Innovation In Compliance With Tom Fox

Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences, is a trained medical practitioner, but his professional background is “almost 100% IT and cybersecurity.” He has always been interested in technology: in medical school he helped develop a program to assist clinicians in diagnosing their patients more accurately. He joins Tom Fox on Day 3 of Microsoft Week to talk about the role of cybersecurity in life sciences and the traits cybersecurity professionals need to do their jobs effectively. The Role of Cybersecurity Tom asks, “What is the role of cybersecurity in the healthcare life science industry today?” Joseph responds that it’s a must-have since this industry is considered critical infrastructure. People’s lives depend on keeping systems and processes safe from cyber attacks, he points out. Most medical devices now have communication components such as WiFi or Bluetooth - these are called connected medical devices - so they are vulnerable to cybersecurity breaches which can cau

Abbas Kudrati is the Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group and is Tom Fox’s second guest on Microsoft Week. Abbas has spent the duration of his career providing thought leadership, strategic direction, and deep customer and partner engagement through Microsoft’s initiatives and operations. On this episode, he and Tom are talking about a range of topics surrounding info security and Abbas’ role at Microsoft. The Evolution of Cybersecurity & Its Challenges When security was first introduced, it was called IT Security, and its primary focus was securing everything within a network behind a firewall. Society has since moved from a firewall to the cloud. The focus on complaints within an organization has also shifted from local to multinational.  End-to-End Security End-to-end security’s focus is people, process, and technology. Abbas says that focusing on end-to-end security means turning your attention to 14 different domains of policy. It means ensuring that the right

Alan Gibson is the current Director of Legal and Compliance Innovation at Microsoft and is Tom Fox’s first guest on Microsoft Week at the Innovation in Compliance podcast. Alan has worked in various fields - from legal to compliance to business. He’s a thought leader and currently involved in helping companies manage compliance risks and measure program effectiveness. He and Tom discuss his role at Microsoft and what companies need to be thinking about in the future with respect to legal compliance. Data Analytics in Microsoft Tom asks Alan to explain how Microsoft implements its data analytics program for compliance. Alan responds that the focus was on first identifying which sales agreements and channel partners posed the most corruption risk to Microsoft. “Our compliance team partnered closely with our finance internal audit and our business team to figure out how we could use the data that we were collecting in our sales contracts and from our third parties to create this early warning and monitoring sys

Jedidiah Yueh is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Jedidiah is a data innovator, a best-selling author, and the founder and CEO of Delphix. He has spent the last two decades decoding innovation and collecting and testing frameworks that motivate many successful entrepreneurs in technology. Jedidiah has invented software products worth more than $4 billion in sales. He joins Tom Fox to discuss digital transformation and digital disruption, and what companies need to know and do about both. Technology, Creativity & Evolution “What's interesting about technology today is it's an incredibly broad white canvas,” Jed begins. Creativity is applied to the development of technology as much as it is to the liberal arts, he tells Tom. “If you think about some of the things that you do as an English major where you're really looking for these themes and these tropes within works of literature… You have to do that for the world of technology as well.” Tech evolves on so many levels that y

Dan Zitting is the CEO of Galvanize and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Dan was the Chief Product Officer of Galvanize before taking up the CEO role. Galvanize is a software company that helps its clients achieve their goals and objectives. Dan and Tom discuss GRC software, the role of GRC professionals, and why data is so important to a company’s operations. The Evolving Role of GRC GRC refers to a company's governance, risk management, and compliance capabilities in achieving its objectives. The pandemic has proven that GRC is a valued and impactful asset. As a result, the scope and demand for GRC professionals and their services have accelerated. “We had the ability to work through one of the most pervasive risk issues to come along in decades, and it demonstrated the value of risk management and the value of strong governance,” Dan tells Tom. “Our role is to think about how we can demonstrate that same level of value in all of the other areas of risk that were alread

Chenthil Eswaran is the Practice Head of Enterprise Solutions at Aspire Systems and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Chenthil leads go-to market strategy, implementation, and is a thought leader in CX Transformation. Prior to his current role at Aspire, he held application development, application maintenance, and managerial positions. On this week’s show, he and Tom are talking about cloud and data storage, data security, and how compliance professionals can create a digitally fluid future for their companies. Cloud Adoption The pandemic caused businesses that were initially hesitant to engage in digital transformation to upgrade their operations. Chenthil tells Tom it’s a perfect time to take stock of the impact of cloud power on business applications. “We need a collaborative tech ecosystem that allows both systems and cloud applications to work in unison,” he remarks. “That way you get the ability to shift certain workloads to the cloud-based on the evolving demands.

Zach Moreno and Rockwell Felder are the co-founders of SquadCast. Their company’s mission is to make it easier for their clients and their clients’ guests to have meaningful conversations while offering the best quality in remote locations. Zach is a podcaster, an author, a developer, a designer, and an artist. Rockwell is a CPA and an entrepreneur.  Zach and Rockwell join Tom Fox on this week’s episode to talk about collaboration, the podcast industry, and the ways Squadcast helps its clients. Origins of Squadcast Squadcast was founded to fix the problem of poor quality technology within the podcast community. Zach and Rockwell tell Tom how they started the company: “When [Zach] approached me with this idea...I was really ready and the fact that it was rooted at this intersection of podcasting and remote collaboration, which he and I think we're very fortunate to be exposed to early on in our career,” Rockwell says. Building a product that helps creators collaborate in a high-quality manner just made sense

In this special episode of K2's Integrity Matters podcast series, I visit with Gabe Hidalgo. Hidalgo is a Managing Director at K2 Integrity. He has 20 years of legal, regulatory compliance, and Anti-Money Laundering (AML) experience working with wholesale and retail banks, FinTech companies, broker/dealers, and money services business entities. Hidalgo is a recognized subject-matter expert in the cryptocurrency and digital assets market and is able to help clients navigate and mitigate Bank Secrecy Act and Anti-Money Laundering (BSA/AML) compliance risks. In this podcast, we take a deep dive into the current issues around cryptocurrency regulation and where they may be headed down the road. Some of the highlights include: The Current Landscape Consumer and institutional push into crypto. NFTs are growing in popularity. What is the significance? Heavy institutional hitters buying in of late. Is the little guy now cut out? Current Regulatory Climate Alternative currency has gone from to an asset class bein

Jeffrey Hayzlett is a global business celebrity, the CEO of The Hayzlett Group and the founder of The C Suite Network. He is a primetime television and podcast show host, author, and a keynote speaker. As a leading business expert, Jeffrey has shared his insight and expertise through various television networks and around the world via his travels. Tom Fox welcomes him to this week’s episode as they discuss the C-Suite Network, diversity, and the effects of COVID-19 on executives. Pivoting in The Pandemic The pandemic made Jeffrey and his team consider what they could do differently about their network conferences. “It really got down to the fundamental piece . . . we really don't have to be together, meaning face-to-face to do the work that we need to do,” Jeffrey tells Tom. Tom remarks that this approach transformed the C-Suite Network as its membership grew exponentially. The key element, Jeffrey stresses, is that everyone wants to come together to do something together, and to learn and share each other’

Welcome to a special five-part podcast series sponsored by K2 Integrity. In this series, we have considered the intersection of compliance, diligence and mergers & acquisitions (M&A). I have been joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this concluding episo

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this episode, I visit with Tom ab

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this third episode, I visit with

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this second episode, I visit with

Kayvan Alikhani is the CEO and co-founder of Compliance.ai, a company dedicated to empowering professionals with the smartest regulatory and compliance change management platform. He has over thirty years of experience and expertise in software and cybersecurity. Tom Fox welcomes him to this week’s episode as they discuss modernizing compliance practices and helping risk practitioners do a better job of managing risk. Red Tech It used to be that compliance professionals could manage the pace and complexity of regulations and changes happening around them with simple tools. Presently, the scope of changes and complexity has increased, giving rise to a set of modern solutions that can capture, monitor, and take action on these changes. This modern technology is called red tech.  Compliance Meets AI Tom asks Kayvan to explain what ‘Compliance meets AI’ means to him. Kayvan responds that it means using AI to help compliance professionals make regulatory changes. “Artificial intelligence emerging as a stable, re

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this first episode, I visit with

Justin Beals is the CEO and co-founder of Strike Graph, a company helping customers get through their cybersecurity audits. He’s a serial entrepreneur with expertise in AI, cybersecurity, and governance. He founded Strike Graph with the goal to make cybersecurity standards easy to understand and easily accessible. Tom Fox welcomes him to this week’s show to discuss cybersecurity, auditing, and building maturity within an organization. SOC/SOC2 Audit Justin explains to Tom the origins of SOC: it was created to ensure that third-party vendors who trade with public companies, and the public companies themselves, were implementing effective cybersecurity practices. SOC2 Audit is a cybersecurity standard that focuses on security within an organization in a number of ways including HR practices, code of conduct, and other compliance liability issues. SOC2 analysis is about how data is encrypted and how new codes get put on servers. “The achievement of something like a SOC2 represents two things: one is an organiza

Rashelle Tanner is the Director of Compliance Learning Program at the Office of Legal Compliance at Microsoft. A senior attorney, she is responsible for the trust and integrity learning program for Ethics and Compliance. Rashelle develops and delivers learner-centered anti-corruption and ethical decision-making courses that empower employees to do business the right way. Tom Fox welcomes her to this week’s show to discuss how compliance professionals can incorporate and promote integrity in training, and how to reimagine training in innovative ways for the organization’s ultimate benefit. The Importance of Integrity Tom asks Rashelle to explain why integrity is integral to compliance. She stresses that people have to follow rules not just because they’re there, but also because they feel motivated to do so. The focus on “doing the right thing” is becoming less on what you can and cannot do, and more on your day-to-day decisions. Focusing on integrity will help you make more ethical decisions. Compliance and

Stacey Hanke is an author, keynote speaker, and the founder of Stacey Hanke Inc. The goal of Stacey Hanke Inc is to help leaders become their true selves by equipping them with the tools to increase their confidence and authenticity. Tom Fox welcomes her to this week’s show as they discuss influence and how it can help leaders and people who simply wish to learn how to become better employees. The Importance of Consistency Tom asks Stacey to explain why consistency is critical to influence. Stacey expresses that it shows our peers, customers, and employees who we truly are as business leaders. Consistency in all forms within your organization - from how you answer messages and calls, to how you show up for interactions - builds trust. The moment we stop behaving consistently, we run the risk of individuals second-guessing who we are, and that creates a break in trust. Trust is the backbone of influence. Trust comes from respect, and they both work together to drive influence, so leaders have to stay consiste

Today, we wrap up our multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc., with a special bonus episode where Parth Chanda, Founder and Chief Executive Officer (CEO), and I discuss Lextegrity’s Integrity Analytics Collective.  What is the Integrity Analytics Collective? I put that question to its founder Chanda. He related that it was launched in 2020 “in partnership with nearly a dozen partner organizations from across the world.” It’s ultimate goal is to “collaborate with thought leaders to further democratize data analytics for organizations of all sizes globally.” The Collective brings together the practitioners from member organizations “who are really ‘into the weeds’ practitioners, they are thought leaders in those organizations and they bring all of us together with as well.” What we all have in common is “a desire to raise the standard of data analytics for everyone who wants access to them.” The Collective wants to help organizations of any size in the world

Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over this series, we have visited with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We have looked at the Lextegrity Product Suite, taken a deep dive into continuous risk monitoring, considered pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 5, I visit with Bonitatibus on integrations and the user experience.  We began with data integration, which is one of the biggest challenges facing every Chief Compliance Officer (CCO), compliance professional and indeed corporate compliance function. Bonitatibus said the starting point is to create software solutions that are intuitive, data-driven and integrated. Lextegrity has created various integrations in the pre-approval application, co