Innovation in Compliance with Tom Fox

Maryann Bullion is the General Counsel and Chief Compliance Officer at Bitcoin IRA, the first 24/7 retirement solution that allows customers to invest in cryptocurrencies within their IRAs. At Bitcoin IRA, Maryann and her team handle a wide range of complex legal issues and run a comprehensive compliance program. Tom Fox welcomes her to this week’s episode to talk about Bitcoin IRA, how it helps its clients, and how her professional background prepared her for her current position. Maryann’s Unique Professional Background Fulfilling a childhood dream, Maryann joined the US Army in 2009, serving in the Judge Advocates General’s Corps (JAG Corps). She was a reservist in the military and worked full-time at the Federal Deposit Insurance Corporation (FDIC). Tom asks her how her stint in the army influenced her career. She highlights one of her favorite training activities where they would run an obstacle course with their weapons and stop periodically to answer legal questions. “It sounds kind of funny but in real life, these are some of the questions you're going to be asked as an attorney out on the field,” she tells Tom. While at the FDIC, Maryann worked in the professional liability and crime section, which advised the receivership section. She later moved to the DC area where she worked in the financial crimes unit; she worked with law enforcement to bring bank employees who committed mortgage fraud to justice. While working in this position she was introduced to the world of cryptocurrency. The World of Cryptocurrency Despite its increase in popularity over the past few years, the cryptocurrency industry is still unknown territory for many. Tom asks Maryann to define cryptocurrency and Bitcoin investing. She responds, “So for me, cryptocurrency is just money in a digital format that's protected cryptographically; cryptography is a lot of mathematical algorithms set to secure the monetary value. It exists on blockchain which allows it to maintain a transparent and public accounting settlement process.” She explains that Bitcoin is the most recognized cryptocurrency that investors transact in. She assures Tom that cryptocurrency isn't the Wild West - it follows rules and regulations. “There are a lot of regulatory agencies in the United States, and there are a lot of good actors in the cryptocurrency world that are following those rules,” she points out. What is Crypto IRA?Tom asks Maryann to define a crypto IRA and how a consumer buys Bitcoin with a crypto IRA. Maryann briefly explains that individuals can invest in various cryptocurrencies using funds from their retirement accounts. She compares it to your average TD Ameritrade personal brokerage account, except that with a Bitcoin IRA account you invest in cryptocurrencies. She also confirms that all cryptocurrency platforms have your data security as their number one priority, to defend their clients from hackers.  ResourcesMaryann Bullion | LinkedIn Bitcoin IRA | Digital Trust  

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, Chief Executive Officer (CEO) at the company on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this concluding Episode 5, I visit with Scott Schneider, VP of Innovation at Traliant, on the evolution anti-bribery/anti-corruption training. Why is bribery and corruption a tricky subject to train on? When is training effective? Assuming the movers are aligned, what makes bribery training effective? The importance of practical advice. ResourcesTraliant WebsiteScott Schneider on LinkedI

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry going forward. Over this five-part series, I will visit with John Arendes, Chief Executive Officer (CEO) at the company, on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 4, I visit with Scott Schneider, Head of Content Development at Traliant, on the evolution and importance of the corporate Code of Conduct. Highlights include: Culture is the key driver, and your Code of Conduct is the foundation for a broader discussion of what regulators look for in a compliance program.  How has the Code of Conduct evolved? Your Code of Conduct should be more than simply aspirational, and your Code of Conduct training helps drive home values, ethics & culture. ResourcesTraliant WebsiteScott Schneider on LinkedIn

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, CEO at the company on what is new at New Traliant and what the DOJ has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 3, I visit with Maggie Smith, VP for Human Resources at Traliant and we discuss the intersection of diversity equity inclusion and compliance. Highlights include: DEI is much more than anti-discrimination/anti-harassment How do you bring in inclusion to an organization and why is it so important? It’s all about trust to drive a speak-up culture. The role of DEI in ESG. ResourcesTraliant WebsiteMaggie Smith on LinkedIn

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, Chief Executive Officer (CEO) at the company on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 2, I visit with John Arendes on DOJ communications around its expectations for training. Highlights include: In DAG Lisa Monaco's October 2021 speech, she said the DOJ would focus on corporate culture as a key indicia of compliance.  The DOJ has made clear that while longer form online training is satisfactory, they expect companies to develop short, direct compliance training for employees. Since the release of the Evaluation of Effective Compliance Programs, the DOJ has mandated, effective and targeted compliance training. ResourcesTraliant WebsiteJohn Arendes on LinkedIn

Eva Pittas is the co-founder and COO of Laika, a company that helps other companies manage compliance, obtain security certifications, and build trust with enterprise customers. Tom Fox welcomes her to this week’s show to talk about Laika and how it helps its clients.The Birth of LaikaEva began her professional life running IT risk and control for Citigroup and even worked there after the financial crisis of 2008. She was an integral part of the strong response to counteract the economic collapse. She joined the fintech industry in 2014, as she saw the growth happening in that space. She noticed that many companies “needed to get through with vendor procurement but they did not know what those processes would look like, what diligence would be, or what the security requirements were.” She started her consultancy boutique, BRCG, to provide answers to these questions. Working in the fintech space emphasized the importance of audits. Laika was born as a compliance solution for the rise of the cloud and to address the lack of expertise in information security and compliance guidance for companies. The Complete Compliance Solution Tom asks Eva about their typical clients and to describe the complete compliance solution. Eva says that most of their clientele are small to medium-sized innovative technology companies that are looking to introduce a holistic compliance program. She explains, “Compliance is not very straightforward….. it requires an interpretation of a standard, of a rule, of a regulation and how to apply that to your business.” Compliance programs have to evolve constantly to meet new compliance standards. Laika provides a customizable solution based on your compliance needs. What Makes Laika SpecialEva explains that what makes Laika stand out from other companies is that they have the expertise for all these recognized requirements. She states, “What Laika does is provide expert guidance and various subject matter experts that are a part of our solution that helps companies implement and maintain compliance.” Laika University facilitates this learning process.  Women In Tech Eva emphasizes that women belong in the technology industry, no matter their background. “Technology is not in the future – it’s here,” she says. She encourages more women to enter the space, as you do not need a technological background to break into tech - several non-technical jobs are being created every day. Resources Eva Pittas | LinkedIn | Twitter   Hey Laika

Welcome to a special five-part podcast series on the New Traliant, sponsored by Traliant. Over this series, we will discuss what is new at the company and key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, Chief Executive Officer (CEO) at the company on what is new at Traliant. Some of the topics we consider are: What’s new about Traliant? Why is the New Traliant so significant now? How has Traliant built upon prior strengths to great truly superior online training? ResourcesTraliant WebsiteJohn Arendes on LinkedIn

Brad Hibbert is the Chief Strategy Officer and Chief Operations Officer at Prevalent Inc., a company specializing in eliminating security and compliance exposures tied to third-party vendors and suppliers. Tom Fox welcomes Brad back to this week’s show to explore and discuss a study Prevalent recently released entitled, “The 2022 Third-Party Risk Management Industry Study”. Third-Party Risk Management Industry Survey Brad reveals that Prevalent Inc. has been working on the “Third-Party Risk Management Survey” for approximately three years. To gather data on the subject, they send the survey to thousands of professionals who are focused on third-party risk management, and who also have a background in security. When the results come in they are categorized, analyzed, and observed for any trends. Tom asks Brad what was the overall assessment of third-party risk management he determined from the survey. “I think third-party risk management is certainly getting more awareness within companies and within executive teams within companies,” Brad replied. He also noticed that both IT and non-IT risks are major concerns for the respondents. Key Observations About the State of Third-Party Management Risk TodayTom asks Brad to further analyze and discuss the key findings of the survey. These are the key observations: “Organizations are paying more attention to non-IT security risks but not enough.” Brad explains that programs involved in investigating IT threats are starting to acknowledge the non-IT threats as well. He says “It is no longer just about IT vendors, so organizations are trying to get a broader visibility across that broader supply chain of IT vendors and non-IT vendors, and they're also trying to get a broader visibility of the types of risks that they're looking at.” Brad sees this as a positive trend in the third-party risk management industry.  “Third-party risk management may (finally!) be getting more strategic.” Tom knows that IT professionals and compliance professionals understand the gravity of third-party risk but wonders if higher-level executives see it the same way – this is an issue to be dealt with strategically, he points out. Brad explains that 31% of respondents indicated that they were impacted by a third-party data breach. These incidents will cause entire organizations to raise awareness of third-party risk and take it seriously. He remarks, “People from security, people from procurement, people from contract, legal and compliance are trying to understand how they can get a holistic view of this concern around vendor risk to minimize it throughout that vendor life cycle.”  “Manual methods for assessing third parties persist but dissatisfaction runs high.” Unfortunately, most companies are still solely fixated on their IT main vendors and security risks, and they believe that they can simply use manual methods like emails and spreadsheets. However, as your third-party risk management grows, you can no longer successfully use those methods as they “do not examine the risks and remediate those risks with the vendors efficiently.” “Organizations are concerned with increasingly damaging third-party security incidents but are using disparate tools to detect, investigate and resolve exposures.” Brad says “High profile impactful data breaches are certainly raising awareness of the problem and it’s causing more organizations to monitor third parties for these types of data breaches.” However, the number of successful breaches over the pandemic suggests that organizations are not using established tools to fight the threats.  Full show notes can be found at Compliance Podcast Network.Resources Brad Hibbert | LinkedIn | TwitterPrevalent Inc. | Third-Party Risk Management Study

Brittany Brown and Rob Winters are the co-founders of Digitiv, a marketing and website design agency. Brittany is the Business Officer and Rob is Technology Officer of Digitiv. Tom Fox welcomes them to this week’s episode to talk about their company, the benefits of data management, PodOps, and the components of a successful podcast. Data Management: The Core of DigitivDigitiv maintains that your website and social media presence are crucial to growing your business. They provide their clients with strategies and marketing efforts that aid growth, one of which is data management. Tom comments that some businesses may think that they are too small to worry about data management. He asks why Brittany and Rob place it as one of their primary services. Rob responds that every business, no matter the size, should start thinking about data management from the start. Whenever the Digitiv team begins to build a new website there is usually some customer data that is not protected by the SSL certificate, making it susceptible to potential hackers. Some organizations even believe that their data is safe and self-managing when in reality it is not. This is why data management is so vital to a company. “It’s really not about protecting customer data but you're also protecting yourself. You don't want to open yourself up to potential lawsuits because you're disregarding certain aspects of data security and integrity for your customer,” Rob argues.What is PodOps?Tom asks Brittany and Rob to talk about their podcast and their podcasting app. Rob and Brittany started a podcast as a way to continue to grow their business and promote their services. Each episode they discuss “what it truly means to start, grow and thrive as a small business”. It began as a fun thing where they were able to share ideas with other entrepreneurs but eventually evolved into a new revenue stream. When you exhaust your contacts, they tell Tom, it becomes difficult to cast new guests for your show. Their app, PodOps, is “a dating service for podcast hosts and guests to really connect and get interviews scheduled.” It revolutionizes podcast content as we know it, they explain.The Components of a Successful PodcastTom asks what Brittany and Rob believe to be the key components of a successful podcast. The first key, they remark, is setting a goal or purpose for the podcast, as it provides a structure to grow fruitfully. You should also be in tune with your listeners, which means that the host should know the topic well enough to conduct it in a way that your listeners would be receptive. A third factor that plays into the success of your podcast is the sound quality. Listeners are “quickly turned off by poor sound quality or poor production”, they tell Tom. The last component of a successful podcast is providing transcripts, as it widens your audience to people with hearing loss.Resources Brittany Brown | LinkedIn | Digitiv  Rob Winters | LinkedIn | Digitiv  

Welcome to a podcast series on the fight to secure Supply Chains through cross-industry innovation. Exiger sponsors this series. In this series, we will explore the ongoing efforts of Exiger to lead the discussion and enhancement of Supply Chain Risk Management.Over this series, I visit with Erika Peters, Senior Vice President and Global Head of Third Party & Supply Chain Risk Management; Tim Stone, Senior Director, Supply Chain Risk Management for Exiger Federal Solutions; Kim Lee, Director who focuses on risk and compliance; Nick Wildgoose, a Consultant at Exiger; Skyler Chi, Director and Deputy Head of Supply Chain and Third-Party Risk Management; Andrew Lehmann, Associate Director at Exiger; Jennifer Nestor, Vice President at Exiger, Americas and Public Sector; Theresa Campobasso, Senior Director for Defense Programs at Exiger; Dan Banes President of Commercial Technology, and Mark Henderson, Director of Solution Design Lead.In this concluding episode 5, I am joined by Dan Banes, President of Commercial Technology, and Mark Henderson, Director of Solution Design Lead to discuss Supply Chain issues in the energy sector. Highlights of this podcast include: Key drivers for change within the energy industry around Third-Party and Supply Chain risk management The impact of Russian sanctions on the energy industry; and How ESG regulatory risk management has evolved within the energy industry. ResourcesDan Banes ProfileMark Henderson ProfileExiger WebsiteExiger’s Supply Chain Explorer