Opinion | Compliance Week
Columns and insights written by Compliance Week editorial staff or outside contributors.
-
OpinionLeveraging COSO to mitigate AI risk: A step-by-step guide
AI elevates compliance, or exposes it. The technology presents compliance leaders and lawyers with an extraordinary opportunity to elevate their roles, as well as an equally extraordinary risk of accountability when AI fails, misleads, discriminates, hallucinates, or generates unreliable outputs.
-
OpinionDoes attorney-client privilege extend to exchanges with AI platforms? U.S. courts offer mixed messages
Federal court judges in New York and Michigan have offered split rulings on whether AI prompts seeking information from AI platforms are subject to the attorney-client privilege.
-
OpinionAn appreciation of CW’s data and research journalist, Aly McDevitt
One of the best things about writing for Compliance Week is reading the fabulous work by my colleagues. For me, CW data and research journalist Aly McDevitt has always stood out as someone whose work in reporting on and writing the Compliance Week case studies is work I have greatly ...
-
OpinionInstitutional resilience: Why remediation fails without independent governance challenge
Changing governance and internal controls in response to recent enforcement actions cannot mask a fundamental deficiency: remediation is not changing the way decisions are being made, allowing the same mistakes to happen over and over.
-
OpinionHow to responsibly roll out AI in compliance, from a former Google exec
Compliance officers across the economy are being told to adopt AI - to save costs, increase and expand compliance coverage through more real-time and contextualized information, navigate the ever-changing regulatory landscape, and leverage more analytical firepower to make better decisions.
-
OpinionRethinking war risk in an era of persistent conflict
For many organizations, “war risk” still sounds like a niche concern, something reserved for defense contractors, energy companies, or humanitarian organizations operating near active conflict. Over the past several years, that assumption has quietly eroded, particularly for the insurance industry.
-
OpinionWhen AI acts: The compliance challenge of agentic systems
Artificial intelligence is no longer limited to generating insights or supporting analysis. With every passing day, AI systems are being designed to initiate actions, trigger workflows, and influence outcomes with minimal human intervention.
-
OpinionA snapshot of the state of financial crime in the United States
Financial crime in the U.S. isn’t just evolving; it is accelerating faster than most institutions can adapt.
-
OpinionTips for creating and implementing a global gifts and hospitality policy
Across the globe, gift giving and wining and dining play a role in building business relationships. But be it a tin of cookies, coveted concert tickets, or a gourmet meal, employees should understand what types of gifts and hospitality are acceptable to avoid exposing their company to risk.
-
OpinionWhat to know about double materiality assessments for ESG initiatives
Double materiality assessments help organizations identify and prioritise ESG topics that matter most, both in terms of their impact on society and the environment, and their financial implications for the business.
-
OpinionStart considering contracts as part of your compliance infrastructure
For many compliance teams, 2025 marked an inflection point: A familiar problem in an unfamiliar form, significant regulatory exposure without settled rules, benchmarks, or enforcement patterns.
-
OpinionNavigating APAC data privacy laws: A compliance roadmap
Fragmented regulations across the APAC region are forcing compliance teams to rethink strategies that worked under GDPR.
-
OpinionCybersecurity terms in third-party contracts: Are you being served, or served up?
Governance failures embedded in standard agreements are amplifying organizations’ exposure to cyber incidents by failing to account for modern supply-chain realities, where third- and fourth-party vendors, cloud platforms, subcontractors create a cascading risk far beyond the contracting entity.
-
OpinionBeyond the paper shield: Noting differences between U.S. and Brazilian anti-corruption law
The difference between U.S. and Brazilian anti-corruption laws lies in the logic of their enforcement, writes Gustavo Aguiar, a Brazilian attorney whose practice specializes in public procurement, compliance, and land regulation.
-
OpinionFive questions business leaders should be asking in 2026 to manage transformation risk
Working with clients in various sectors over the past year, one thing is clear: Transformation is bigger, faster, and more interconnected. Tech, talent, regulation, and operations—it’s hitting at once.
-
OpinionWhen AI Is Forced on Compliance: The ECCP as your Guide
When a company rapidly adopts AI, compliance officers can be blindsided, tasked with governance almost immediately. Luckily, there is a guide from the U.S. Department of Justice to help.
-
OpinionEthics as strategic value: When compliance becomes a board-level decision tool
For many Boards of Directors, compliance reporting feels familiar and reassuring. Dashboards are green. Policies are updated. Training is complete. Incidents are investigated and closed. On paper, the system works.
-
OpinionCompliance Week AI event: How to build trust and ethics into AI tools from the start
What, exactly, do we want AI to do in our organizations?
-
OpinionSafely leveraging generative AI: A practical guide for compliance leaders
Generative AI (GenAI) has moved rapidly from experimentation into day-to-day use across many organizations. Over the past year, teams have shifted from exploratory pilots to relying on these tools for core activities such as contract analysis, research, and software development.
-
OpinionThe illusion of control: How shrinking teams and AI are redefining cyber risk
Over recent years, cybersecurity executives have been tasked with an almost impossible Challenge: reduce headcount, accelerate transformation, integrate artificial intelligence, meet regulatory obligations, and still maintain resilience.