Well, for those of us still here since the Rapture failed to occur this weekend, we have our own good news here to get your week started: the Compliance Week 2011 conference is officially underway.

As always, we've pulled together an impressive lineup of keynote speakers; dozens of panel discussions and presentations on all matters of corporate governance, compliance and conduct; and hundreds of compliance, risk and audit professionals from all walks of industry, who are gathering to share insights and help push the compliance community forward. This is where some of the best thinking in the business gets done, and we'll have extensive coverage in our June 1 and June 7 newsletters, as well as in our July print magazine. For now, however, let me call out a few items on the agenda that should be especially interesting.

Keynote speakers. This is a toss-up between Jay Hanson of the Public Company Accounting Oversight Board, and Roberta Stempfley of the National Cyber-security Division at the Department of Homeland Security. On one hand, the PCAOB has revived from near extinction one year ago as a lawsuit over its constitutionality hung over its head. Today the board has three new members (Hanson among them), and is making all sorts of threatening noises about a tougher approach to oversight of the auditing industry—an aspect of regulatory oversight that has indeed gone woefully overlooked in the last few years. What's more, the PCAOB is also revisiting the idea of the overhauling auditor's report (you know, that thing at the end of the Form 10-K that nobody reads), and wants to explain more broadly how proper auditing genuinely is an important part of a healthy business environment. Hanson is going to cover all those topics when he speaks Monday morning.

On the other hand, Stempfley will speak Monday afternoon about a crucial part of the business environment today: the national interest in the security of business assets in our online world. Too often we hear the phrase “cyber-security” and instinctively assume it means businesses' protection of commercial assets or the government's protection of public infrastructure like the power system or the defense grid. That's wrong. Effective cyber-security today combines—or rather, should combine—both of those elements into one realm. The government protects all of our assets collectively, but those assets individually are owned by businesses: banks, power utilities, telecommunications companies, water treatment plants. Hackers make no distinction between public and private when they mean harm, and we need to work together with government to fend them off. Stempfley will share her thoughts on how to do that.

Panel sessions. Sigh. Like a parent who loves all his children equally, I believe all our panel sessions and presentations offer great insights into corporate compliance. But if I have to select one that's especially telling, our panel discussion on Tuesday afternoon about supply chain compliance, featuring the chief compliance officers of Broadcom, Ingram Micro and Tyson Foods, is probably the one to watch. I always knew we'd have some treatment of supply chain issues on the agenda, but originally I figured it would cover the usual topics of vetting third-party suppliers, auditing their codes of conduct, and so forth.

All those elements will be included, of course. But our three speakers immediately straightened out my perspective: just as worrying as the compliance risks from your suppliers, they all told me, are the compliance demands from your customers. Even as you roll out compliance programs on your suppliers, your customers are rolling them out on you. The result, all three speakers told me, is a mish-mash of codes and certifications and training requirements that borders on the ridiculous—code overload. The ideal should be running your own compliance program in such a way that it provides transparency to everyone above you in the supply chain; they can see that your business runs itself properly, trust your ethical behavior, and leave you be.

That concept, of transparency into your compliance operations, is a crucial one as we keep marching into an ever-more connected business world. So I'm quite eager to hear how these speakers try to achieve that, and how it might be applied to the many other problems compliance departments face.

Conversation sessions. These are our breakout sessions, where we cap attendance at only 20 people and let them sit in a room together shooting the breeze about some particular issue. Conversation sessions are off-the-record to the media; even I can't attend, so I'm not sure what's going to be said. But I do know the Conversation session that I think is going to be most practical and newsworthy: our “FCPA Up Close” session at 11:15 on Monday to review the latest cases and courtroom battles over the Foreign Corrupt Practices Act.

This conversation will be led by Tom Fox, FCPA guru and author of the FCPA Compliance and Ethics Blog. Fox is going to have a lot to cover; we're seeing more and more FCPA cases going to trial, giving the compliance community valuable case-law about how defenses against FCPA charges actually work. I've talked with Fox previously about interesting cases, and just this month we saw charges against Lindsay Manufacturing go all the way to a jury verdict. Yes, the verdict was guilty, but the decision also included a five-part test spelling out when a state-owned company qualifies as an “instrumentality” of a foreign government that could trigger an FCPA charge. That's just the sort of context we need, and Fox is just the man to explain it for us.

I'll have more thoughts next week, and we'll have complete coverage as well. And for anyone in the Washington, D.C., area over the next three days—it's not too late to attend! Just drop by the Mayflower Hotel, walk up to the registration desk, and say hello. We'd be happy to see you there.