Innovation in Compliance with Tom Fox

On the 20th anniversary of the 9/11 terrorist attack, Tom Fox and guests look back on the tragic event and what it meant for them personally, as well as how it impacted the world of compliance. Tom’s first guest this week is Gabe Hidalgo, anti money laundering compliance expert, who shares how the events of that fateful day changed the course of his career.Looking BackGabe - who worked as outside counsel for insurance companies at the time - remembers turning on YahooTV as soon as he got to his office on 9/11 and seeing the second plane hit the World Trade Towers. He knew immediately that it was a deliberate attack. “I knew that this was kind of a hallmark moment,” he tells Tom, “that this was not an accident.” He details leaving the office in haste to get to his pregnant wife, and the obstacles and roadblocks he faced on the way. When they finally reunited at home, they were overcome with emotion. He remembers feeling gutted thinking about the unborn children who would grow up never knowing their fathers.Needing to Do SomethingGabe needed to do something more than just shed tears about 9/11, he tells Tom. He started to think about how he could use his skills as an attorney. “I went down the path of looking in private industry, what I can do, and came across anti money laundering compliance, which I thought was fascinating. And I said to myself, I need a way for me to be able to get into that so that I can start making a difference.” He shares his journey into the field, and that it was exactly the right time and the right fit for him. 9/11 was a wake up call for America, he remarks. It made us realize that we need to do whatever we can to prevent anything similar from happening again.Evolution of AML Since 9/11Tom asks Gabe how AML compliance has advanced since 9/11. It’s much more difficult for terrorist financiers to move funds now, he responds. “A lot of institutions have strengthened and hardened their compliance programs to the point where they can monitor individual transactions as they're moving across the transactional workflow in the United States. They examine each and every transaction that's coming across from a correspondent banking perspective, which is probably one of the most high-risk channels for money movement.” Gabe and his colleagues have done great work over the past 20 years, which has helped law enforcement stop and apprehend would-be terrorists. However, we can’t be complacent, Gabe says.Tom asks what 9/11 means for America. The 20th anniversary is a somber one, Gabe replies. 9/11 taught us not to be naive, that we’re not as protected as we think we are. He is proud of the advancements made to keep everyone safe, but the work continues. “It's a moment of reflection,” he points out. “We need to think about not only the people who have lost their lives, but everyone that was impacted - whether they were directly impacted through a family loss, or they were emotionally impacted by what actually occurred.”ResourcesGabe Hidalgo on LinkedIn 

Managing Director of Ethisphere, Doug Allen and Erica Salmon Byrne, EVP of Governance and Compliance, join Tom Fox on this week’s episode to talk about the World’s Most Ethical Companies award put on by Ethisphere every year. OriginsEthisphere was created to advance the standards of ethical practices. Doug says that their three tenets are “to define what's good in terms of how businesses do business with integrity; ...to measure and improve in all facets of integrity and then curating and convening organizations of like cultures and nature…” WMEC is the “purest manifestation of all these key tenets,” he continues, as it was established 16 years ago to “celebrate and recognize organizations that were doing business the right way.” The application process is rigorous, but it helps companies measure and assess their performance as well as give them a roadmap on how to improve. Erica comments that it “pulls the practical out of the theoretical… We spend a lot of our time taking those very broad strokes of guidance that we see from the regulators... and saying ‘What does this look like in practice?’”How WMEC Has EvolvedThe main survey applicants have to fill out for WMEC has become more expansive, as it is updated yearly. Doug and Erica tell Tom about some topics that were added as the survey evolved, including questions about supply chain compliance, human rights, culture and stakeholder engagement. Being a WMEC awardee is a powerful tool: companies who keep their purpose and ethos at the forefront outperform their competitors, Erica says. Applying for WMECApplications for WMEC open in early August. Doug describes the timeline for the review process and when they announce the awardees. Tom comments that applying for WMEC is more important than winning. “Just by engaging with the application process itself,” Doug remarks, “you get a very clear and detailed description of where trends are going…” Tom adds that it can also be seen as a gap analysis. Erica agrees and walks through the application and review process. Survey scores, validating documents, and Ethisphere’s independent reputation analysis are all used to determine the ultimate winners, she explains. Tom asks who should apply. Doug responds, “This is a process we developed intentionally to be applicable to organizations around the world of any sector and industry, ...of just about any size as well.” Erica re-emphasizes the benefits of applying even if you don’t think you are ready. The feedback you receive from your application, as well as the access to great resources, is worth so much, she points out. ResourcesWorldsMostEthicalCompanies.com MWEApplications@ethisphere.comApplication ProcessApplication GuideMethodologyWhy Apply2022 Interest FormErica Salmon Byrne on LinkedInDoug Allen on LinkedIn

Kristy Grant-Hart, Joe Murphy, and Kirsten Liston are Tom Fox’s guests on this week’s episode of the Innovation in Compliance Podcast. Kristy is the CEO and founder of Spark Compliance Consulting, as well as an author and keynote speaker. Joe is currently the editor of the Compliance & Ethics Professional magazine, and the Director of Public Policy. Kirsten is a certified Compliance and Ethics Professional, an author, and a keynote speaker. They join Tom to talk about their book ‘The Compliance Entrepreneur’s Handbook’, and what insights compliance professionals can use from it in their organizations. The GenesisThe Compliance Entrepreneur’s Handbook is about helping people who want to go into business in the compliance and ethics field. Kristy explains that there was an initial presentation and that the three of them were assigned sections of the book to write. “Each one of us wrote an original draft of those sections, switched them so that each person made comments on them, and then I did the edit where we put it all together. So it had essentially one voice but you can still pretty clearly hear the dynamics and the interesting stories of each individual person, and that's how it came to be,” she tells Tom. What Do You NeedThe book is structured to answer the questions of ‘What do I do now?’ ‘What decisions can I make?’ and ‘Who should I partner with?’ It shows entrepreneurs how to execute a compliance startup, as well as critical marketing, sales, and exit strategies. An exit strategy is especially important, and something entrepreneurs don’t think about in the beginning. “If your plan doesn't include an exit, then it's the wrong plan. You don't have to exit in five years but you should be thinking about making your business ready to sell,” Kristy stresses.  An Entrepreneur’s AdviceTom asks Kristy, Kirsten, and Joe to share their top pieces of advice to individuals who wish to start the entrepreneurship journey. Kirsten emphasizes nailing down the money, setting up your account, and knowing how to read a balance sheet. “You need to make sure you’re selling something for a profit, and that that profit is reaching you soon enough to pay for the work to deliver it,” she remarks. Kristy stresses on planning to have a business. Most people get caught up in the idea of having a business but do not plan for it, nor do they take into account all the legal documents that are needed or putting their website together. Joe shares some insight for entrepreneurs who are introverts. “Don't think just because you're an introvert you can't do this. You just need to team with people who have complementary skills. One [other] piece of advice I have for anybody going into business is read the Wall Street Journal every day,” he says. The Best and Worst Parts of Being an EntrepreneurThe best part of being an entrepreneur to Kirsten is owning the business. All the profit and all the successes are yours, and all the decisions are your own to make. On the other side, one of the worst parts of being an entrepreneur is that you own the business. Meaning that any losses or failures are yours to bear, and that your employees look to you to fix the problems that may occur. An advantage of being an entrepreneur to Kristy is the freedom to develop strategy, and the freedom to make choices without anyone telling you no. Alternatively, a disadvantage to her is managing the emotional aspect of it all. For Joe, the best and worst parts of being an entrepreneur is the freedom and control over what you do professionally but being treated like you don’t belong [in the compliance realm] because you’re a vendor.  ResourcesKristy Grant-Hart | LinkedIn | TwitterCompliance KristySpark Compliance Consulting Joe Murphy | LinkedIn | TwitterSociety of Corporate Compliance & Ethics Kirsten Liston | LinkedIn Rethink Compliance The Compliance Entrepreneur’s Handbook 

Dennis Kucinich is a career politician who has worked at the municipal, state, and federal levels and is joining Tom Fox on the Innovation in Compliance to talk about his newest book Division of Light and Power. This book is a story of corporate espionage, corporate sabotage, bank extortion of a city, and a mob-directed assassination plot that took place in Cleveland back in the 70s when Dennis was the mayor at only 31-years-old. What Happened in ClevelandIn Cleveland in the 1970s, there were two electricity companies: Munilight, a public company, and Cleveland Electric Illuminating Co, a private company. The municipal company was able to provide cheaper electricity to citizens of the city, and so became the target of an aggressive sabotage campaign on the part of CEI, so they could acquire the utility and have a monopoly on power in the city. They succeeded. As Mayor of Cleveland, Dennis tried to block the acquisition and became the target of a mob-directed assassination plot. Tom makes the point that issues like this are still happening, mentioning the recent Texas blackouts during a winter storm which were caused by negligence, incompetence, or criminal activity. The Role of the MediaThis was possible, in large part because of the complicity of the media. CEI had a massive advertising budget, and no qualms about bribing or otherwise “softening up” city council members to discredit Munilight. Tom points out that the press has a huge role in anti-corruption activities and asks Dennis how the media failed to examine the governance of the city of Cleveland, and Dennis responds that “he who pays the piper calls the tune.” The media was subverted to CEI’s agenda, and reporters who went against the party line were fired. Accountability in GovernmentTom and Dennis discuss the fact that government works – the question is who does it work for? Dennis says that if citizens want the government to be working for them, they have to keep their representatives honest by asking questions, demanding explanations, and refusing to be silent when something seems off. Otherwise, you are at the mercy of officials using their power to make a buck.How to be IncorruptibleTom asks Dennis what made him able to resist literal suitcases full of cash when they were offered to him, and Dennis says there is a Crosby Stills, Nash song called Teach Your Children with a line that goes: You, who are on the road, must have a code, that you can live by.” Dennis shares what his code is: an inner moral compass that is a simple understanding of what’s right and what’s wrong. He believes that when you do wrong, you pay for it, and that by leading a decent and moral life where you don’t need to worry about what you did or said – that’s an easy way to live: with a light heart.Resources:Division of Light and PowerCrosby, Still and Nash, “Teach Your Children”

To celebrate the 200th Episode of Innovation in Compliance, Tom Fox is joined by Dan Skolnick, the VP of Product Strategy for Financial Crimes at Lexis Nexis Risk Solutions to talk about fighting financial crime and terrorist financing with cutting-edge technologies. Dan got into the industry after a hot tip at a family party led him to Fircosoft, which was on its way to becoming an industry leader in financial crime prevention technology. Ahead of the CurveFinancial Crimes experts are much further ahead than other kinds of misconduct investigations professionals, so Tom asks about the evolution of Dan’s professional roles over his career. Dan says that when he started working in the industry, he was Sanction Screening for OFEC - but within a year of starting in the industry, the US Patriot Act was implemented which caused a huge shift in the type of work being done. The job has gone from looking for a very specific type of information to looking for risk across your customer base. Financial Crimes experts are much further ahead than other kinds of misconduct investigations professionals and have the tools, resources and brainpower to prevent financial misconduct.Deputizing the TalentThe government has, in effect, deputized financial services firms to help them with the terrorism financing problem that was being addressed with the Patriot Act. Because of the sheer quantity of data being collected and analyzed, financial services businesses had the information and know-how to be helpful to law enforcement and in foreign policy, developing a crime-fighting and enforcement culture. Today, you would be hard-pressed to find a bank without an executive who has that kind of enforcement or policy background.Decision Memory and Reapplication. Dan explains that a consequence of the emphasis on detection and prevention of terrorist financing is that you really have to prevent transactions rather than identify what happened in the past. In most cases, you need a human to intervene when you have a potential match - but there are more bad actors, more jurisdictions providing lists of bad actors, and more transactions happening on a daily basis than ever before - a technological solution is required.The Patriot Act and Public Companies Tom asks about the anti-money-laundering law that was passed this year which was the largest update to the Patriot Act since it was initially implemented. The new administration has made it clear that they are going to continue to fight financial crimes and terrorist financing. Dan agrees, and goes on to talk about how anti-money-laundering regulation is one of the few truly bi-partisan issues out there! Everyone expects more screening, more insights, and more reports, regardless of who is in charge. The same is true of public companies - different industries that deal with a high volume of transactions are interested in these tools, and that has been a major push for Dan and his colleagues since being acquired by Accuity and Lexis Nexis.Resources:Accuity.comRisk.lexisnexis.com  This podcast was sponsored by Lexis Nexis Risk Solutions and RegTech Pulse. RegTech Pulse examines the latest industry and technology trends that help organizations fight financial crime and streamline payments, so money and goods can move safely and securely around the world. Industry experts across the world join the conversation to share their insights and discuss best practices. RegTech Pulse is brought to you by Accuity, a LexisNexis Risk Solutions company, which helps power compliant and assured client transactions to build an interconnected and trusted financial ecosystem. Have you ever wanted to start a podcast? Email Tfox@Tfoxlaw.com to tell your story and join the Compliance Podcast Network 

Tom Fox’s guest this week is Lauren Sparks. Lauren is the founder, Chairperson and President of Agility Bank, a woman-owned and led commercial community bank. Lauren has more than 35 years experience as a banking executive and has dedicated her career to helping growth-oriented business leaders achieve their financial goals. She and Tom talk about digital innovations for banking, and why community banks should not be written off as a thing of the past.Fostering Small and Medium BusinessLauren founded Agility Banking because she felt that many women were being left behind in the decision processes in financial services. As a women-owned and women-led organization, Agility Banking is a minority depository institution. This designation offers many opportunities, such as having larger financial institutions and large corporations as partners. “Community banks fill a space and do lending that the larger banks have backed away from,” Lauren explains. Loans are harder to come by for smaller businesses and community banks like Agility are helping to mitigate that issue. With the technology that Agility is putting together, they can do smaller loans and bridge the gap that’s in the small and medium business market. Community banks can also pivot quicker than larger banks, as evidenced by the past few months. Meeting Clients Where They AreAgility is all about meeting clients where they are and creating innovations that can make banking easy and convenient. “So much about what we've built for the bank is about being on the client side of the desk,” Lauren stresses. “So more than just a checking account and really being able to adapt to circumstances and meeting the customer where they are, as opposed to always demanding that the client comes to the bank on the bank's terms.” The approach has been taking the perspective of a business bank and adapting to what the evolving small business market needs. Looking AheadAgility is positioning itself for the ecosystem of the future. The banking industry is becoming more and more digital every day. As such, Agility always has to be prepared to spend money on new technology to make themselves available to their clients. ResourcesLauren Sparks | LinkedIn Agility Banking

Tom Fox’s guest this week is Heather Buker. Heather is the Product Manager at Allgress and oversees the full life cycle of development and QA processes. She has spent her professional life in the world of computer engineering until making her way into the cybersecurity space. Tom welcomes her to this week’s show to talk about a new innovation from Allgress around authorizations to operate in the federal sector.All About AllgressHeather explains that Allgress is for highly regulated industries such as technology, government, and healthcare. “Allgress in general is a global provider of next-generation audit, compliance, security, and risk management solutions for organizations and their business partners to meet business risk objectives,” she says. Allgress enables organizations to streamline these processes and manage assessment monitoring in a more simplified way, and without the need for a contingent of consultants. Fed Ramps & ATOsTom asks Heather to explain what fed ramps and ATOs are and why they’re important. Fed ramps are federal risk and management programs that are government-wide. The programs provide a standardized approach to security assessments and continuous monitoring for cloud-based services. An ATO is the government giving you the authorization to operate a compliant cloud-based service. ATOs and fed ramps are necessary if you sell your service to the federal government. After acquiring your fed ramp or ATO, then you can focus on maintaining the continuous monitoring that the ATO provides.How Allgress Maintains Your Federal ATO Effectively“We're going to give you the dynamic preparedness assessment; we're going to automatically determine your impact level based on a survey; we're going to guide you through [attaining an ATO] step by step,” Heather tells Tom. Allgress completely streamlines this process via automation and creates the audit trail that its clients need. “When the auditors come and they have questions, you're gonna have all of the answers, and it's going to be in the single pane of glass view that Allgress provides,” she adds. Allgress provides all the evidence and policies necessary for when you’re testing to the federal controls. The Impact of COVID-19 & What’s NextThe pandemic put a spotlight on the need for GRC solutions and exposed those companies that didn’t have those processes in place. It was a reminder to organizations that we never know when unexpected risk may strike, how we may be impacted, and how it may affect our organizational systems. Businesses have to start preparing for unexpected risks within our organizations. Heather explains to Tom that Allgress helps with this by automating organizational and partner risk assessment and leading them in the direction of a recovery plan. Businesses also need to be putting more importance on the usability of their products. “User adoption is something that's so difficult to achieve when you introduce a new product to your workforce... It's imperative that GRC solutions continue to become more user-friendly and reduce that learning curve so that users are going to adopt the technology more quickly and with ease,” Heather remarks.ResourcesHeather Buker | LinkedIn | Twitter

Welcome to a special six-part podcast series, sponsored by Exiger, on the TRADES Framework, a conceptual, strategic and practical guide for Third-Party and Supply Chain Risk Management designed by Exiger to help organizations achieve supply chain resiliency and optimize risk management at any phase of maturity. In this concluding episode, I am joined by Brandon Daniels, President, Global Markets and Erika Peters, Managing Director, Global Markets Group Head of Tech Transformation to look at supplier monitoring and provide some concluding remarks.Highlights Include: S is for Supplier Monitoring. Program implementation. From ongoing monitoring to continuous improvement. Your Suppliers eco-system. The role of data aggregators and tech solutions. ResourcesExiger TRADES FrameworkExiger WebsiteBrandon DanielsErika Peters

Welcome to a special six-part podcast series, sponsored by Exiger, on the TRADES Framework, a conceptual, strategic and practical guide for Third-Party and Supply Chain Risk Management designed by Exiger to help organizations achieve supply chain resiliency and optimize risk management at any phase of maturity. Today we consider the TRADES Framework uplift evaluation with Brandon Daniels, resident, Global Markets and Josh Thiel, Executive Intern (Former Commander of Special Operations Task Force).Highlights Include: E is for evaluation. Evaluation at the Strategic Level. The role of the Board. What is the role at the Program Level? The Tactical Level? What is the role of senior leadership? Join us for our concluding episode, when Brandon Daniels and Erika Peters give a review of supplier monitoring and an update on how government and critical industry are leading the charge using TRADES to out-pace threats and vulnerabilities while minimizing third party and supply chain risk management gaps. ResourcesExiger TRADES FrameworkExiger WebsiteBrandon Daniels 

Welcome to a special six-part podcast series, sponsored by Exiger, on the TRADES Framework, a conceptual, strategic and practical guide for Third-Party and Supply Chain Risk Management designed by Exiger to help organizations achieve supply chain resiliency and optimize risk management at any phase of maturity. In this episode,In this episode, I visited with Carrie Wibben, Senior Vice President, Exiger Federal Solutions   and Aaron Narva, Senior Vice President, Head of Corporate Markets on determining risk mitigations. Highlights Include: D is for determine risk mitigation. Solving problems and taking action. Both critical and creative thinking required. Coordination with the compliance function. The Role of Due Diligence. Join us tomorrow, where we discuss the step, evaluate the TRADES Framework uplift with Brandon Daniels and Josh Thiel.ResourcesExiger TRADES FrameworkExiger WebsiteAaron NarvaCarrie Wibben