When AI Is Forced on Compliance: The ECCP as your Guide
When a company rapidly adopts AI, compliance officers can be blindsided, tasked with governance almost immediately. Luckily, there is a guide from the U.S. Department of Justice to help.
Ethics as strategic value: When compliance becomes a board-level decision tool
For many Boards of Directors, compliance reporting feels familiar and reassuring. Dashboards are green. Policies are updated. Training is complete. Incidents are investigated and closed. On paper, the system works.
Safely leveraging generative AI: A practical guide for compliance leaders
Generative AI (GenAI) has moved rapidly from experimentation into day-to-day use across many organizations. Over the past year, teams have shifted from exploratory pilots to relying on these tools for core activities such as contract analysis, research, and software development.
The illusion of control: How shrinking teams and AI are redefining cyber risk
Over recent years, cybersecurity executives have been tasked with an almost impossible Challenge: reduce headcount, accelerate transformation, integrate artificial intelligence, meet regulatory obligations, and still maintain resilience.
Best practices for responding to government investigations
In the current business environment, companies must have a documented plan for responding to government investigations. Shifts in tariffs, dynamic export controls, and a potentially less strict enforcement environment around international bribery all increase the risk that an employee or representative could violate the law – inadvertently or intentionally.
Why “just do the work” fails in regulated organizations
Most organizational failures are not failures of effort, discipline, or follow-through. They are interpretation failures misdiagnosed as execution problems.
Creating effective compliance messages for specific employee groups
As 2026 arrives, have you considered the efficacy of your compliance messaging efforts? We have all seen these compliance taglines “Speak Up!,” “See Something, Say Something,” “Ethics Matter!”
Teaching the business to speak risk
Compliance professionals understand the value of risk assessments. We conduct them annually, map risks to controls, and present heat maps to the board. But there is a strategic opportunity that many compliance programs overlook: Teaching the business itself to think in the language of risk.
SOX was built for humans. AI doesn’t fit that model.
For more than two decades, assurance and compliance frameworks have rested on a simple assumption: Material decisions are made by people. Post‑Sarbanes-Oxley Act (SOX) assurance reset worked because it aligned accountability with human behavior. That assumption shapes how internal controls are designed, how accountability is assigned, and how assurance is ...
Managing the permanent tension between compliance and business delivery
Business delivery runs on market deadlines. Compliance runs on regulatory mandates.
Six AI questions compliance officers must answer in 2026
As artificial intelligence reshapes business, compliance teams face new questions about risk and oversight. These are the key issues compliance professionals should be asking as they evaluate their programs heading into 2026.
How banks are responsibly embedding machine learning and GenAI into AML surveillance
As financial crime grows in scale, speed, and sophistication, banks are increasingly turning to artificial intelligence, machine learning, and generative AI to strengthen anti-money laundering and surveillance programs.
Congress is about to regulate crypto. Criminals are ready.
Congress is moving toward rules for cryptocurrency. That’s overdue. For years, crypto markets have grown faster than the laws meant to ensure they aren’t exploited by criminals.
Experts outline core skills compliance teams need to develop in 2026
Compliance teams will face a range of ongoing challenges in the coming year, as well as greater demands from boards and management for better, wider, and more real-time assurance on an increasing range of risk topics.
From NATO to nature crime. A practitioner’s perspective on greenwashing
From NATO and the UN to wildlife crime and finance, Chris Jagger explains why banks need smarter, more agile compliance to stay ahead of criminals.
Bribery exposure doesn’t start with policy failure. It starts with training.
Anti-bribery and corruption failures in financial institutions rarely stem from bad policies.
Building resilient teams in cyberdefense
The stress on cyberdefense teams can be accurately described as a form of chronic occupational trauma stemming from several unique pressures. But there are ways to build a culture that combats these pressures.
The invisible cost of digital defense on mental health
Cybersecurity professionals, particularly those in leadership roles, often face immense pressure and stress due to the constant threat of cyberattacks.
FINRA’s GenAI wake-up call: What compliance professionals must do now
FINRA’s rules are intended to be technologically neutral. They apply when companies use GenAI or similar technologies in their businesses, just as they apply when companies use any other technology or tool. But what does that mean for a compliance professional using GenAI?
How to identify and mitigate risks posed by Foreign Terrorist Organizations
Since Inauguration Day on Jan. 20, 2025, the Trump Administration has made it a priority to expand the list of designated Foreign Terrorist Organizations.
What the Copilot Usage Report 2025 Means for Corporate Compliance
Microsoft’s Copilot Usage Report 2025 offers compliance professionals a rare, data-driven look at how artificial intelligence is actually being used by millions of people, rather than how organizations assume it is being used.
Emerging antitrust risks in the expanded use of AI
Concerns over competitors using AI pricing tools to fix prices have dominated antitrust discussions in the U.S. and EU. Recent cases show how algorithmic pricing might enable unlawful coordination.
How to make the business case to upgrade records management systems
Companies are giving their records management programs a makeover, and not for the reasons you may think. What used to be a sleepy back-office legal department function is now front and center, often driven by compliance teams.
Why the EU’s new Machinery Regulation is a wake-up call on cybersecurity
The European manufacturing industry is on the cusp of a regulatory shift that promises to reshape how machines are designed and operated.
The AI audit burden: Why ‘Explainable AI’ is the key
AI decisions are only defensible when the reasoning behind them is visible, traceable, and auditable. Explainable AI delivers that visibility, turning black-box outputs into documented logic that compliance officers can stand behind when regulators, auditors, or stakeholders demand answers.
Turning compliance into a competitive advantage in defense tech
For emerging defense tech companies to take full advantage of acquisition reforms and increased funding, they will need to overcome a defining feature of the U.S. defense industry: It is highly regulated, and will likely remain so.
The rise of the AI compliance officer
As AI reshapes business operations and regulators move quickly, companies increasingly need a dedicated AI compliance officer to ensure ethical, transparent, and accountable deployment.
Who is leading the fight against confidence scams, and who should?
Internet-enabled scams are drawing national attention, with authorities treating them as organized transnational crimes. The FBI says confidence schemes now make up a significant share of online fraud, prompting questions about how the private sector is responding.
When stability fails: Why over-optimization creates organizational brittleness
Most organizations would say they value stability. Predictable operations, consistent output, and well-defined processes are generally considered marks of maturity. The assumption is simple: if a system can be made reliable, it becomes resilient.
Agentic AI and the policy blind spot: Why security can’t wait
The current AI policy and regulation landscape is still emerging globally. While some regulations and standards exist, governments, industry, and security leaders have critical gaps to close, especially around agentic artificial intelligence.
Complying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.
The CFO, AI, and the New Compliance Frontier
As CFOs use AI to streamline operations, they face new compliance risks tied to accountability and algorithmic governance. CCOs must work with them to ensure transparency and oversight throughout adoption.
The Compliance - Audit gap in ESG and financial reporting
ESG reporting has moved from a voluntary PR exercise to an expectation for regulators and investors, but the compliance audit gap now threatens credibility.
How to promote a positive compliance culture – and why behavior matters.
No matter what compliance managers do, people continue to disregard rules. Sandro Boeri, president of the U.K.’s Chartered Institute of Internal Auditors, says a new mandatory standard for internal audit teams can help.
Beyond the Binder: Policy governance in practice
Most compliance professionals have faced it: a regulator or client requests a policy, and several slightly different “final” versions appear. The issue often stems from reactive, siloed work without a unified governance framework.
What compliance can learn from a 95 percent AI pilot failure rate
Compliance professionals have long known that systems fail when governance does. An MIT study’s finding that 95 percent of enterprise artificial intelligence (AI) pilots fail underscores how essential compliance-grade discipline is to the success of emerging technologies.
Risk-Based AML only works if the C-suite agrees what ‘risk’ means
Banks emphasize risk-based compliance in their AML programs, citing it to regulators and embedding it in policy, yet many institutions still handle risk very differently in practice.
Evidentiary Debt: The blind spot liability
On a gray Tuesday morning, the audit seemed routine. A stack of binders sat on the table, the compliance officer was confident, and the regulator’s tone was cordial. Then came the question that changed everything.
Tracing Illicit Crypto: How to leverage blockchain analytics for effective AML compliance
Cryptocurrency’s transparency can be exploited for laundering, ransomware, and darknet activity. Blockchain analytics helps trace funds and flag suspicious behavior.
Decision Debt: The silent crisis undermining compliance and governance
Decision debt is the practice of leaving key compliance decisions unresolved, and it is a crisis few compliance leaders are willing to name. Some of the world’s largest financial institutions, including Wells Fargo and Citibank, have learned this lesson the hard way.
Study: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.
AI adoption without trust: A call for compliance professionals
Employees are adopting AI faster than companies can build policies, governance, and training. That gap creates compliance exposure in areas from data privacy to shadow IT to workplace equity.
Digital wallets should speed up compliance, but companies must focus on trust and security
The EU has one, the U.K. is getting one, many U.S. states are working with Google and Apple to provide one, and now industry sectors are developing their own digital wallet.
A friend for the compliance officer: Co-thinking with AI
At their core, compliance officers are problem-solvers. They wrestle with thorny questions every day: How do we implement a global gifts-and-entertainment policy across jurisdictions with vastly different cultural norms? How do we balance business pressures with anti-corruption obligations? How do we address new risks like AI itself?
Cross-border compliance: Lessons from the UAE for a globalized financial system
Financial ecosystems are no longer confined within national boundaries. Money, technology, and risks flow seamlessly across jurisdictions, creating unprecedented challenges for compliance officers. From sanctions and anti-money laundering (AML) obligations to the rise of virtual assets, the compliance function must now navigate a complex, cross-border landscape where regulators, institutions, and ...
Why audit won’t save your anti-money laundering (AML) program
In financial institutions across the United States, there’s a reflex that’s become almost ritual.
Five best practices for conducting effective investigations
Companies face rising pressure to detect misconduct early. Strong internal investigations identify compliance issues, uphold regulations, and protect credibility.
Emerging Compliance Risks 2025: Laurie Waddy on Leadership, Anticorruption, and AI
Former Head of Compliance/Chief Compliance Officer Laurie Waddy believes compliance professionals are well-positioned to support artificial intelligence (AI) adoption in their organizations. Drawing on 25 years’ experience in legal and compliance roles across multiple industries, Waddy shares insights into top compliance trends confronting the profession, including the emerging compliance risks ...
Five best practices for running an effective internal investigations program
In today’s complex and rapidly evolving regulatory compliance environment, organizations should have a thorough and effective internal investigations program in place to address any allegations of misconduct.
AI governance, agentic misalignment and the lessons from ‘Star Trek’
Does sci-fi predict the future of compliance or simply provide commentary on the current state of compliance? What is the role of corporate compliance around AI governance?