For many Boards of Directors, compliance reporting feels familiar and reassuring. Dashboards are green. Policies are updated. Training is complete. Incidents are investigated and closed. On paper, the system works.
Opinion
Posted inTechnology
Compliance Week AI event: How to build trust and ethics into AI tools from the start
What, exactly, do we want AI to do in our organizations?
Posted inRegulatory Enforcement
National Fraud Enforcement Division: A dangerous escalation of compliance risk
Chief compliance officers and general counsel, beware: The Trump administration’s merging of its whole-of-government enforcement approach with its political agenda forewarns of escalating compliance risk on a national scale.
Posted inInternal Investigations
Best practices for responding to government investigations
In the current business environment, companies must have a documented plan for responding to government investigations. Shifts in tariffs, dynamic export controls, and a potentially less strict enforcement environment around international bribery all increase the risk that an employee or representative could violate the law – inadvertently or intentionally.
Posted inBoards & Shareholders
Interpretation precedes execution: Why “just do the work” fails in regulated organizations
Most organizational failures are not failures of effort, discipline, or follow-through. They are interpretation failures misdiagnosed as execution problems.
Posted inBest Practices, Opinion, Whistleblowers
Creating effective compliance messages for specific employee groups
As 2026 arrives, have you considered the efficacy of your compliance messaging efforts? We have all seen these compliance taglines “Speak Up!,” “See Something, Say Something,” “Ethics Matter!”
Posted inRisk Management
Risk literacy as a compliance accelerator: Teaching the business to speak risk
Compliance professionals understand the value of risk assessments. We conduct them annually, map risks to controls, and present heat maps to the board. But there is a strategic opportunity that many compliance programs overlook: Teaching the business itself to think in the language of risk.
Posted inAccounting & Auditing
SOX was built for humans. AI doesn’t fit that model.
For more than two decades, assurance and compliance frameworks have rested on a simple assumption: Material decisions are made by people. Post‑Sarbanes-Oxley Act (SOX) assurance reset worked because it aligned accountability with human behavior. That assumption shapes how internal controls are designed, how accountability is assigned, and how assurance is delivered.
Posted inBest Practices
Managing the permanent tension between compliance and business delivery
Business delivery runs on market deadlines. Compliance runs on regulatory mandates.
Posted inRegulatory Enforcement
Top Ethics and Compliance Failures of 2025
The 2025 year has been so rich with compliance stinkers, and rife with poor judgment, compliance missteps, outright malfeasance and greed, greed, greed, that it was almost impossible to choose just six epic compliance failures from this year’s massive poop pile.
