Innovation in Compliance with Tom Fox

EJ Marin is the Director of Solutions Engineering at Nakisa. His role is to see customer challenges from different angles, identify patterns, and engineer solutions for the HR function for HR professionals. He chats with Tom Fox about the changing face of HR in this week’s show.Organizational Design and TransformationTom asks EJ to define organizational design. EJ shares the traditional definition of organizational design, and contrasts this with his take on what it means. “Right now,” he remarks, “organizational design is more about agility [and] resilience, due to COVID and everything that’s happening… Now it’s all about adapting to the next normal: not to the new normal, but to the next things that are coming… It’s all about analyzing the organization and making sure that at the end of the day you’re adapting to the situation as fast as possible.” Skills and capabilities that were optional before COVID, EJ points out, are essential to a company’s survival today. “Transformation needs to become a routine,” he argues. “You need to create these capabilities in your organization so you can easily reply, respond and adapt to the new challenges that we have in the marketplace today.” Tom asks if traditional HR departments are set up for that kind of adaptation. They have to adapt quickly, he responds. Their survival depends on being agile. EJ outlines the steps of organizational design. They include assessing the organization, creating objectives, collaboration and making changes to the core HR systems. Nakisa helps to streamline the entire process using technology. EJ also explains the importance of HR data quality. “HR data is alive… [but] it’s very easy to get out of sync,” he tells Tom.Diversity and InclusionDiversity and inclusion is a business asset. Companies that achieve it do better financially and in other areas. EJ shares three steps to help businesses go through a major transformation, such as a merger and acquisition, and keep this valuable asset. ResourcesNakisa.comEJ.Marin@nakisa.com

Tom Fox welcomes Luke Wilson to the Innovation In Compliance show. Luke is the Vice President of Intelligence at 4iQ. He has extensive experience in cyber threat analysis and counter-terrorism, having worked with the federal government for many years.  Luke and Tom chat about trending cybersecurity issues in this week’s show.The Adversary Intelligence CompanyTom asks Luke why 4iQ calls itself The Adversary Intelligence Company. Luke responds that their mission at 4iQ is to help their clients defend themselves against bad actors. “We're here to help you defend yourself from adversaries,” he says. “...We want to help you gather intelligence on those individuals so you can understand their TTPs [tactics, techniques, and procedures], what they're after, and how to prevent that from happening in the future as well.” He points out that good cybersecurity involves understanding your third-party service providers, including who is supplying data and infrastructure to them.COVID’s Impact on Cybersecurity“The impact of the coronavirus health crisis has been that it has accelerated, sometimes exponentially, trends that were already in play,” Tom comments. Luke explains how the pandemic has impacted the cybersecurity space. “It’s the perfect scenario for cybercrime and for cybercriminals to ramp up their attacks,” he remarks. Employees used protected networks at the office, but now that they’re working from home, that basic protection is not available. As a result, there has been an uptick in cybercrime, including ransomware phishing. Luke expects these trends to continue in 2021 and beyond: “I see a continuation of the threats that are out there now. A lot of what's going on is just a repackaging of what's been happening for a while now in the cyber threat landscape… I think we're going to see this going for a very long time until COVID-19 is not the main topic around the world.” Luke and Tom discuss the measures the government may take to deal with financial crime. “Whenever you have a massive event like this [COVID-19 federal loans], you can expect that there will be some fraud going on,” Luke says. “But I probably would assess that they'll put a little bit more stringent criteria on there after what they've seen happening now with some of these loans.”Resources4iQ.com4iQ on LinkedInCOVID-19 Threat Report

Josh Turpen is the Chief Product Officer of Jama Software. He says that early in his career he came to understand the importance of good requirements and testing, and the ability to tie it all together. Their Jama Connect solution, he argues, is “the premier requirements management test and risk tool… as it brings together requirements, test and risk in a way that our customers can have good traceability and good verification.” He and Tom Fox chat about the importance of being an enabler, as well as product development lifecycle management in this week’s show.A Larger View on RiskJosh says that Jama’s experience in diverse industries gives them a broader view of risk. With this wide expertise they are able to help their clients see how product requirements and tests tie back to risk, and how requirements, risk and tests change with product alterations. Tom comments that changing external risk - such as the present pandemic - calls for new risk assessments. Josh agrees. “Overall,” Josh says, “re-evaluating risk with external events in mind is a good practice. And you've gotta have a system that enables that.” He and Tom discuss document-based solutions versus item-based, and why he believes item-based solutions are better.Managing Product DevelopmentIt’s important for engineers to know what they’re building and why, Josh says. He argues that it helps them make better decisions. That buy-in is a critical component of success: “One of the key enablers of success is that holistic picture that… everybody is bought in on and understand,” he says. You need to hire good people and be an enabler, he adds. “It’s not what you do. It’s what you can help your team do.” Tom asks him to define product development lifecycle management. Josh explains that it’s seeing the scope of the product development from end to end. ResourcesJamaSoftware.comJosh Turpen on LinkedIn

John Castner says he had a ‘Sliding Doors’ moment, which led him to leave his teaching career to move into the software industry. John is the President and CEO of IsoMetrix, a risk and compliance management software company. Via their software, John says, “We focus on three things: change for good, partnerships that empower, and the possibility of a better world.” John joins Tom Fox on this week’s show to share how his company is disrupting the risk and compliance industry.Moving Towards True Risk ManagementTom asks John to explain the difference between simply compliance and true risk management. John responds that risk management at its heart is really about understanding people and how we make decisions. People make decisions based on risk, not compliance, he argues. As such, companies should create a culture where people think about their decisions and the risks associated with the choices they make. “What I think risk management does versus compliance,” John comments, “is it forces another level of thinking, of assessing and then acting accordingly.” A risk-based decision-making approach gives people more ownership and accountability for their actions. Disrupting Integrated Risk ManagementJohn offers three ways IsoMetrix is disrupting the risk and compliance industry. Firstly, they believe in the interconnectedness of all parts of the business. Their software architecture breaks down the silos seen in traditional organizations and uses “golden threads” that show how each data point relates to every area of the business. Secondly, IsoMetrix posits that a company’s social capital greatly influences its sustainability and risk management. Lastly, John says, they are different because they embrace change and challenges.Sustainability Post-COVIDTom and John discuss the concept of sustainable business in the post-COVID world. John believes that the understanding of sustainability is shifting. “I think what COVID is going to do is make that word sustainability more holistic, almost like a circular concept... And I think that's going to include a lot of the decisions about the interconnectedness of all the various aspects of your business,” he points out. If you don’t focus on Environmental, Social and Governance (ESG) and sustainability, your business is at risk. ResourcesIsoMetrix.com IsoMetrix on LinkedIn | TwitterJohn Castner on LinkedIn

Andy Hinton joined #NotMe as an advisor. He says that the move is “just a continuation of the mission that I had at Google and GE, which is to leverage the employee population to help organizations do better when it comes to risk detection, risk monitoring, and ultimately, risk management.” Ariel Weindling is the founder of #NotMe. His motivation was to try to solve the problem of misconduct, which he felt was being tackled very inefficiently. He says that he wanted his daughter to have a tool she could use to be safe in the workplace, so she would not be a victim or a witness of misconduct. Both men join Tom Fox on this week’s show for an interesting look at the #NotMe tool and how it helps organizations keep employees safe.An Employee First ApproachAndy says that #NotMe has the right approach by putting employees first. He comments that it is “a tectonic shift” as other services are focused on the organization’s needs rather than serving and supporting employees. The goal of #NotMe is to change workplace culture and to make workplaces safe for everyone. Tom asks how they can implement that goal. Ariel responds, “We believe that safety is key in the workplace. Whether we are speaking about psychological safety or physical safety, they are key to an organization. They're key to an employee because employees are not gonna do good work if they are not safe. Safety benefits all stakeholders of the company.” He goes on to explain that misconduct is really about an abuse of power, and shares the two ways #NotMe addresses this issue. “[We want] companies to stop looking at an employee report as a liability, but rather as an opportunity to listen, to discuss, to communicate, and to course-correct.”A Robust Reporting System Enhances ProfitabilityTom cites research that companies with a robust reporting system tend to be more profitable. Andy agrees and adds, “The ability to energize and engage employees to do a better job around risk identification, risk reporting, and risk management is truly a potentially tremendous asset for an organization… When it’s appropriately leveraged, it does make the organization better… [in] profitability and revenue generation.” Ariel describes the features of the #NotMe app as well as the dashboard. The difference between #NotMe and other tools, he says, is that #NotMe belongs to the employee so it preserves and maintains their anonymity throughout. Andy points out that using an independent tool like #NotMe is essentially leveraging your employee population to help you manage risk.”Prevention Starts with ReportingPreventing workplace misconduct starts with reporting. Tom comments that #NotMe can provide continuous information that would help an organization continuously improve its compliance program. Andy adds, “#NotMe is an easy way to do that. By deploying it, promoting it you express to your employees that you are taking these issues seriously, and you're doing fundamental concrete things to address them.”ResourcesNot-Me.comAriel@not-me.com Andy Hinton on LinkedIn

Tom Fox chats with Simon Greany, co-founder and Chief Learning Officer of Elucidat, in this week’s show. They discuss how technology can support communication and personalized learning, and how companies can scale online training beyond Zoom. Technology Can Support Communication and TrainingTechnology can support communication and training through engaging, immersive online learning experiences, Simon says. He and his partners built Elucidat to make online learning scalable. Thus far, they’ve supported 17 million learners. Tom asks how the pandemic has impacted e-learning. Simon describes three ways COVID-19 has changed the industry: There’s a shift away from face-to-face training; Organizations respond to change more quickly; More data is being delivered. He describes how Elucidat is supporting organizations to make the shift from in-person to online training.Personalizing Training“We all consume training differently,” says Tom. He asks how Elucidat approaches the differences in how people learn. Simon responds, “A philosophy that we have underpinned our product by is people-centered learning. We have a philosophy around six pillars: respecting time is one of those, and being personal is another. That’s really about respecting the audience, taking time to understand their individual needs, context and perspectives, and designing learning experiences that take those into account and adapting to them… [Using] multiple ways to invite someone in and support them in a way that’s comfortable and contextually right for them, but also in the format that works for them as well.” He describes how Elucidat supports personalization by enabling organizations to crowdsource their expertise. “If you’re going to use someone’s time wisely,” he argues, “you just need to give them what is relevant to them, not everything… What the technology does is to support core messages so that you can adapt, but not replicate everything all of the time.”Scaling Beyond ZoomTom asks Simon how training can scale beyond the limitations of Zoom. “What we see is that the sustainable, longer term strategy here… is to build digital online training experiences that can... be designed and iterated to really have that effect [the same effect as Zoom], but... can be rolled out in a consistent way,” Simon replies. “It’s a way of working that can actually be not only scaled, but lead to a higher quality over time, by pinpointing through data and analysis what’s working out there, and if it’s having the desired effect on the organization and its record keeping.”ResourcesElucidat.comSimon Greany on LinkedInFor the Elucidat free Compliance Resource Guide, click here. 

Welcome to the fifth and final episode of a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s largest banks, Fortune 1000 companies and government agencies and regulators. Over the past five episodes, we have put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider the Federal Government and Supply Chains with Carrie Wibben and Vishnu Anatatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi. Today, Part 5, we conclude with a review of third-party risk management solutions with Erika Peters and Skyler Chi. Peters is an Associate Managing Director based in Exiger’s New York office, where she focuses on the firm’s financial crime compliance and assurance practices. Chi is an Associate Director based in Exiger’s New York office. With nearly ten years of forensic accounting and investigative experience he leverages world-class technology (e.g., SQL, Python, Tableau, natural language processing and machine learning) in order to aid in financial investigations and government clients in bank/investment statement reviews and analyses, data analysis efforts, large document analyses, and extensive e-mail reviews.For more information on Exiger, click here.For more information on Erika Peters, click here.

Welcome to a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s largest banks, Fortune 1000 companies and government agencies and regulators. Over the course of the series, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider the Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.In Part 4, we consider the pillars of good compliance with Brandon Daniels and Carrie Wibben. Wibben is a Senior Vice President, National Security & Intelligence, based in Exiger’s McLean office. As the former Deputy Director of the Defense Counterintelligence and Security Agency (DCSA), Carrie joins Exiger following a distinguished career in homeland defense spanning various government agencies – including the US Department of Defense, the Executive Office of the President, and the Special Security Directorate. Brandon Daniels is the President of Global Markets. A regulatory expert and technology practitioner, Brandon brings more than 15 years in senior management across the financial services, life sciences and energy sectors. He has a reputation for technological innovation in regulatory investigations and compliance management.Join us tomorrow where we conclude our five-part series by looking at some of the new challenges and new solutions for third party risk management and investigations.For more information on Exiger, click here.For more information on Brandon Daniels, click here.For more information on Carrie Wibben, click here.

Welcome to a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world's largest banks, Fortune 1000 companies and government agencies and regulators. During this series, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider the Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.In Part 3, we put a spotlight on Federal Government and Supply Chains. In this exploration I am joined by Carrie Wibben and Vishnu Anantatmula. Wibben is a Senior Vice President, National Security & Intelligence, based in Exiger’s McLean office. As the former Deputy Director of the Defense Counterintelligence and Security Agency (DCSA), Carrie joins Exiger following a distinguished career in homeland defense spanning various government agencies – including the US Department of Defense, the Executive Office of the President, and the Special Security Directorate. Anantatmula is a Senior Account Manager in Exiger Federal Solutions based in the company’s Tysons Corner office. His team is focused on OSD Acquisition and Sustainment, delivering critical time-sensitive assessments to Senior DoD Executives that facilitate informed decisions on large investments in the Pharmaceutical Industry and provide heavily researched solutions for illuminating technology products, programs, and sectors.Join us tomorrow where we review the pillars of good compliance.For more information on Exiger, click here.For more information on Exiger’s government services, click here.For more information on Carrie Wibben, click here.

Welcome to a special five-part podcast series, sponsored by Exiger, on topics From Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s largest banks, Fortune 1000 companies and government agencies and regulators. Over this series, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George ‘Ren’ McEachern; consider Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.In this Part 2, we put a spotlight on corporations and their challenges in managing third parties and with Supply Chain risk management. In this exploration I am joined by George ‘Ren’ McEachern, a Managing Director based in Exiger’s Silver Spring (DC Metro) office where he focuses on leading anti-bribery investigations and assisting multinational corporations and financial institutions with regulatory risk management. Also joining me in this episode is Aaron Narva, Head of Corporate Markets, based in Exiger’s New York office. He leads the development and delivery of Exiger's purpose-built AI-powered solutions for anti-bribery and corruption compliance. While at Exiger, Aaron has conducted in-depth testing and review of complex financial institution compliance and anti-money laundering (AML) programs both in the US and abroad. His experience includes detailed assessment of transactions, customer due diligence, and policies and procedures. He also helped to design and develop Exiger Diligence, the investigative due diligence arm of Exiger.Join us tomorrow where we consider areas some of the challenges the Federal Government has on Supply Chain risk management.For more information on Exiger, click here.For more information on George ‘Ren’ McEachern, click here.For more information on Aaron Narva, click here.