Episodios

  • Mark Diamond on Rethinking Records Retention [Podcast]

    Mark Diamond on Rethinking Records Retention [Podcast]
    Jun 12 2025
    By Adam Turteltaub Mark Diamond wants you to stop thinking of records retention as a chore and start thinking of it as a driver of compliance. In this podcast the President & CEO of Contoural shares that retention schedules have grown in importance with increased requirements for privacy and safeguarding personal data. That, in turn, is having an enormous impact on the risks and costs of ediscovery. Proper retention schedules also have significant impact on employee productivity and collaboration, as well as using AI in less risky ways. Organizations are now increasingly treating records based on their business value and are developing retention schedules that reflect their worth. One of the greatest challenges they face, though, is the tendency of employees to want to hold onto everything just in case. While it’s understandable, it adversely affects efficiency, as employees are forced to wade their way through obsolete records. Part of the solution, he suggests, is to develop a “super schedule” for document retention. Rather than having multiple different policies which can cause confusion, having one overall policy vastly simplifies things for employees and allows for greater automation. Listen in to learn more, but don’t retain this podcast longer than you should. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    15 m
  • Nick Gallo on the Controls Paradox [Podcast]

    Nick Gallo on the Controls Paradox [Podcast]
    Jun 10 2025
    By Adam Turteltaub In a recent issue of Compliance & Ethics Professional ®, Nick Gallo, Chief Servant and Co-CEO of Ethico addressed the control paradox, a situation in which the controls designed to prevent misconduct, actually encourage it. Think of it like the person whose car has so many airbags that they no longer fear an accident and drive quicker. So what’s the solution? He argues it’s creating an environment where we have faith in controls, but not too much, and focus on helping those on the front line make the right decisions. That includes, he says, teaching not just what you should do but why. It also means encouraging ownership of ethical issues, not outsourcing it. Listen in to learn more about how to get better control on your controls. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    13 m
  • Chris Audet on Third Party Risk [Podcast]

    Chris Audet on Third Party Risk [Podcast]
    Jun 5 2025
    By Adam Turteltaub Recently, Gartner released very intriguing research into third party risk. Chris Audet, Vice President and Chief of Research in the Gartner Assurance Practice tell us that they found business has it’s spending all wrong. Too much is invested in due diligence, and not enough time and effort is spent on monitoring. There research found that the business unit knows the risks third parties pose and is seeing it firsthand. When relationship managers were surveyed, 84% had seen changes to the risk profile and 76% found a third party had provided materially inaccurate information. In fact, 95% had seen something troubling in the past year. So why aren’t they reporting this information to the compliance team and what would get them to share more? There were three main answers, Chris reports: Creating more relationship ownership objectivity. Too many feel too strong a tie to the third party. Confidence in identifying red flags. Encouraging objectivity and providing reassurance that compliance won’t over-react. He also advises making it easy for third party relationship owners to contact compliance and to work compliance into the workflow. Listen in to learn more about the benefits of rebalancing the third party risk equation. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    11 m
  • Robert Stratton on Healthcare Enterprise Risk Management [Podcast]

    Robert Stratton on Healthcare Enterprise Risk Management [Podcast]
    Jun 3 2025
    By Adam Turteltaub Risk assessments are not new in healthcare, and in specific regulatory areas are required. But, that doesn’t mean things aren’t changing. More and more organizations are embracing enterprise risk assessments (ERM) as a way to assess the range of risks that they face, including legal and regulatory concerns. Getting the risk assessment right is particularly challenging for healthcare organizations, explains Robert Stratton, Executive Director – Enterprise Risk and Security; Corporate Compliance Official and Senior Counsel for Northwest Permanente. Robert is also the author of the chapter “Enterprise Risk Management in Healthcare” in the latest edition of the Complete Healthcare Compliance Manual. The mix of insurance, patient care professionals, large sums of money and complex structures makes the risk map challenging. On the positive side, electronic health records can provide a wealth of information to inform your ERM efforts, as can frontline employees who can provide insights into what is going on behind the numbers. Once the risks are mapped, there are four ways to manage them, he explains: transfer, accept, mitigate and avoid. It’s hard to do any of them cleanly, but it’s important to understand which approach or approaches are best for a given risk. All four approaches, he adds, need to be accompanied by a culture which is aware of the risks, understands the risk appetite of the organization and their department, and acts accordingly. Listen in to learn more about ERM and how compliance can play an effective role in identifying and managing risk. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    10 m
  • Ryan Redman and Brett Sommers on AI and Cybercrime [Podcast]

    Ryan Redman and Brett Sommers on AI and Cybercrime [Podcast]
    May 29 2025
    By Adam Turteltaub As if ransomware and phishing attacks weren’t enough to keep us up at night, now AI is enabling a whole new range of cyber threats. Ryan Redman, Product Manager, Marketing and Brett Sommers, Director of GRC Products at Onspring warn that the nature of attacks is evolving. Vishing, in which criminals use technology to imitate the voices of colleagues and organization leaders, is being used to trick people into revealing passwords, share data or send money. Employees need to learn to be wary and even confirm requests, even from trusted voices, via email or other means. Healthcare and manufacturing are two industries that have been singled out by bad actors for this kind of attack. Aside from training, what else can compliance teams do? They recommend: Focusing your resources on high value risk areas Ensuring your cyber defenses are as strong as they need to be Reviewing your third parties to ensure that a compromise won’t come from someone hacking into their systems Understanding how AI is being used by your organization and vendors to make sure that the security is adequate Being transparent about your expectations Listen in to learn more. I swear it’s really us and not AI. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    12 m
  • Anna Romberg on Compliance Amidst a Global Consensus Breakdown [Podcast]

    Anna Romberg on Compliance Amidst a Global Consensus Breakdown [Podcast]
    May 27 2025
    By Adam Turteltaub These are fractious times, and it’s often difficult to figure out what to do, what comes next and keep people with divergent views working together. Despite these challenges, Anna Romberg, Executive Vice President, Sustainability, Legal and Compliance for Getinge, doesn’t believe that things are hopeless. In an article she co-authored with Richard Bistrong for Harvard Business Review, they laid out several strategies for successfully navigating the current era. In this podcast, she reminds us that ethics and compliance programs are about more than following the law. They are also about encouraging good behavior, which includes following the company’s values, no matter how the political winds are blowing. With that said, now is a good time to do what organizations need to do, which is assess their values periodically to ensure that they are relevant, and the organization is living up to them. At the same time, she encourages the compliance team to embrace friction. It is inevitable when facing difficult discussions and different opinions. It’s also a sign of change and that the matter at hand needed to be dealt with. She also cautions compliance teams to be alert and encourage speaking up. With increased pressure and changing norms, some may lose sight of the need to do the right thing. Listen in for a bit of stability during unstable times. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    11 m
  • Lisa Beth Lentini Walker on Resiliency and Changing Times [Podcast]

    Lisa Beth Lentini Walker on Resiliency and Changing Times [Podcast]
    May 22 2025
    By Adam Turteltaub Do you ever wish you were made of rubber, especially nowadays with so much change? Do you wish that you could be flexible enough to handle every new legal regulatory change or every business demand without breaking? It’s not likely to happen, but compliance industry veteran Lisa Beth Lentini Walker believes that we can become more resilient. Resilience, she observes, is a mindset. We can work to become more adaptable and open to change by framing it in the right way. If you look at it with dread, you are less likely to succeed. But, if you recognize that nothing is permanent, change is inevitable and focus on what needs to be done, the chances of success are much greater. Look at change as an opportunity to shine and show leadership. Become the person who management trusts to look to the future and find the path forward for the organization. The workforce, too, wants to know that they can count on you to keep them safe and the company operating strongly. Listen in to learn more about becoming resilient and an effective compliance leader during changing times. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.
    Más Menos
    14 m
  • Timur Khasanov-Batirov on Compliance in the Former Soviet Central Asian Republics [Podcast]

    Timur Khasanov-Batirov on Compliance in the Former Soviet Central Asian Republics [Podcast]
    May 20 2025
    By Adam Turteltaub Uzbekistan, Kazakhstan, Tajikistan, Turkmenistan and Kyrgyzstan were all born out of the dissolution of the Soviet Union. With large energy deposits of national gas, many global companies and their suppliers are operating within these countries. To better understand the compliance risks there, we spoke with Timur Khasanov-Batirov, a compliance officer with deep and wide roots in the region. While we may think of this area as one region, he warns that there are substantial differences by country. Kazakhstan is the most developed, and compliance has gained significant traction in large companies, primarily in the oil and gas sector. Uzbekistan saw three major FCPA cases, and, as a result, compliance has garnered a great deal of attention. The other three countries have much smaller economies and less developed compliance cultures. In addition, Turkmenistan has a fairly-closed economy, which complicates the picture. While it is easy to focus on the anticorruption risk in the region, there are other challenges. The area has become a significant transshipment point to Russia of prohibited and dual-use goods. In addition, child and forced labor is an issue, especially in the textile industry. To mitigate these risks, especially for sanctions evasion and corruption, companies operating in the region will need to pay close attention to the ownership of companies. That is not always easy to do because corporate structures are often opaque. The desktop-based due diligence systems in the US and Europe are likely not sufficient, Timur advises. Having someone on the ground in the region is likely needed. Listen in to learn more about what it takes to operate a compliance program in this important part of the world. Listen now
    Más Menos
    11 m
adbl_web_global_use_to_activate_webcro805_stickypopup