All Best Practices articles
-
OpinionWho is leading the fight against confidence scams, and who should?
Internet-enabled scams are drawing national attention, with authorities treating them as organized transnational crimes. The FBI says confidence schemes now make up a significant share of online fraud, prompting questions about how the private sector is responding.
-
OpinionWhen stability fails: Why over-optimization creates organizational brittleness
Most organizations would say they value stability. Predictable operations, consistent output, and well-defined processes are generally considered marks of maturity. The assumption is simple: if a system can be made reliable, it becomes resilient.
-
OpinionAgentic AI and the policy blind spot: Why security can’t wait
The current AI policy and regulation landscape is still emerging globally. While some regulations and standards exist, governments, industry, and security leaders have critical gaps to close, especially around agentic artificial intelligence.
-
ArticleComplying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.
-
OpinionThe CFO, AI, and the New Compliance Frontier
As CFOs use AI to streamline operations, they face new compliance risks tied to accountability and algorithmic governance. CCOs must work with them to ensure transparency and oversight throughout adoption.
-
OpinionThe Compliance - Audit gap in ESG and financial reporting
ESG reporting has moved from a voluntary PR exercise to an expectation for regulators and investors, but the compliance audit gap now threatens credibility.
-
ArticleHow to promote a positive compliance culture – and why behavior matters.
No matter what compliance managers do, people continue to disregard rules. Sandro Boeri, president of the U.K.’s Chartered Institute of Internal Auditors, says a new mandatory standard for internal audit teams can help.
-
OpinionBeyond the Binder: Policy governance in practice
Most compliance professionals have faced it: a regulator or client requests a policy, and several slightly different “final” versions appear. The issue often stems from reactive, siloed work without a unified governance framework.
-
OpinionWhat compliance can learn from a 95 percent AI pilot failure rate
Compliance professionals have long known that systems fail when governance does. An MIT study’s finding that 95 percent of enterprise artificial intelligence (AI) pilots fail underscores how essential compliance-grade discipline is to the success of emerging technologies.
-
OpinionRisk-Based AML only works if the C-suite agrees what ‘risk’ means
Banks emphasize risk-based compliance in their AML programs, citing it to regulators and embedding it in policy, yet many institutions still handle risk very differently in practice.
-
OpinionEvidentiary Debt: The blind spot liability
On a gray Tuesday morning, the audit seemed routine. A stack of binders sat on the table, the compliance officer was confident, and the regulator’s tone was cordial. Then came the question that changed everything.
-
OpinionTracing Illicit Crypto: How to leverage blockchain analytics for effective AML compliance
Cryptocurrency’s transparency can be exploited for laundering, ransomware, and darknet activity. Blockchain analytics helps trace funds and flag suspicious behavior.
-
OpinionDecision Debt: The silent crisis undermining compliance and governance
Decision debt is the practice of leaving key compliance decisions unresolved, and it is a crisis few compliance leaders are willing to name. Some of the world’s largest financial institutions, including Wells Fargo and Citibank, have learned this lesson the hard way.
-
PremiumStudy: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.
-
OpinionAI adoption without trust: A call for compliance professionals
Employees are adopting AI faster than companies can build policies, governance, and training. That gap creates compliance exposure in areas from data privacy to shadow IT to workplace equity.
-
ArticleDigital wallets should speed up compliance, but companies must focus on trust and security
The EU has one, the U.K. is getting one, many U.S. states are working with Google and Apple to provide one, and now industry sectors are developing their own digital wallet.
-
OpinionA friend for the compliance officer: Co-thinking with AI
At their core, compliance officers are problem-solvers. They wrestle with thorny questions every day: How do we implement a global gifts-and-entertainment policy across jurisdictions with vastly different cultural norms? How do we balance business pressures with anti-corruption obligations? How do we address new risks like AI itself?
-
OpinionCross-border compliance: Lessons from the UAE for a globalized financial system
Financial ecosystems are no longer confined within national boundaries. Money, technology, and risks flow seamlessly across jurisdictions, creating unprecedented challenges for compliance officers. From sanctions and anti-money laundering (AML) obligations to the rise of virtual assets, the compliance function must now navigate a complex, cross-border landscape where regulators, institutions, and ...
-
OpinionWhy audit won’t save your anti-money laundering (AML) program
In financial institutions across the United States, there’s a reflex that’s become almost ritual. When a regulator walks in, or a board member asks whether the AML program is working, the answer is the same: “We just passed audit.” It’s delivered with confidence, sometimes even pride, as if the risk ...
-
OpinionFive best practices for conducting effective investigations
Companies face rising pressure to detect misconduct early. Strong internal investigations identify compliance issues, uphold regulations, and protect credibility.