Technology vendors everywhere want to serve big Wall Street banks, so when one of those banks talks about risks they see in their software supply chain, compliance and audit professionals should listen – which brings us to an...more
Compliance officers know that internal reports are the fuel upon which your compliance program runs – the more reports you receive, the better you understand the compliance issues within your organization and the faster you...more
Artificial intelligence keeps improving at all sorts of things – including how to challenge corporate ethics and compliance programs. Even while you may still be struggling to tame the risks of generative AI, its more...more
2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more
For many years, corporate compliance officers have followed a certain natural process. First, regulators adopt a new rule, then you decipher how the arrival of that new rule might require changes to your policies, procedures...more
3/26/2025
/ Artificial Intelligence ,
Compliance ,
Corporate Counsel ,
Corporate Governance ,
Deregulation ,
Employees ,
EU ,
Policies and Procedures ,
Regulatory Reform ,
Risk Assessment ,
Risk Management ,
Trump Administration
The other day, I attended a panel discussion of compliance officers talking about how corporate compliance might change with the arrival of the Trump Administration. Except, we never got around to that discussion – we were...more
Corporate compliance officers might feel like they’ve been put through the whirlwind lately, with the Trump Administration issuing one sweeping announcement about corporate enforcement after another. Except, remember what a...more
2/20/2025
/ Anti-Bribery ,
Anti-Corruption ,
Compliance ,
Consumer Financial Protection Act (CFPA) ,
Consumer Financial Protection Bureau (CFPB) ,
Corporate Governance ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Executive Orders ,
Foreign Corrupt Practices Act (FCPA) ,
Foreign Governments
Artificial intelligence reached another milestone at the start of February, this one particularly relevant for corporate compliance officers: on February 2, 2025, the first five articles of the EU AI Act went into effect....more
2/11/2025
/ AI Act ,
Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Protection ,
EU ,
Innovative Technology ,
Machine Learning ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Risk Mitigation ,
Technology Sector
California sets the pace for all sorts of trends in the world – so perhaps compliance officers should take note of two recent advisories the state’s attorney general published on artificial intelligence. They capture a lot...more
2/5/2025
/ Artificial Intelligence ,
California ,
Compliance ,
Data Privacy ,
False Advertising ,
Healthcare ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws
Ask a compliance officer to name their top worry about artificial intelligence, and odds are they will blurt out something to do with privacy. That doesn’t just tell us what the risks of AI are – it also gives us hints about...more
The other week I was talking with a chief compliance officer, and asked her what she believes her biggest challenge will be in 2025. “Artificial intelligence,” she immediately replied. “Our IT department thinks they control...more
Look around the business landscape today, and supply-chain risks are everywhere – which means that sooner or later, those risks will appear on the compliance function’s radar screen too. They probably already have....more
12/18/2024
/ Chief Compliance Officers ,
Chief Information Security Officer (CISO) ,
China ,
Compliance ,
Corruption ,
Cybersecurity ,
Deregulation ,
Due Diligence ,
Economic Sanctions ,
EU ,
Exports ,
Multi-Factor Authentication ,
Regulatory Requirements ,
Risk Management ,
Supply Chain ,
Trump Administration
A few weeks back the U.S. Financial Crimes Enforcement Network (FinCEN) published a bulletin urging financial firms to do better at identifying deepfakes that fraudsters might use to evade customer due diligence programs. The...more
11/27/2024
/ Anti-Money Laundering ,
Artificial Intelligence ,
Compliance ,
Deep Fake ,
Due Diligence ,
Enforcement ,
FinCEN ,
Fraud ,
Internal Reporting ,
Popular ,
Regulatory Requirements ,
Risk Management
Sometimes questions about corporate compliance programs can be more complicated than they first seem. Such was the case when a compliance officer recently asked me, “Can you point to anything specific that says why compliance...more
Compliance officers can learn a lot from small businesses, and today we have a fascinating example of that point from the smallest sort of business there is – a boy selling ice cream on the side of the road, who was soon shut...more
Compliance officers spend lots of time these days worrying about how their own company’s use of artificial intelligence might draw the ire of regulators, but you have another dimension of AI risk to worry about, too. You need...more
CISOs, compliance officers, corporate boards, and other senior executives are quick to worry these days about the risks of artificial intelligence – but fear not! Some of the brightest minds in technology have built a tool to...more
9/19/2024
/ Artificial Intelligence ,
Board of Directors ,
Chief Compliance Officers ,
Chief Information Security Officer (CISO) ,
Databases ,
Ethics ,
Governance Standards ,
Liability ,
Machine Learning ,
Noncompliance ,
Risk Management
Compliance officers need to think about fraud and misconduct risks all the time, which means you need to talk to others in your organization about exactly how those risks might happen – but what’s the right way for you to do...more
Whistleblower awards from regulatory agencies seldom make news in corporate compliance circles anymore, but two recent items from the world of whistleblower awards do deserve compliance officers’ attention. They’re a reminder...more
8/9/2024
/ Compliance ,
Corporate Misconduct ,
Department of Justice (DOJ) ,
Internal Reporting ,
IRS ,
Regulatory Agencies ,
Securities and Exchange Commission (SEC) ,
Self-Disclosure Requirements ,
Voluntary Disclosure ,
Whistleblower Awards ,
Whistleblowers
Ethics and compliance officers have long had an uneasy relationship with corporate sustainability efforts, mostly because most compliance officers aren’t quite sure they want – or know how to handle – responsibility for it. ...more
7/11/2024
/ Carbon Emissions ,
Contract Management ,
Cybersecurity ,
Environmental Social & Governance (ESG) ,
Forced Labor ,
Human Rights ,
Human Trafficking ,
Modern Slavery Act ,
Policies and Procedures ,
Popular ,
Risk Management ,
Supply Chain ,
Sustainability
At the end of June, the U.S. Supreme Court issued major decisions on the enforcement power of the Securities and Exchange Commission, what does or doesn’t qualify as a bribe of government officials, and on federal judges’...more
7/3/2024
/ Anti-Corruption ,
Anti-Kickback Statute ,
Bribery ,
Chevron Deference ,
Civil Monetary Penalty ,
Compliance ,
Corporate Misconduct ,
Corruption ,
Department of Justice (DOJ) ,
Enforcement ,
Foreign Corrupt Practices Act (FCPA) ,
Government Agencies ,
Loper Bright Enterprises v Raimondo ,
SCOTUS ,
SEC v Jarkesy ,
Securities and Exchange Commission (SEC) ,
Snyder v United States
Corporate compliance officers have been bracing for regulation of how companies can use artificial intelligence in their daily business operations. Now we have a fresh glimpse of what that regulatory landscape might look like...more
Attention all compliance officers at large technology companies – have you checked your mail lately? Because you might find a letter from the Securities and Exchange Commission with FCPA risk written all over it....more
5/29/2024
/ Anti-Corruption ,
Compliance ,
Contract Management ,
Corruption ,
Distributors ,
Due Diligence ,
Enforcement ,
Foreign Corrupt Practices Act (FCPA) ,
Recordkeeping Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Settlement ,
Technology Sector ,
Third-Party
The U.S. Federal Trade Commission sent shockwaves through the corporate world in April when the agency imposed a ban on noncompete agreements – and like any good shockwave, this new rule will reverberate through the ethics...more
Explaining how a strong culture of ethics and compliance can help your enterprise to succeed is tricky business. So imagine my delight when I came across a recent speech from a banking regulator who did exactly that....more