All Best Practices articles
-
ArticleHow to promote a positive compliance culture – and why behavior matters.
No matter what compliance managers do, people continue to disregard rules. Sandro Boeri, president of the U.K.’s Chartered Institute of Internal Auditors, says a new mandatory standard for internal audit teams can help.
-
OpinionBeyond the Binder: Policy governance in practice
Most compliance professionals have faced it: a regulator or client requests a policy, and several slightly different “final” versions appear. The issue often stems from reactive, siloed work without a unified governance framework.
-
OpinionWhat compliance can learn from a 95 percent AI pilot failure rate
Compliance professionals have long known that systems fail when governance does. An MIT study’s finding that 95 percent of enterprise artificial intelligence (AI) pilots fail underscores how essential compliance-grade discipline is to the success of emerging technologies.
-
OpinionRisk-Based AML only works if the C-suite agrees what ‘risk’ means
Banks emphasize risk-based compliance in their AML programs, citing it to regulators and embedding it in policy, yet many institutions still handle risk very differently in practice.
-
OpinionEvidentiary Debt: The blind spot liability
On a gray Tuesday morning, the audit seemed routine. A stack of binders sat on the table, the compliance officer was confident, and the regulator’s tone was cordial. Then came the question that changed everything.
-
OpinionTracing Illicit Crypto: How to leverage blockchain analytics for effective AML compliance
Cryptocurrency’s transparency can be exploited for laundering, ransomware, and darknet activity. Blockchain analytics helps trace funds and flag suspicious behavior.
-
OpinionDecision Debt: The silent crisis undermining compliance and governance
Decision debt is the practice of leaving key compliance decisions unresolved, and it is a crisis few compliance leaders are willing to name. Some of the world’s largest financial institutions, including Wells Fargo and Citibank, have learned this lesson the hard way.
-
PremiumStudy: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.
-
OpinionAI adoption without trust: A call for compliance professionals
Employees are adopting AI faster than companies can build policies, governance, and training. That gap creates compliance exposure in areas from data privacy to shadow IT to workplace equity.
-
ArticleDigital wallets should speed up compliance, but companies must focus on trust and security
The EU has one, the U.K. is getting one, many U.S. states are working with Google and Apple to provide one, and now industry sectors are developing their own digital wallet.
-
OpinionA friend for the compliance officer: Co-thinking with AI
At their core, compliance officers are problem-solvers. They wrestle with thorny questions every day: How do we implement a global gifts-and-entertainment policy across jurisdictions with vastly different cultural norms? How do we balance business pressures with anti-corruption obligations? How do we address new risks like AI itself?
-
OpinionCross-border compliance: Lessons from the UAE for a globalized financial system
Financial ecosystems are no longer confined within national boundaries. Money, technology, and risks flow seamlessly across jurisdictions, creating unprecedented challenges for compliance officers. From sanctions and anti-money laundering (AML) obligations to the rise of virtual assets, the compliance function must now navigate a complex, cross-border landscape where regulators, institutions, and ...
-
OpinionWhy audit won’t save your anti-money laundering (AML) program
In financial institutions across the United States, there’s a reflex that’s become almost ritual. When a regulator walks in, or a board member asks whether the AML program is working, the answer is the same: “We just passed audit.” It’s delivered with confidence, sometimes even pride, as if the risk ...
-
OpinionFive best practices for conducting effective investigations
Companies face rising pressure to detect misconduct early. Strong internal investigations identify compliance issues, uphold regulations, and protect credibility.
-
PremiumEmerging Compliance Risks 2025: Laurie Waddy on Leadership, Anticorruption, and AI
Former Head of Compliance/Chief Compliance Officer Laurie Waddy believes compliance professionals are well-positioned to support artificial intelligence (AI) adoption in their organizations. Drawing on 25 years’ experience in legal and compliance roles across multiple industries, Waddy shares insights into top compliance trends confronting the profession, including the emerging compliance risks ...
-
OpinionFive best practices for running an effective internal investigations program
In today’s complex and rapidly evolving regulatory compliance environment, organizations should have a thorough and effective internal investigations program in place to address any allegations of misconduct.
-
OpinionAI governance, agentic misalignment and the lessons from ‘Star Trek’
Does sci-fi predict the future of compliance or simply provide commentary on the current state of compliance? What is the role of corporate compliance around AI governance?
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.
-
OpinionWhy are CFOs struggling to stay compliant?
CFOs are tasked with overseeing an organization’s entire financial processes, not least ensuring that financial operations remain compliant with the multitude of global regulations. It’s a heavy burden to carry that might be alleviated slightly with the help of artificial intelligence, writes Markus Hornburg, head of compliance at Basware.
-
PremiumAs DOJ pivots away from white-collar enforcement, is FCPA still relevant?
While executives and boards will never conclude that bribery is a legitimate way of doing business, understandably many have questions about how to direct their FCPA compliance program efforts and resources, write Iris Bennett and Claire Rajan, partners at law firm Steptoe.