you like your boss or your colleague, but you know they’re doing something wrong. Your relationship with that person may cloud your judgment, Sean says. A positive and ethical leader has a positive influence on employees’ behavior; but a manager or leader who disregards the rules, policies and values of the company, will negatively affect everyone else. The bottom line, Sean points out, is that relationships are an essential part of a compliant organization or a culture where people do the right thing.

Tom quotes a line from Sean’s article, “Successful and powerful men can manage to survive and even thrive on their charm and influence, despite the unethical and immoral choices they make.” He and Sean discuss the moral and ethical dilemma of doing the wrong thing if it will help you be more successful.

The Reality of Whistleblowing

Sean says that The Morning Show does an excellent job of exploring what happens after you blow the whistle. A common mantra today is ‘If you see something, you should say something,’ However, saying something is just the beginning, Sean says. The one who blows the whistle faces more than just retaliation: the emotional impact is even weightier. That person has to live with the stress of knowing that the misconduct they reported is ultimately going to be the catalyst for so much drama, such as people losing their jobs, and the company losing money.

Resources

Rise and Shine: The Morning Show’s Wakeup Call to Corporate America

Sean Freidlin on LinkedIn

SAIGlobal.com

sean.freidlin@saiglobal.com

Gini Dietrich on Spotting Red Flags

Tue, 18 Feb 2020 05:01:00 -0000

This week’s guest on Innovation In Compliance is Gini Dietrich, CEO and founder of Spin Sucks. Gini is a writer, blogger, speaker and all-around expert in the PR space. She recently wrote a blog post entitled, How to Spot Red Flags in New Business Relationships, which is the focus of her discussion with Tom Fox in this week’s show.

Trust Your Instincts

Tom asks Gini what inspired the blog post. She responds that she actually wrote the blog post as a reminder to herself to always look for red flags and always listen to her gut. She says that when you’re contemplating a prospective business relationship, there are a few questions you should always ask yourself. Do you see red flags? Can you get past them because there are other advantages? Should you discontinue the conversation and save yourself time, angst, money and resources in the long run? In the PR space, the most common red flag is unrealistic expectations, Gini explains.

Why? Why? Why?

Gini points out the importance of writing down red flags. For one thing, it makes them more concrete; and for another thing, you can take your questions into your meetings to remind yourself to ask certain questions if red flags arise. You should be constantly evaluating your business relationships. Ask follow up questions. Gini advocates asking why at least three times. Tom comments that the compliance industry uses that exact technique; it’s called root cause analysis.

Learn to Say No

Tom asks, “Why is the ability to say no critical for business owners and compliance professionals?” Gini responds that in business relationships, if you can’t find any red flags then it’s usually going to be a good relationship. The inverse is also true: if there are red flags then the relationship is usually going to be difficult. The other reason why being willing to say no is important, is that in the PR business as in compliance, you’re selling your time and you can’t scale that. So it’s critical to say no to things that will take your time away from what you should be doing. Tom mentions that part of Gini’s process is to try to disqualify every prospect. She comments that looking for reasons to disqualify a prospect, and finding them, makes it easier to say no to them. She shares tips on what red flags might look like from the employee and client perspective.

Resources

SpinSucks.com

How to Spot Red Flags In New Business Relationships

Reimagining Data Privacy with Ray Pathak

Tue, 11 Feb 2020 05:01:00 -0000

Ray Pathak is the COO of Nymity, which was recently acquired by TrustArc. He chats with Tom Fox about the acquisition and how his company is reimagining privacy.

A Powerful Combination

Nymity and TrustArc have been in the compliance space for a combined 40 years. Nymity has research expertise, and TrustArc is versed in automation and technology. The companies coming together with their complementary skills, have created something powerful and special in the marketplace.

Reimagining Privacy

Tom asks Ray to expand on its catchphrase, ‘Reimagining Privacy’. It’s about providing data intelligence within the compliance solution, Ray responds, so that companies can do more with less. “We want to empower organizations to understand their data better and by understanding it, be able to do more with their data.” He calls this ‘unleashing the data’.

The wait-and-see approach used by so many companies is a failure waiting to happen, Ray argues. It may solve the problem of today, but it’s not viable long-term because you would have to start from scratch each time a new law comes out. He advocates a more proactive, take-control approach: build out a comprehensive privacy program so when a new law comes out you're just tweaking your program instead of creating a whole new one.

Embedding four layers of research within their tools so that information is available to clients when they need it, makes Nymity’s solution different from other solutions on the market. Ray goes on to explain how this process brings privacy intelligence to their clients, saving them valuable time. Their comprehensive framework containing 139 different technical and organizational measures, grouped into 13 categories, and mounted to over 900 local and international laws allows clients using the framework to build out their data privacy program to comply with many laws.

Future Trends

Tom asks Ray to comment on the top issues in data privacy for 2020 and beyond. Ray responds that the first issue is the impact laws like CCPA will have. More states are coming out with privacy laws, likely to be more comprehensive than CCPA, he predicts. The second issue he talks about is making data privacy easier for people. Privacy is becoming more complex, but their privacy intelligence tool makes it more accessible for clients. Thirdly, he says that by combining technology with research, his company is helping to provide insights to organizations with their solution.

Resources

Nymity.com

TrustArc.com

Putting Compliance In Your Hands with Garin Bergman

Tue, 04 Feb 2020 05:01:00 -0000

This week’s guest on Innovation In Compliance is Garin Bergman, founder of the Palmtree compliance app. He chats with Tom Fox and Ronnie Feldman about the app, and how it puts compliance into the hands of employees.

Making Compliance Simpler and Timely

Ronnie believes that the next boundary in compliance is simplicity, not complexity. Garin’s innovative solution is a simple way to get compliance to people through technology, he says. Garin explains that Palmtree is a mobile application for smartphones and tablets that allows compliance departments to put their materials into their employees’ hands wherever they are. The app can recognize employees’ location and send them communications that might be relevant to their project or that might minimize compliance risk. In addition, having the app available on their devices - an environment they’re already used to and like to use - in an engaging and easy to read format, further supports the compliance program.

Key Features

Palmtree has the ability to track and analyze metrics that are important to the company. Another innovative feature is the gift registry module. Garin explains that this allows individuals to submit gifts to be reviewed and approved by their supervisor. The supervisor is notified of the request and, using the information available in the app, makes an informed decision whether to allow the gift. The request is approved or declined right within the app, and the employee is notified. Additionally, robust back end analytics can provide reports on the types of gifts that have been given over the past two years.

Solving A Compliance Problem

Tom comments that an often overlooked reason why adoption of new technology is slow in the compliance industry is that it requires lawyers, who comprise the majority of the industry, to deviate from the static policies, procedures and delivery of training they’re accustomed to using.

People also assume that having a solution like Palmtree will be very expensive, Garin says. However, the cost is quite reasonable and it can be deployed in as few as 45 to 60 days. Tom adds that it also allows you to comply with the Department of Justice’s requirements for ongoing improvement of your compliance program.

Resources

GetPalmtree.com

The Human Element of Compliance with Gio Gallo

Tue, 28 Jan 2020 05:01:00 -0000

Gio Gallo, and his brother and co-CEO Nick Gallo, joined ComplianceLine because they saw a need for better vendor partners in the compliance industry. Their mission is to help more people every day. Today they care for the leaders who care for six million people around the world. Gio joins Tom Fox on this week’s show to talk about why the human element in compliance is mandatory and why it’s going to stay that way far into the future.

Taking Care of People

ComplianceLine helps compliance leaders by giving them actionable information so they can take care of their people. Gio lists the services his company offers, such as issue intake and case management, and hotline.

Data Cannot Replace Humans

Tom comments about the increasing importance of collecting and monitoring data, given regulatory mandates. He asks Gio why he believes that data cannot be allowed to replace the human element. Gio responds that automation is great, for machines. However, you can’t define every scenario or what should be done in every interaction, so there’s no way you can automate everything. In addition, where there are issues that involve people, you need people to find information, and to plan and execute the appropriate fixes. As more repetitive tasks become automated, the human element is going to become more important, Gio predicts.

Hotlines and Empathy

The human element of compliance is especially relevant in hotlines. People expect that human-caused problems with human-required solutions have human-considered interactions, Gio says. People calling in to report a problem need to feel heard and that their issue is being considered by someone who will do something about it. Tom commends Gio on a ComplianceLine blog post entitled, I Hope Things Get Better for You: The Importance Of Empathy In Compliance Reporting. Gio responds that empathy drives effectiveness. It’s also the way to show care and respect for others. Anyone calling your hotline should feel cared for and listened to. When you engage with them in a caring way, you understand where they're coming from and you get better information. You can now follow up and close issues faster, and ultimately take care of damaging risks more quickly.

Resources

ggallo@complianceline.com

ComplianceLine on YouTube | LinkedIn | Facebook | Twitter | Instagram

ComplianceLive podcast

Blog post: I Hope Things Get Better for You

How ESG Helps Companies See In The Dark with Trysha Daskam

Tue, 21 Jan 2020 08:01:00 -0000

Trysha Daskam has been with Silver Regulatory Services since its inception 18 months ago. She is the in-house expert on Environmental Social Governance (ESG) at Silver and was brought in by founder Fizza Khan (guest on episode 108 of this podcast) to grow the ESG arm of the business. She chats with Tom Fox about how Silver Regulatory Associates helps their clients improve their ESG compliance.

Creating an ESG Program

Trysha defines ESG as a lens through which you comprehensively evaluate the investments that you make. It is often deemed a risk tool because it evaluates a set of environmental, social and governance risk factors that were not typically captured in traditional diligence. Tom asks Trysha to describe the steps a company should take to create an internal ESG program. She responds that companies should start by determining if they already have any ESG-related document that could form the basis of a policy. If not, then there are a few core steps to take:

Create your guidance document that enumerates your ESG procedures;
Train the investment personnel who will be responsible for the policy;
Entrench the policy in the company culture through communication.

How ESG Helps You See In The Dark

ESG is increasingly becoming a matter of corporate citizenship, Trysha says. It is a way for a firm to establish how it is acting responsibly towards its clients, employees and community at large. In addition, investors want to see that the ESG policies on paper are actually being implemented, that protective mechanisms were put in place to guard against considered risks. ESG should put a firm in a place where they are less surprised by things that happen, Trysha remarks; it’s another tool to help them see in the dark. Tom comments that it’s a framework to be able to not only analyze questions and manage risks, but also to give answers to multiple stakeholders.

ESG for Investment Firms

Tom asks where an investment firm should start if they want to evaluate their portfolio or potential acquisitions from an ESG perspective. Trysha responds with some questions they should ask:

What do you deem to be a material ESG risk for the business that you are evaluating?
From that list, are there any underlying sub factors that can be measured?

Resources

SilverRegulatoryAssociates.com

Episode 108 with Fizza Khan

Getting Employees to Pay Attention with Peter Grossman

Tue, 14 Jan 2020 08:01:00 -0000

Peter Grossman comes from a publishing and entertainment background, having worked at US Weekly and Rolling Stone. Given this background, he and his partner initially targeted the entertainment industry when they co-founded their production company, Labyrinth Training. However, they were offered the opportunity to work with AB InBev to create compliance training that their employees would actually pay attention to. Since that time, Labyrinth has focused on creating training for the compliance industry. Peter joins Tom Fox on this week’s show to talk about the innovative ideas, strategies and techniques in training and communications that his company brings to the compliance space.

Fixing What’s Wrong With Compliance Training

People love learning, Peter says, but they generally do not like school. The problem with compliance training is that it’s usually built by test takers, with little to no emphasis on engaging learners. Oftentimes you have a situation where compliance training is done in December when employees are the least engaged. That’s not the time to try to shove information down people’s throats, Peter argues. Training should be something that makes a difference, that changes behavior. As such, it should be something people want to do, not just have to do. You need to attach creative and innovative ideas to what you're trying to convey to grab people’s attention and make it memorable. Essentially, your training should be about engaging your workers year round in a culture change.

Memorable Storytelling

Whenever you roll out a training, it should feel like a cool office party, Peter says. The goal is to have people talking about it afterwards by attaching your policies to storytelling. Tom asks him how he applied this strategy at AB InBev. Peter shares the attention-grabbing narrative they developed for AB InBev’s compliance training program. It was so memorable and relatable that it became a company inside joke. What’s most important, he says, is that workers now remember what to do in certain moments because of that training. “The idea is that when you create characters that resonates with everybody, that’s what sparks the behavior change and gets people remembering it throughout the year,” Peter comments. He advocates bringing storytelling to everything - from broad topics to the most nuanced - because people will remember it.

A New Podcast

Tom mentions that Peter will be joining the Compliance Podcast Network with his new podcast. He asks him to give listeners a preview of what is to come. Peter says the name of the podcast is In The Lab. It’s going to be a very loose, conversational show. He will bring his storytelling background to the show as the format will be about talking to people and hearing their stories.

Resources

LabyrinthTraining.com

peter@gadfly.io

Completing the Last Mile of Validation Craig Carpenter

Tue, 07 Jan 2020 08:01:00 -0000

Like its namesake, which was the first piloted aircraft to break the sound barrier, X1 values innovation and speed. The company is laser focused on fixing problems in new, better and more cost effective ways. Its software capability has evolved from search & productivity applications into the ability to collect social, media and web content for legal proceedings, as well as the ability to access and act on employee information in a scalable manner without disrupting productivity. CEO of X1, Craig Carpenter, joins Tom Fox on this week’s show to chat about how his company is making data accessible for its clients.

Distributed GRC Solution

Tom asks Craig to talk about X1’s distributed GRC solution. Craig responds that the name itself conveys that the software is wherever the data resides. Distributed GRC is a two-part product, he says. The first part is software that sits on an endpoint such as a laptop. The second part is a command and control layer that allows you to access your data sources and analyze what data is available as well as take action on it. Craig explains how X1 enables social media discovery in a forensically sound fashion. Data can be manipulated today, he comments. So being able to prove that your data is credible and that the chain of custody is accurate, is critical especially in the context of legal proceedings.

Quick Access

Tom comments that X1’s emphasis on speed equates to greater business productivity, efficiency and profitability. The company was founded for this very reason, Craig agrees. Finding the right information in a timely fashion, and being able to act on it for your productivity purposes, is critical to business.

CFIUS and Preventing Violations

The Department of Justice’s new guidelines require companies to go beyond policies and questionnaires to using technology to validate data. Craig says that X1’s solution is a last mile validation piece. He and Tom discuss how X1 helps its clients comply with CFIUS (The Committee on Foreign Investment in the US) regulations. “Our technology is very effective because we can not only get the server data and some of the structure data as well to ensure that that’s compliant,” Craig comments, “but stuff on laptops and desktops where people work is also compliant. That’s kind of the key hidden element that we’re really good at attacking.”

Resources

X1.com

Scheduling Profitablity with Krista Hardwick

Tue, 17 Dec 2019 08:01:00 -0000

This week’s guest on the Innovation In Compliance show is Krista Hardwick, General Counsel at Deputy. Deputy brings an innovative solution to managing compliance and legal risk around scheduling. Krista chats with Tom Fox about how her company’s software helps business owners stay compliant with fair wage and hour laws, as well as increase profitability.

Analyzing Shift Work

Deputy recently released a free ebook entitled The United States of Shift Work, based on their study of 1million shift hours over the course of a year. They were able to conclude that there are many similarities among the different generations of shift workers with regard to the hours they worked vs hours they were scheduled. On average, workers were rostered to work just a few hours more than they actually worked. Krista says that this shows that managers and business owners are complying with the fair work week laws which state that workers should not be required to work more than they are scheduled. It also implies that business leaders do not want workers to work overtime, which would trigger overtime compliance regulations. Tom comments that this relates directly to the key issues of fairness in the workplace and sustainability.

How Deputy Helps Businesses Be Compliant

Krista advises business owners to love their employees. Keeping your employees happy will help your business be more successful in the long run. She discusses the fair work week laws that are being implemented across the country, which require businesses to post schedule weeks in advance and not change them once posted. Deputy’s tool, she says, help owners stay compliant with these laws, so they can focus on growing their business. Business owners should also be focusing on creating an optimal schedule that minimizes payroll costs for the company, Krista points out. Deputy partners with Widget Brain to do customized labor forecasting for their clients: they help you create an optimal schedule based on your forecasted profits for each hour of the day. This shows that effective compliance can create greater business efficiency, leading to greater profitability, Tom comments. Krista adds that it also minimizes the chance of a wage and hour audit.

Corporations Need To Respond To People

The number of shift workers is increasing and will continue to increase, Krista says. Due to the amendment to the Department of Labor rules, many workers who are now considered salaried employees will be converted to shift workers and paid an hourly rate come January 2020. Krista says that another issue companies should consider is that Gen-Z’ers are working fewer hours than previous generations. Their work preferences are different, added to which, they have choices about where they want to work and the kind of work they want to do. These issues are important when doing scheduling and workforce management. Tom says that this speaks to how corporations need to respond to people, instead of people responding to corporations.

Resources

Deputy.com

The United States of Shift Work

Deputy on Facebook | LinkedIn | Twitter | Instagram

Outsourced Compliance with Fizza Khan

Tue, 10 Dec 2019 08:01:00 -0000

Fizza Khan, this week’s guest on the Innovation In Compliance show, has been in regulatory consulting for over 10 years. She is the CEO and founder of Silver Regulatory Associates, an innovative company that specializes in helping companies meet their regulatory obligations. She and Tom Fox discuss the idea of outsourced compliance as well as the interesting and often complicated world of cryptocurrency.

The Cutting Edge of Outsourced Compliance

Tom comments that the regulatory compliance space has different guidelines, regulations and laws than his world of ABC compliance. He asks Fizza to describe some of the cutting edge things her company is doing, in particular the idea of ‘outsourced compliance’. She replies that financial services companies must have a strong regulatory compliance program that’s not only good on paper, but practically functioning. Her company, as an outsourced compliance option, can help firms meet their obligations either by integrating into their compliance program or by working alongside an existing compliance program to ensure that it aligns with the client's interests.

Services Offered

Silver Regulatory Associates offers various services depending on your needs. These include:

Registration and foundation services
Maintenance service
Assessment service
Exam support service

Crypto: Security or Exchange Instrument?

There are many questions surrounding cryptocurrency. Whether it is a security or an exchange instrument is one of the questions facing the industry. Fizza explains that the Howey Test is used to determine whether a particular instrument will be deemed a security and needs to come under the SEC’s regulations. The test makes its determination based on three criteria:

Is the investment in the form of money?
Is the investment of money in a common enterprise?
Is there an expectation of profits from the enterprise? Is that expectation of profit derived from the efforts of others?

Tom asks Fizza to discuss what a company must do if it's determined to be a security vs an exchange instrument, and how her company can help them fulfill their regulatory obligations. She explains the implications of each scenario. Her company helps clients determine the next steps and take appropriate action to become compliant, she says. Continuous analysis and monitoring of cryptocurrency guidelines is paramount. If a company changes the way it uses, manages or distributes its cryptocurrency, this could trigger additional regulatory requirements.

Preparing for the SEC Exam

Tom mentions an article Fizza wrote, entitled, Uptick In SEC Exams: Four Ways To Ensure A Smooth Process. He asks her to explain how she helps companies prepare for such an exam. She replies that the article targets investment managers and broker dealers who are already regulated and registered with the SEC. The routine exam is when SEC staff examiners come to organizations to ensure that their compliance program is meeting all regulatory obligations. They also want to see that the program is being actively implemented in the business. Silver helps you prepare for a smooth exam: they analyze your existing program, help you prepare the required documents, and they even prepare you to answer questions the SEC might pose. Fizza gives several tips to help you highlight your strengths in the Day One presentation.

Resources

SilverRegulatoryAssociates.com

fkhan@silverreg.com

Article: Uptick In SEC Exams: Four Ways To Ensure A Smooth Process

Article: Insight: Key Crypto Compliance Considerations In Light of Facebook's ICO

Compliance Technology As A Value Center with Brandon Daniels

Tue, 03 Dec 2019 08:01:00 -0000

Brandon Daniels, President of Global Technology Markets at Exiger, joins Tom Fox for this week’s episode of Innovation In Compliance, to chat about how technology is leading the compliance discussion. Exiger develops technology solutions in the compliance space.

Third Party Risk Management

Tom notes that the market has recognized the need for more robust management of third party risk. Brandon agrees that more people are recognizing that third party risk can define their organizations. Revised federal guidelines underscore the importance of embedding third party risk management into organizations. This isn’t a peripheral risk, Brandon points out. It’s the kind of risk that can destroy shareholder value, cause significant fines, and consume your brand. Tom adds that third party risk has always been the highest risk for a government intervention in terms of a violation.

Education Is A Key First Step

The e-discovery industry is an example of how technology can become central to a company’s function. Twenty years ago e-discovery didn’t exist, but now it’s a central component of any litigation. E-discovery suppliers spent years educating the judiciary about the context, benefits and importance of electronic discovery. Brandon says that vendors in the compliance technology space should use the same model of educating their corporate clients about how their solutions can help to assess and manage third party risk. He says there are several solutions on the market, Exiger’s included, that can routinize and scale the diligence and transaction analysis processes.

Vendors first need to help compliance professionals appreciate that technology solutions are defensible, auditable and transparent. Then they must help government understand that it’s very hard to implement good compliance procedures if they are not routinized or supported by technology. Making an investment in compliance automation technology is really an investment in sustainable third party risk management. Brandon posits that this is a time for education and collaboration across the triumvirate of companies, suppliers and government.

Technology As A Value Center

Tom says that business executives know that risk can be a public good if managed properly. He believes that if you use the technology tools Brandon described, risk can also be a competitive advantage. Brandon agrees wholeheartedly. He comments that they advise their clients to treat reputational risk as a metric that can help them make smart investment decisions. By analyzing the risk metric of an industry you can determine whether you or the companies you're looking to acquire, have appropriate mitigating controls. You can also improve your own controls so that you can make investments in emerging markets with high growth potential but also high risk potential. Technology thus changes the compliance function from a cost center into a potential value center.

Resources

Brandon Daniels on LinkedIn

Customer Centric Training with Jonathan Sampson

Tue, 19 Nov 2019 08:01:00 -0000

Jonathan Sampson has worked in the compliance industry for the past decade, including as COO of Click for Compliance, a pioneer in the compliance training space. He and co-founder Karen Kiesel started Peak Compliance Training because they recognized a need for a customer-centric training provider. He says that compliance professionals are passionate about driving company culture through their training initiatives but they need customization, often in multiple languages. He joins Tom Fox on this week’s show to share how Peak is answering the market need with their training solution.

A Suite of Training Resources

Peak’s initial suite of training resources was in the area of sexual harassment prevention, in response to recent legislation mandates. They are building out a compliance training library that will be available in coming months, which will cover topics such as ethics, business code of conduct, FCPA anti-corruption and anit-trust, and import-export controls. The market favors training that is interactive, scenario-based and topical. People also want compliance programs to have shorter, more frequent communication. You can have all of this with Peak: their technology allows you to pull out case studies and scenarios and send them as short, one-off communications.

What Makes Peak Different

Tom asks Jonathan what differentiates Peak from other compliance training providers. He responds that the three things that make them different are:

They’re customer-centric: they answer learners’ need for customized courses at a reasonable price. Personalized courses resonate better with employees rather than out-of-the-box solutions.
Their top-notch technology: their state-of-the-art course building tool enables them to make faster, cheaper customizations in multiple languages, as well as create short training snippets.
Their instructional design: they create relevant, appealing content to honor their learners’ time and intelligence. Realistic scenarios and interactive questions are designed to entertain and challenge.

Targeted, Effective Training

Tom asks if Peak’s training speaks to the Department of Justice mandates of effective and targeted training. Jonathon responds that it does. With our training, Jonathan says, you can actually decide on your training path. Training paths can be role-based, where different content would be delivered to different learners, depending on their position in the company. This is more beneficial, since employees are being trained in areas that are relevant to them. Peak’s courses are also available on mobile devices. Compliance training has evolved, Jonathan says; they are now more engaging, more interactive, more continuous, and less time consuming. CCOs welcome this evolution as they are passionate about their personal brand and how they're reflected by how their compliance program is implemented.

Resources

PeakComplianceTraining.com

Email: jsampson@peakcompliancetraining.com

720-648-0206

Why You Need an Executive Coach, a Conversation with With Jeff Nally

Tue, 12 Nov 2019 08:01:00 -0000

Compliance is widely seen as black and white, but this week’s guest argues that there is a lot of thinking, decision making and ways to innovate inside the compliance space. Jeff Nally is an executive coach who has spent the last fourteen years using neuroscience to help business leaders think differently, make better decisions, and spark ideas, innovation and insight in others.

Jeff’s Approach to Coaching

Tom comments that using a brain-based approach seems antithetical to what lawyers generally do. He asks Jeff to describe his coaching method. Jeff replies that he’s not coaching around expertise; rather, he’s helping spark new ideas and innovations in their brains. A compliance issue could have multiple approaches. He’s teaching professionals to be better leaders, as well as how to ask thoughtful, reflective questions.

How to Know If Coaching is Right For You

Jeff says you should consider retaining a coach after you’ve maximized all the other training, development and leadership resources available to you, and you have stretch goals that you still need to achieve. A coach can help you make the changes you need to reach your goals. In addition, when you want to move to a higher level, the actions that brought you success in the past may not be the same things you'll need to do to move ahead. Coaching can accelerate your growth to meet those new challenges. Jeff describes the coaching packages his company offers.

Breaking Down Silos and Convincing Management

Tom asks, Can an executive coach help a compliance practitioner think through having to break down silos within an organization? Yes, Jeff responds, and in addition to breaking down the silos, it’s all about the compliance professional’s relationship with those different stakeholders. You should think of the silos as stakeholder groups, he advises. Think about how to communicate well with them and be open to listening.

Convince your management that you need an executive coach by pointing out the difference between a coach and a consultant. A coach knows how to ask questions and spark your thinking, which is what you need to help you perform better as a compliance professional. Also, show them the positive impact coaching will have on you and the organization. Tom comments that the service Jeff provides makes the compliance practitioner or the executive more innovative.

Resources

NallyGroup.com

Email: jeff@nallygroup.com

Get Your Book Published with Paul Brodie

Tue, 05 Nov 2019 08:01:00 -0000

Paul Brodie is the CEO of Brodie Consulting. He is a consultant and keynote speaker, and most interestingly, he helps would-be authors get their books published. He joins host Tom Fox today to discuss his professional background, and his work and most importantly, how to get your book published.

How Brodie Consulting Began

His company, Brodie Consulting, was born out of a personal health crisis. Paul relates that his doctor told him that if he didn’t change his life, he would be dead within five years. This motivated him to take charge of his health and lose over 60 pounds. He wanted to write a book about his journey, but had no idea how to do so. With lots of research about Kindle publishing and some trial and error, he created a 6-step book publishing system. His first three books became bestsellers because of his system. He also discovered that he could help other would-be authors and began to offer coaching, done-for-you book publishing as well as podcast production and executive ghostwriting services.

The Six Step Process

Tom finds Paul’s six step process incredibly useful for a wide variety of projects. He asks him to describe how this process helps companies and individuals get their books published. Paul responds that some of the steps include:

An initial strategy session to find out how his company can help;
A second strategy session to determine the best type of service for the client;
Getting the book written and published;
Marketing the book.

Keynotes, Seminars and Podcast

One of Paul’s main leadership keynotes is called Motivation 101, in which he speaks about personal, team and organizational motivation. He finds that staying motivated is a major challenge for business leaders. He also regularly offers seminars at universities to help students get clear on where they want to go in life, not only for themselves, he says, but for the future. Tom asks him about his Positive Mental Attitude (PMA) seminar. His response is about the impact a favorite author had on him and how it changed his mindset and his life. Paul also hosts the Get Published podcast. He says that it has helped him to build connections and relationships. His guests offer great advice to his listeners about writing, publishing and marketing books, in a short format. It’s also a lot of fun, he says.

Resources

GetPublishedSystem.com

GetPublishedPodcast.com

Data as Fuel with Christian Perez-Font

Tue, 29 Oct 2019 07:01:00 -0000

Christian Perez Font is the founder of Thinkeen Legal, a law firm that uniquely incorporates data analytics, compliance and law. He began his career as a corporate attorney and in 2008 joined Baxter International, a multinational healthcare company, as in-house counsel. When he joined Baxter, his work was 10% compliance-related and 90% business-related, but by the time he left 5 years later, he was doing 65% compliance work. The key to becoming a better compliance professional, he proposes, is to become a better business person. He and host Tom Fox discuss the importance of data in compliance and in business.

Data as Fuel

When people think about Data Analytics they imagine some form of AI that's going to automatically pinpoint problems. Christian says that the truth is that Data Analytics has to be at the core of compliance: data is the fuel that powers the compliance engine. It’s the data that will tell you how you should be communicating compliance policies and doing training so that you can achieve your business goals. Most of the data that is used for compliance purposes is already there from the business side; you just need to understand how to aggregate it, how to look for it and how to plug it in. You have to understand your industry and your company goals before you start collecting that data.

How Thinkeen Uses Data

Tom asks how Thinkeen Legal uses its data proficiency in mergers and acquisitions, transactional work and compliance. Christian shares how his company used its data expertise to advise clients in cross border transactions. Because we know where the touch points are, he says, we’re able to incorporate them into the due diligence process and ask the right questions and get the right information. They can identify areas of risk which helps their clients decide whether to proceed with an acquisition. Christian finds that general counsels are becoming more savvy about compliance and they appreciate that his firm gives them advice and support.

The Future of Data and Compliance

The intersection of law, data and compliance will continue to evolve, Christian predicts. He is happy that the importance of Data Analytics is being acknowledged. If you don’t have the right data, you won’t get the right information, without which you can’t make the best business decisions. In addition, a big part of what we do with data is benchmarking, Christian says. The more information that we can share among the industry, the better.

Resources

ThinkeenLegal.com

Thinkeen Legal on Twitter | Instagram

Christian Perez Font on LinkedIn

Content is King with Andrea Falcione and Tricia Cornell

Tue, 22 Oct 2019 07:01:00 -0000

Andrea Falcione and Tricia Cornell of Rethink Compliance, one of the most innovative companies in the compliance space, join Tom Fox in this week’s show. They discuss their compliance journeys, and how content is reshaping the world of compliance.

Their Compliance Journeys

Andrea is a lawyer by profession. In 2004 she transitioned into compliance; she joined Rethink Compliance about a year ago. Tricia comes from the marketing and advertising world. The founder of Rethink, Kirsten Liston, asked her to join the company two years ago to bring her expertise in creating pieces of content to persuade people to think differently about commercial products, into the compliance space.

Content is King

Tom asks the guests to explain what ‘Content is king’ means, and why it’s so important and innovative in compliance. Tricia explains that it means that people are curious: they want to read, listen, and view videos, so compliance experts have to make their content consumable and desirable, and through that get their brand message out there. Andrea says that legal and compliance professionals find this idea difficult because they are essentially risk averse. When they send a message, it’s more about mitigating risk than engaging their audience. However, many organizations are getting negative feedback from their content consumers, so there is a need to create content that is relevant and engaging. This is becoming more and more critical, as regulators are looking at the effectiveness of companies’ efforts.

Building Trust with Content

Andrea and Tricia share a piece of content created by ReThink Compliance in response to the Me Too Movement, is helping to change perceptions. Compliance officers should think about using content in different ways to get people to trust the process and the people involved in it, Andrea says.

A Holistic Approach to Content

Tricia advises that a holistic approach to content starts with reaching your audience where they are. What are their attitudes? What are they looking for from their work? If you start with where they are and understand what they need from you, you’ll reach them more effectively with your message. Always think about how you can make your message relevant to your people. This can help build trust too, Andrea adds. If you think about what your audience needs to hear from you, they will begin to trust you more.

Revamping the Code of Conduct

Tom asks, how or why can a code of conduct revamp be a powerful tool for a compliance practitioner. Andrea responds that the code of conduct is the cornerstone of every compliance program. As such, it needs to be a document that employees actually use, one that is meaningful and resonates with them. It all comes back to thinking about what your audience needs, Tricia emphasizes. If you want the code of conduct to be a resource, then you must think about where and when your people will need it. What questions might they have? How can you answer those questions in a way that’s easy for them to find the information they’re looking for? She points out that you need to make sure that information is easy to find, and written in language that’s easy to understand, so that they can make the right decision in the moment.

Resources

RethinkComplianceCo.com

LinkedIn: Andrea Falcione | Tricia Cornell | Kirsten Liston

Training Millennials with Alyson Van Hooser

Tue, 15 Oct 2019 07:01:00 -0000

Alyson Van Hooser is a self-described ‘old school millennial’. From being on her own from age 13, to putting herself through college, to leadership positions in the retail and finance industries, Alyson has worked hard to achieve her goals. She now works with Van Hooser Associates, where she has to opportunity to dedicate herself to her passion for leadership development.

Leadership is TwofoldAlyson says that leadership is twofold: you lead yourself and you can lead others. The first step in leadership is personal development, she says. She learned early on in life that if she wanted to be successful, she had to first lead herself. As she got older, the leaders in her life helped her develop into a successful person. It was because they chose to serve her, she says, that she listened and learned and followed them where they wanted her to go. Great leaders are able to connect and relate to their people. When you have influence over your people, you can get the results you want from them.

Listening is EssentialTom admires Alyson’s ability to really listen to others. He asks her how she developed this great skill. She describes how, from her childhood, she paid attention to her role models. You’re not going to learn if you’re not willing to listen, she emphasizes. She focuses on the little things that people say that give insight into who they are, what they want, and what motivates them. As a leader, that's the information you have to know if you're going to get better results out of your team, she says.

Leadership Is InfluenceYou need to have influence if you want people to follow you. In fact, leadership is influence. The only way to get that influence is to serve others. Leadership, Alyson says, is about taking the superior position, which is not about you being on top, but rather putting everyone else before yourself.

Training MillennialsLeaders need to serve their Millennial and Gen Z employees by giving them educational opportunities to help them become valuable members of the team. Despite how unfavorably mass media has portrayed Millennials, they bring many skills to the table, and can provide value that older generations may not be able to. If you want the best from them however, you have to give them the opportunity to share their ideas without fear of repercussions. Honor their desire to make a difference, to add value to the team, Alyson says. When she trains Millennials, she teaches them that their responsibility is to be a leader for themselves, to be professional and hold themselves to a high standard. This is necessary to get buy-in from the people above and below you, she says. Stay true to who you are, but adapt in order to relate to people and gain influence with people all across the organization.

ResourcesVanHooser.comAlyson Van Hooser on LinkedIn | Facebook | Instagram

Celebrating 100 Episodes of Innovation in Compliance

Tue, 08 Oct 2019 07:01:00 -0000

Tom Fox celebrates this special 100th episode of Innovation in Compliance with Megan Dougherty. Megan is the co-founder of One Stone Creative, the company that produces this podcast. The show takes a different spin: first Megan interviews Tom, then he interviews her. They talk about how the show started, favorite episodes, and how you and your business can benefit from podcasting.

Favorite EpisodesMegan wants to know what Tom’s favorite episode has been so far. He responds that he loves all the episodes equally, but he has the most fun doing series. It’s easy for him to create so much content because he’s continuously thinking up new ideas, he says.

Origin of Innovation in Compliance Tom’s friend Howard Sklar, now a Managing Director at Morgan Stanley, introduced him to the world of podcasting. After Howard moved to the corporate world, Tom took over their podcast and went on to start several of his own. He feels that podcasting is like having a virtual cup of coffee with his guests: he sets out a short outline for each episode but allows the conversation to flow naturally. Whatever they’re passionate about in the world of innovation or compliance, guests are welcome to share. Megan remarks that she enjoys listening to the show because it’s accessible even to laypeople, despite being firmly niched.

Benefits of Having a PodcastMegan asks Tom how he has benefited from hosting a podcast in his personal life, his network and his business. He encourages listeners to absolutely start a podcast if they want to. Among the many benefits, he says, are: There’s a low cost to enter;Your network grows, within your company and industry;You can tap into new markets.

About One Stone CreativeTom asks Megan how her company began. She answers that she and her co-founder, Audra Casino, started the company two years ago. They used to work together, but hadn’t been in contact for over a year when Audra called her up and asked if she wanted to go into business together. Their original idea was to be in video production, but it didn’t take off. Podcasting did, though. They quickly got their first podcast client and have been getting more and more referrals since then. Today, they produce podcasts for many interesting people.

How to Produce a Winning PodcastMegan walks us through how she and her team produce a podcast, from concept to launch to weekly production. They create an AV identity for each show, which includes cover art, intros, and even marketing materials.

What’s Next for Innovation in Compliance?Innovation in Compliance is set to continue for another 100 episodes - and beyond! The world of compliance practitioners, innovators, entrepreneurs, and commentators is full of people with interesting things to say, and Tom Fox is ready to talk to them.

ResourcesOne Stone Creative Email Megan: megan@onestonecreative.net

Compliance in Finance Series Episode 5: Maintaining Oversight

Fri, 04 Oct 2019 07:01:00 -0000

Welcome to the fifth and final episode in our 5-part series on financial compliance with the VP of Product Strategy for Verint, Phil Fry. In this episode, we’re talking about how everything from the previous episodes comes together into a comprehensive compliance plan that reduces risk and improves the investigation of interactions and trade-related data.

If you missed any of this week’s episodes on Financial Compliance, make sure to give them a listen!

Compliance in Finance Series Episode 4: Sustainability in a Changing Environment

Thu, 03 Oct 2019 07:01:00 -0000

This is the fourth episode in this week’s 5-part series on Financial Compliance with VP of Go To Market Strategy from Verint, Phil Fry.

With lots of information, and constantly evolving tools and strategies to manage it, making compliance programs sustainable is a top priority for a finance firm. Particularly in times of constantly changing, multi-jurisdictional regulations, sustaining acceptable levels of risk and compliance and staying on top of issues and opportunities is a top priority for leadership.

In case you missed it, yesterday’s episode was all about controlling the collection of data and making good decisions using automation and other new technologies.

Tomorrow, we’ll be wrapping up this 5-part series with a conversation about how all of these different elements come together and provide the oversight you need.

Compliance in Finance Series Episode 3: Controlling the Environment with Automation

Wed, 02 Oct 2019 07:01:00 -0000

This is the third episode in this week’s 5-part series on Financial Compliance with VP of Product Strategy from Verint, Phil Fry.

As we talked about in yesterday’s episode – there is a lot of data coming in, and a lot of monitoring is required to keep on top of it. Traditional methods are no longer enough to keep up with the flow of information, and Phil gets into some of the new strategies and technologies available to help compliance officers manage their programs.

In case you missed it, listen to episode two, where we talked about the importance of capturing communications and other information across multiple platforms!

Tomorrow, we’ll be talking about making this kind of extensive compliance management sustainable in your organization.

Compliance in Finance Series Episode 2: Capturing Huge Amounts of Information

Tue, 01 Oct 2019 07:01:00 -0000

Welcome to the second episode in this week’s 5-part series on Financial Compliance with VP of Product Strategy from Verint, Phil Fry. This episode is about capturing the data that you need. The breadth of technology available to employees has expanded hugely, encompassing not just voice and email, but social media, instant message, and desktop sharing. It is possible to capture information from all of these channels – and important that financial services firms do so.

If you missed it, check out yesterday’s Overview episode to get to know Phil Fry, and learn what’s coming for the rest of the week!

Tomorrow, we’ll be talking about Controlling the Environment with Automation, and other tools.

Compliance in Finance Series Episode 1: Overview of Concepts

Mon, 30 Sep 2019 07:01:00 -0000

Welcome to the first episode in the special 5-part series on Innovation in compliance.

In this episode, Tom Fox talks to Phil Fry, the VP of Go To Market at Verint.

Tom and Phil talk about reactive, active and proactive compliance, and get into the concepts of capture, control, sustainability and oversight, which will be the topics for the rest of this week.

We hope you enjoy this episode, and tune in for the rest of the week, to learn what’s new, what’s cutting edge and what’s coming up in financial compliance.