Innovation in Compliance with Tom Fox

David McLaughlin, founder and CEO of QuantaVerse, joins Tom Fox on this week’s show to discuss his company’s new risk management tool, Country Code Derivation. He explains that this capability was actually a part of their platform for some time, but they saw the need to offer it as a separate tool. “We found that there is a really specific and unique need for understanding the country code of transacting parties,” he says.Identifying Risky TransactionsTom and David discuss how Country Code Derivation assists organizations, including financial institutions, identify potentially risky transactions. David explains that this tool is a “multimodal, layered approach of sifting through different capabilities to accurately identify where somebody's jurisdiction is.” Determining jurisdiction of a transaction is a core part of understanding risk, David points out. The advantages of using technology versus a manual process are obvious: technology is more accurate and efficient, can validate malformed data, and saves time and money. Tom asks if regular organizations can use this tool. David responds that it’s valuable for an organization that needs to determine the location of a party, be it vendors or customers. Compliance Officers Can Use It TooTom comments that Country Code Derivation can give compliance professionals access to data they may not have had access to before. David agrees. “It can provide compliance professionals with data that they need,” he says. “It can do it in a way that validates the accuracy of it. It can update it in a way that is automatic and systematic and regular.” Both men conclude that this tool is more important today - in the time of coronavirus - than it ever was. Many organizations have a data backlog because of the pandemic; Country Code Derivation helps to eliminate that backlog in quick time. ResourcesQuantaVerse.netQuantaVerse on LinkedInDavid McLaughlin on LinkedIn

Welcome to a special five-part podcast series on the topic of Third-Party Risk Management to Supply Chain Risk Management: Exiger on the Evolution in Supplier Compliance in COVID, sponsored by Exiger. Exiger was founded to fight financial crime, fraud and terrorist financing by introducing technology-enabled solutions to the market’s biggest supply chain, risk, investigation, litigation, and compliance challenges. A global authority on risk and compliance, Exiger serves the world’s Largest Banks, Fortune 1000 companies and government agencies & regulators. Over the next five episodes, we will put a spotlight on Financial Institutions with Tara Loftus and Samar Pratt; focus on corporations with Aaron Narva and George Ren McEachern; consider Federal Government and Supply Chains with Carrie Wibben and Vishnu Anantatmula; review the pillars of good compliance with Brandon Daniels and Carrie Wibben; and end with a review of third-party risk management solutions with Erika Peters and Skyler Chi.In this Part 1, we put a spotlight in financial institutions. In this exploration I am joined by Tara Loftus, a Managing Director, who is a part of the Financial Crime Compliance Advisory practice focusing on anti-money laundering (AML) and anti-bribery & corruption (ABC) and Samar Pratt Managing Director who is also in the firm’s Financial Crime Compliance Advisory practice, specializing in audit and assurance.Join us tomorrow where we consider areas where corporations have challenges on third parties and Supply Chain risk. For more information on Exiger, click here. For more information on Samar Pratt, click here.For more information on Tara Loftus, click here.

This week’s special guest is Yonason Goldson, expert in ethical leadership, TEDx speaker, and consultant. He joins Tom Fox to discuss why ethics matters, as well as five important lessons the COVID-19 pandemic is teaching us.Trust - the Key to Business SuccessYonason shares a story that illustrates how one moment of disrespect can destroy trust between an employer and an employee. He explains, “When you create a culture of trust, that generates loyalty, it generates passion, it generates productivity... The employees are engaged and want to give their all... And so they're looking for opportunities to prove themselves by doing the best they can. And you have a company culture that thrives, it's vibrant, it’s exciting. People want to come to work, and success is a foregone conclusion.” How Alcoa’s market value increased by 900% because of Paul O'Neill’s ethical leadership is a testament to the value of building a culture of trust, he says. He then talks about the huge cost of worker disengagement and points out that “Companies that are ranked highest for ethics, they grow faster than average, employees report being more satisfied, being more energized, being more loyal, recommending this job to friends and family.”Listening Is a Key Leadership SkillTom comments that the ability to listen is the second most important step in fostering a speak-up culture. Yonason says that listening is how we get to know other people, and the more we know other people, the more we know ourselves. “The more discussion there is looking from every possible angle, the more likely it is that the conclusions and the decisions that we reach are going to be the best possible conclusions and decisions that we can reach,” he remarks.  Lessons from CoronavirusTom asks Yonason to share the practical lessons about ethics that we can learn from the pandemic. Yonason summarizes them as: Everything you do matters: the essence of ethics is to be aware of how your actions affect the world around you. Protect your ethical health: behavior is infectious. What you don’t see can hurt you. We need each other. Don’t wait for the next epidemic. Secrets of Ethical AffluenceYou can become ethically affluent by minding the CoDE of ethics. Yonason explains that this acronym stands for Communication, Diversity, and Ethics. He details why each aspect is important. Of diversity he says, “Diversity is not just cultural or ethnic diversity, it’s intellectual diversity. It’s having people coming from different points of view… and different experiences… That intellectual diversity stimulates thought and new ideas…”ResourcesYonasonGoldson.comYonason Goldson on LinkedInThe ROI of EthicsThe Ethics of EpidemicTEDx Talk: How I Became My Own Worst NightmareEbook: The Secrets of Ethical Affluence

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I have visited with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over this week, we have reviewed the current Governance, Risk, and Compliance (GRC) landscape, looked at GRC at work, considered GRC and the investment community, reviewed GRC and K2 Intelligence FIN and today, in Part 5, we conclude with a look at GRC then and now.I found most interestingly that Jeremy Kroll believes one of the key mainstays of GRC is something that many compliance professionals are only now coming to realize, which is that proactive compliance is more effective and more cost effective than reactive compliance. With the addition of technology, it is possible to do things not only more quickly and more efficiently but in a much more cost-effective manner. Jeremy Kroll noted, “What we’re seeing is the velocity of data available, the increasingly important role of technology, coupled with a multi-disciplined approach within organizations to create governance, frameworks, risk management techniques and abilities, and compliance programs that are even more essential now.”Moving forward, compliance and ethics as well as GRC professionals, who are living and breathing the mission every day, are more fully operationalized down to the front lines. It is these risk management professionals who will be the ones first identifying the risk and risk management strategy. As Jeremy Kroll noted, “This will help you to flatten the curve and that risk particularly to your reputation or your business. I would say, come on over the water’s warm here, we’re growing very quickly. And I think as a proof point, the investment community is showing up every day at our doorstep. And they’re also thankfully investing in a lot of other businesses in our field and technology, RegTech, CompliTech, also professional services and advisory.”We ended by agreeing that GRC is going to be one of the most exciting areas, including the outsourcing of compliance, which also includes training and education. Here Jeremy Kroll said, “we are taking people who are already in their forties, fifties, or even sixties, and we’re retraining them. And so, pivoting and making a career change and growing in this field, this is a growth field and we want that wisdom. We want that judgment. We want that business or life experience. And you can couple that with young employees and technology enablement, and then you can add tremendous value to clients.” It really does not get much better than that.Check out the LinkedIn page for K2 Intelligence FIN here.Check out the K2 Intelligence FIN website here.

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week am visiting with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over the week, we have reviewed the current Governance, Risk, and Compliance (GRC) landscape, looked at GRC at work, considered GRC and the investment community. In Part 4, we consider GRC and K2 Intelligence FIN and will conclude tomorrow with a look at GRC then and now. Jeremy Kroll counseled that you must “start with an investigative mindset and understanding what the core risks are. Where is that inflection point? Sometimes you might find out a little bit late, but so long as you are quick to react and pivot, you can change the calculus. That means you have to be ready with enough resources internally. You need to make sure that you have a couple of key crisis response or organizations on speed dial because you can’t do everything yourself and your team is usually focused on doing business as usual.” He ended with “how do you be prepared and be in a position to make sure it is a normalized environment when you are dealing with a significant risk to your organization?”Jeremy Kroll went on to note that it begins with asking some interesting questions such as (1) Do you have the internal resources to address this? (2) Do you need to look externally for support? Looking down the road (in an Einsteinian sort of way); (3) Can you see around the corner? And perhaps most importantly, (4) Do you know what trends or crises may impact you in 6 months, a year from now or 5 years from now?Jeremy Kroll cautioned that complacency is the foe of preparedness. As he said, “I think the minute someone gets sort of comfortable and says, oh, we got this or we’ve gained this whole thing out. We figured it all out. That’s the beginning of the end.” To prevent this a business executive, senior management and the Board of Directors have to be great listeners and ask questions, such as what’s the next issue that’s going to become a trend? and what should I be looking out for in my business and also the businesses of my clients?K2 Intelligence FIN has many services which act in concert and parallel. In the area of third-party risk management, it begins with enhanced due diligence platforms. K2 FIN is often called in by companies to conduct third party vetting; reverse or self-due diligence, typically in the case of preparing for a sale; social media due diligence – a proprietary platform we actually developed that helps analyze large volumes of associated content to show a bigger picture. This demonstrates that due diligence is not something you do once and walk away from – it’s something that should be conducted on an ongoing basis to make sure you have the lay of the land, you understand the risk environment, you know what has changed and evolved. This is particularly important in GRC frameworks.Next is Portfolio Risk Management, where K2 FIN works closely with clients to develop a risk assessment methodology based on a systematic approach to risk which applies objective assessment criteria consistent with regulatory guidance and global standards. The methodology will utilize both qualitative data and key quantitative metrics to embed a given entity’s risk appetite into investment decisions and ongoing business operations and provide appropriate risk assessment and management of both portfolio and target investments. Adopting a consistent risk scoring methodology across risk areas will allow for more clear comparisons of risk across domains and investment targets and enable more effective ongoing risk monitoring, reporting, and mitigation.Please join us for our final episode of this podcast series where we examine GRC: then and now.Check out the LinkedIn page for K2 Intelligence FIN here.Check out the K2 Intelligence FIN website here.

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I visit with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over this week, we are reviewing the current Governance, Risk, and Compliance (GRC) landscape, GRC at work, GRC and the investment community, GRC and K2 Intelligence FIN and will conclude with a look at GRC then and now. In Part 3, we consider GRC and the investment community.It turns out that the investment community should be one of the biggest users of GRC platforms and technologies, particularly when we examine recent events around risk exposure in anti-money laundering (AML) and other illicit activity. Private equity is built to grow businesses and GRC is a key component as a solutions system. One regulatory area that Jeremy Kroll pointed to was AML, “AML was something you might hear about because of narco-traffickers and that some of the big money center banks were in trouble because they were banking drug dealers. After September 11th, everything changed. There was a wellspring of professionals entering the field, either they entered it because they wanted to serve in government or they wanted to pivot in their careers and go from being an auditor, a lawyer, an in-house risk manager into this whole area of fighting terrorism, through tracking, tracing, and reducing the threat of illicit finance. It only picked up steam and in part because of the whole financial collapse and crisis in 2008. Even beyond that, I think what happened was that the regulatory and enforcement bodies both in the United States and Europe have really committed to cracking down because there is money laundering going on.”All of this has led Jeremy Kroll to conclude that investment firms are looking to invest in companies that can help mitigate these risks more than ever in a post-COVID 19 environment and that an increased innovation and growing number of solutions emerging. Please join us tomorrow where we look at GRC and K2 Intelligence FIN.Check out the LinkedIn page for K2 Intelligence FIN here.Check out the K2 Intelligence FIN website here. 

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I visit with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over the week, we will review the current Governance, Risk, and Compliance (GRC) landscape, look at GRC at work, consider GRC and the investment community, review GRC and K2 Intelligence FIN and conclude with a look at GRC then and now. In Part 2, we consider some examples of GRC at work.From the Foreign Corrupt Practices Act (FCPA) world, there is Siemens, which sustained a $1.6bn fine from both US regulators and German regulators for its institutional corruption. The case still remains a landmark settlement and clear failure of a GRC framework. While the company had the rules, policies, and procedures written down, their GRC controls ultimately failed because of a lack of adequate leadership and a culture that enabled corrupt behavior. Following the enforcement action, it became clear they had to reinforce their compliance controls and corporate governance framework.We ended with some of the biggest takeaways. First, mitigate risk on an ongoing basis. Next, be proactive, not reactive. Finally, it is all about culture. Please join us as we explore this and other GRC-related issues over this podcast series. Tomorrow we examine GRC and the investment community.Check out the LinkedIn page for K2 Intelligence FIN here.Check out the K2 Intelligence FIN website here. 

Lisa Beth Lentini Walker says that there was something missing in the compliance and ethics space. Very often, compliance officers find it an isolating profession. She and her partner founded MentorCore as an avenue to improve the well-being of compliance professionals, and to provide the guidance and support they wished they had at the start of their careers. Lisa Beth chats with Tom Fox about the services MentorCore provides.Four Pillars“We can come together and make sure that the profession is more sustainable, welcoming, accessible, and inclusive, and because of this MentorCore was born,” Lisa Beth says. She explains that MentorCore is founded on the four pillars of mentoring, learning, community and development. Reducing the Network GapLinkedIn reported that the three strongest factors that influence your network are your geography, the schools you attended, and the companies you worked for. One of MentorCore’s chief objectives is to reduce the network gap. Tom asks Lisa Beth what is a network gap. She explains that you would have significantly different opportunities based on your network. She argues, “I think that we have a real opportunity to try to find ways to reduce that network gap and break down barriers that prohibit really talented people from living to the utmost and being able to achieve the career successes that they want.”  5 Keys to Better Digital HealthTom asks Lisa Beth to describe how we can improve our digital health. She shares five keys to improving digital well-being, including limiting screen time, focusing on your physical health, and finding a healthy balance. “You should be thinking about whether the digital part of your life is taking over everything and whether you’ve found what’s going to work for you from an overall holistic well-being standpoint,” she advises listeners.ResourcesMentorCoreMentorCore eventsMentorCore on LinkedIn | Instagram | YouTube | Vimeo | Facebook | TwitterLisa Beth Lentini Walker on LinkedIn

Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I visit with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future.Over the week, we will review the current Governance, Risk, and Compliance (GRC) landscape, look at GRC at work, consider GRC and the investment community, review GRC and K2 Intelligence FIN and conclude with a look at GRC then and now. In this Part 1, we consider the current GRC landscape.He concluded that GRC has become a much broader part of the conversation across the board. For example, this has become a larger part of the due diligence process for investors examining portfolio companies or acquisitions. Please join us as we explore this and other GRC-related issues over this podcast series. Tomorrow we examine GRC at work.Check out the LinkedIn page for K2 Intelligence FIN here.Check out the K2 Intelligence FIN website here. 

This week’s guest is the Managing Director - GRC Business Unit at Mitratech, Mark Delgado. He and Tom Fox discuss why automating policy management is no longer a luxury, but a necessity given these unprecedented times.A Cornerstone of CompliancePolicy management is a fundamental building block of compliance, Mark says. Without it you can’t guarantee compliance or operational efficiency. He shares why automating policy management is the only way to ensure both. Apart from the benefits to business leaders and compliance professionals, he argues that employees gain from being able to access all the relevant and up-to-date policy information in one place. The COVID-19 crisis has highlighted the importance of automated policy management, given the rapid and frequent policy changes in most companies.Information Governance in the Time of COVID“Even though we've gone through a period of a lot of change and disruption to operations generally,” Mark says, “regulators, with very few exceptions, have not chosen to retreat or delay implementation or enforcement of regulations around data privacy or financial services operations or any other codes or laws that come to mind. So as organizations now have to contend with remote workforces, the need for formal and comprehensive operational enforcement of information governance has become ever more urgent. So in this world, the risk of data that's pivotal to companies’ operations, or that contains sensitive or private information, being accessed and manipulated outside of the security of the corporate network, has massively increased.” He tells listeners how to choose a robust and comprehensive automated tool to help their business during and after this time.Shadow IT Management and Advice for Business LeadersTom asks, “Mark, could you tell us about a shadow IT management solution and why you feel this is important?” Mark defines shadow IT: “Shadow IT covers the vast number of data sets that exist within an organization, but remain outside of IT’s control and often knowledge.” He explains how shadow IT management works and why it’s critical during normal business, but even more so in times like these. Mark shares his top three tips for navigating the health crisis. Firstly, he says, “ensure that changes to operational practices could be clearly and accurately communicated… Second, eliminate as many informal or manual processes as you can… Thirdly… take control of your mission critical information.”ResourcesMitratech.comMark Delgado on LinkedIn