Innovation in Compliance with Tom Fox

In this week’s Innovation In Compliance show, Tom Fox, together with guests Sean Freidlin, Yan Tougas, and Patrick Henz, have a roundtable discussion about their experience with taking Seattle University’s free course, AI Ethics For Business. They chat about what they felt were the highlights of the course, as well as the opportunities for improvement. Patrick HenzPatrick likes how trainers from different disciplines work together as a team to present the course. He suggests that this interdisciplinary approach could be used by companies for compliance training, since compliance is becoming more of an integrated function, mainly due to budgetary constraints. Patrick emphasizes the importance of continuous learning: the world is changing so quickly that we cannot rely solely on our university training to keep abreast. The topic of robotic process automation was missing from the course, Patrick thinks. He believes that psychology and ethics, topics discussed in the first module, are relevant for all compliance practitioners. He comments, “We’re not only here to identify the bad employees but furthermore to protect the good employees, which includes protecting them against themselves…” Yan TougasOrganizations using and/or creating AI must create their own set of governing values and principles from the outset, Yan points out. Two of those values should be transparency and agency. “If we are going to use AI to make some critical decisions about people’s welfare,” Yan says, “…we need to create room in the process for a human to make a final decision.”  He points out that the pressure to rush to market is one reason companies do not create their own values and principles around AI. “We need to be extra careful and make sure that we don't let this pressure to get to market and this pressure to adopt AI blind us from the homework we need to do up front,” he comments.Yan appreciates the Operational Readiness document in Module Three, which he describes as a practical tool compliance practitioners can use. On the other hand, he thinks that the user interface and the quizzes at the end of each module could be improved.Sean FriedlinSean finds it refreshing that a large corporation such as Microsoft has partnered with Seattle University to create free training for the public good. He hopes that more companies would embrace these types of partnerships in the spirit of corporate social responsibility. Sean sees this as the emergence of a deeper commitment to ethics as AI develops. He notes with interest that the Vatican has joined in this conversation. Sean poses two interesting questions: What impact will COVID-19 have on AI advancement?  What makes a good online learning experience? Having the subject matter experts as narrators and anchors throughout the course establishes their credibility; Sean views this as a pattern other course creators should follow. He finds the course content too text-heavy, however, and the UI design mobile unfriendly.Tom FoxThe exercise emphasized for Tom the need for companies to start with ethical values and accountability for the entire organization. You cannot simply ask those involved with these cutting-edge questions to be the sole corporate repository of ethical and moral values, he argues. Put these values in place now, enshrine them throughout your organization so when thebusiness opportunity or a crisis arrives, you would already have the framework in place to make a decision aligned with your company values. The course is a good reminder to consider governance and structure as part of your compliance regime, Tom comments. It was a positive experience overall; however, it may not work for ongoing communications or training due to time.ResourcesSeattle University course- AI Ethics for BusinessRome Call for AI EthicsRome CallVatican joins IBM, Microsoft to call for facial recognition regulation

Tom Fox chats with Senior Vice President of Linedata Technology Services, Jed Gardner in this week’s show. They talk about how Linedata’s solution protects companies within the financial sector from cybersecurity risk and how this leads to increased productivity and profitability.Mitigating Cybersecurity RiskJed says that LineData addresses three main challenges within the financial sector. They provide 1) cloud computing solutions to investment firms; 2) cybersecurity that is SEC- and FINRA- compliant; and 3) 24/7 managed support services that are both remote and on premises from their security operations center.Tom asks Jed to explain how Linedata helps investment firm senior executives address cybersecurity risk. Jed replies that his company is “...providing a level of confidence to senior executives within investment firms that they are protected on a day-to-day, week-to-week, month-to-month basis… The way we’ve been addressing that is by providing levels of service and reporting that do meet the SEC and FINRA requirements, but really push beyond that.” He says that Linedata’s reporting capabilities allow them to use their tool sets to provide a day-to-day view.Jed comments that categorizing data and defining its locations are important considerations in providing their services to clients. He points out that regulated businesses, in particular, should classify their data and understand where it is, understand the risks, and its impact on the business and stakeholders. As such, businesses should have prevention technologies and policies in place to protect their live and archived data. 360° Risk AnalysisJed and Tom discuss Linedata’s approach to cybersecurity with vendors down the supply chain. Jed comments that senior executives want to know all the risks to their business since they ultimately become personally responsible for it. A proper risk analysis, like the 360° risk analysis Linedata offers its clients, can unearth hidden risks. Jed describes the 360° risk analysis process. He remarks, “Being able to implement that for businesses and provide feedback on a regular basis allows us to correctly protect them as much as we possibly can, but also gives the senior executives confidence…” Beyond DDQsTom asks, “...can a compliance solution increase business efficiency and productivity leading to an increase in profitability?” Jed responds that using managed services such as Linedata add value by giving time back to key members of staff, who are then able to provide value back into the business. This increased productivity is what leads to increased profitability. He explains how Linedata gives time back to investment firms by taking away the tedious due diligence questionnaire (DDQ) process. He adds that his clients now have time “to look at how to enable the business to be more productive through the more efficient implementation of security and compliance and then, in turn, utilizing that knowledge to then allow the business to operate more freely and more efficiently.”ResourcesLinedata.com

Welcome to a  sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, using a proactive approach to navigate the CFIUS process, compliance frameworks for risks under CFIUS and cyber risks and access controls under CFIUS. Today, in this concluding Episode 5, I visit with Him Das on effective monitoring and compliance officer solutions for CFIUS. Highlights include: What is a monitorship and how does this work? What will this looks like when it comes to CFIUS? What can companies prepare for in advance of being put under the eye of a monitor?

Welcome to a  sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, using a proactive approach to navigate the CFIUS process, compliance frameworks for risks under CFIUS and effective monitoring for CFIUS. Today, in Episode 4, I visit with David Holley on the CFIUS and cyber risk and access control. Highlights include: Is it just cyber security companies, or how does CFIUS weigh this risk? What steps can investors take to mitigate this in the initial processes? What does an ongoing compliance framework look like to help catalyze continued success?

Welcome to a sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, using a proactive approach to navigate the CFIUS process, CFIUS and cyber risk and access control, and effective monitoring for CFIUS. Today, in Episode 3, I visit with Him Das on the CFIUS process regarding compliance frameworks for sanctions, export control, financial crimes risk and anticorruption risks.Highlights include: When it comes to sanctions and export control, what is CFIUS examining? What sectors are particularly vulnerable to new export control rules and why? How can entities leverage due diligence to mitigate these issues?  

Tom Fox chats with Senior Managing Director of State Street Global Advisors, Rakhi Kumar, about some of her company’s initiatives to make Environmental, Social and Governance (ESG) more approachable for business leaders.Building For The FutureRakhi says that risk keeps evolving and that ESG is a new type of risk. ESG issues tend to be seen as intangibles and nonfinancial. However, they create long term value for the company if managed correctly. She says that State Street’s mission is to invest responsibly to enable economic prosperity and social progress. This means they manage for the long term, which is why social issues inform their strategy. “From a fiduciary perspective what we keep focus on is financial materiality and research informing our decisions ... to ensure we're focused on value creation,” Rakhi notes. “ESG is an opportunity to build for the future and create long term value.”Improving ESG ReportingTom comments that State Street’s research found that less than 25% of companies they evaluated had identified, incorporated and disclosed material ESG issues into their strategy. He asks Rakhi how her company is helping to improve this. She shares State Street’s stewardship initiatives to highlight ESG in the boardroom. In addition, they are raising awareness about the need for standardization across the market. She describes the R-Factor tool which provides a framework to measure “the performance of a company's business operations and governance as it relates to financially material ESG issues facing our company's industry.” Holding Companies AccountableRakhi says that her company will use its proxy voting power to get companies to improve their ESG performance. You can go to State Street’s website to apply for your company’s ESG score, as well as how you rank in relation to other companies. ResourcesR-Factor

Welcome to a  sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through using business intelligence to identify CFIUS threats and vulnerabilities, CFIUS and compliance frameworks, CFIUS and cyber risk and access control, and effective monitoring for CFIUS. Today, in Episode 2, I visit with Him Das on navigating the CFIUS process through proactive management and compliance solutions. Highlights include: What is CFIUS looking for? How do you even begin a filing? What compliance frameworks do you need to get through the process?

Welcome to a  sponsored podcast series where I am exploring how to navigate risk from the Committee on Foreign Investment in the United States (CFIUS), sponsored by K2 Intelligence Financial Integrity Network (K2 Intelligence FIN). Over this five-part series I will visit with David Holley and Him Das the co-leads of CFIUS Advisory Practice at K2 Intelligence FIN. We will consider navigating the CFIUS process through proactive management, CFIUS and compliance frameworks, CFIUS and cyber risk and access control, and effective monitoring for CFIUS. Today, in Episode 1, I visit with David Holley on using business intelligence to identify threats and vulnerabilities under the CFIUS process. Highlights include: A broad overview of CFIUS What role does business intelligence play? What threats and vulnerabilities should be identified and mitigated?

Jordan Domash, General Manager at Relativity, is this week’s guest on the Innovation In Compliance show. He chats with Tom Fox about his company’s Relativity Trace solution, and how to use it in your compliance program. A Proactive ApproachJordan describes Relativity Trace as “...a communication, surveillance, and monitoring tool built on top of the Relativity platform for compliance purposes.” Tom asks him how it can be used in a proactive approach to compliance. He responds that when potential issues need to be investigated, Relativity Trace can sift through millions of files using machine learning, search, and human review to detect risk proactively. He points out that their out of the box policies can detect issues such as bribery, corruption, and price-fixing. In addition, companies can configure their own rules based on the compliance risks that are relevant to their business. When there is a potential compliance violation, the system will proactively generate alerts. Relativity OneTom asks Jordan to talk about another discovery solution Relativity offers, namely Relativity One. Jordan responds that Relativity One is the SAAS version of Relativity: it’s an e-discovery tool that can help you search and review content as part of an investigation, and then create reports. Each activity that happens in Relativity leaves a permanent audit trail, which ensures that the review process is defensible. Document SecurityAfter you self-disclose, the first thing the government asks is if your documents are secure, Tom comments. He asks Jordan how their solution handles security. Jordan describes the tools in Relativity Trace that ensure data security, including the legal hold tool. He reiterates that every action in Relativity is audited. “It's all exportable. It's all filterable. It's all searchable. So it's very possible to take a look at your audit trail and find the relevant behavior or the whole history of the matter, the investigation or the combined process, and share that with regulators.” Tom asks how the solution deals with false positives, in answer to which Jordan outlines various measures built into Relativity that handle this problem. “It’s not just the Machine Learning that can help you reduce false positives right away, but it’s a full collection of tools that Relativity Trace gives you to go through your process quickly… and identify risks in your business,” Jordan comments.ResourcesRelativity Trace

Daniel Ramsey, CEO and Co-Founder of MyOutDesk, a virtual assistant company that helps small to medium-sized businesses get leverage, is this week’s guest. He joins Tom Fox to discuss the untapped resources of virtual assistance.Starting the BusinessTom asks Dan to recount why he founded MyOutDesk. Dan responds that he started a successful real estate practice, but soon realized that he needed more leverage in order to grow his business. However it was hard to find detail-oriented people who could fill in his roles, so he hired a few virtual assistants to do the paperwork and was amazed at their capabilities. From there, Dan says, he asked them if they had connections to other virtual assistants and he started MyOutDesk, which now has about 1200 employees in the Philippines. Blending and Cost EffectivenessDan believes in a blended work chart, where a portion of a company's employees are US based and everyone else is across the globe, and that companies are going to move toward this. It’s not a question of ‘if’, but ‘when’, Dan says. Everyone in your pipeline that is doing the work of running an existing system or process can and will someday be outsourced, which cuts down on costs significantly. According to Dan, one of his employees costs one quarter of the cost of a US based person to employ, meaning that there is incentive for businesses to have a virtual workforce.Vetting and Ongoing MonitoringDan offers advice to business owners about the vetting process of hiring an outsourcing provider. MyOutDesk does an FBI grade background check on all their employees, as well as a medical check to ensure they don’t have any debilitating illnesses that could hinder their productivity. He adds that business owners should ensure their potential outsourcing providers have wide scale experience and are licensed to operate in the countries where they provide their services. For ongoing monitoring of their virtual assistants and using the captured data for continuous improvement, they should invest in some task management or accountability platforms, which are inexpensive to implement and are an easy way to ‘juice’ the relationship between employer and virtual assistant. Talent On DemandMyOutDesk’s solution is talent on demand: when a client comes to them, the company does a thorough consultation about the client’s specific needs, and by the next day the client would have someone ready to work with them. This is beneficial to entrepreneurs, small to medium sized businesses, or any compliance officer running a large operation. ResourcesDaniel Ramsey on LinkedInMyOutDesk.comText SVP to 31996