Episodios

  • Major Cybersecurity Incidents and Regulatory Challenges

    Major Cybersecurity Incidents and Regulatory Challenges
    Jul 24 2024
    The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom Fox and Matt Kelly take a deep dive into the dismissal of the SEC’s enforcement action against Solar Winds and CrowdStrike cybersecurity failures. Tom and Matt begin with UnitedHealth’s costly ransomware attack, a federal judge’s ruling against the SEC’s lawsuit over SolarWinds’ cybersecurity practices, and CrowdStrike’s flawed software update impacting global corporations. The episode explores the regulatory challenges of enforcing effective cybersecurity controls and the implications for companies and their compliance programs. The discussion highlights the need for better IT general controls and the role of different stakeholders, including Congress, regulatory agencies, and audit firms, in addressing these cybersecurity risks. Key Highlights: UnitedHealth Ransomware Attack Breakdown SolarWinds Cybersecurity Lawsuit Regulatory Challenges and Implications Operational Risk Management and IT Controls Call to Action for Compliance and Audit Professionals Resources: Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    23 m
  • The Convergence of Cybersecurity and Internal Controls

    The Convergence of Cybersecurity and Internal Controls
    Jul 17 2024
    The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom Fox and Matt Kelly take a deep dive into a recent SEC enforcement action involving RR Donnelley, where a cyber breach was characterized as an internal control In this episode, we discuss how criminal activities in cyberspace are outpacing regulatory measures and the law’s ability to keep up. The conversation touches on the idea that access controls for valuable corporate assets, whether financial data or sensitive information, are becoming indistinguishable in the eyes of cybercriminals. The discussion includes a thought-provoking perspective on merging cybersecurity and anti-money laundering functions, as both deal with improper electronic transactions. The core concern is not just the breach itself, but also the prevention of data exfiltration. Key Highlights: Corporate Jewels: Money vs. Data Cybersecurity and Anti-Money Laundering Improper Electronic Transactions Focus on Data Exfiltration Conclusion: Preventing Data Theft Resources: Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    24 m
  • The Supreme Court and Compliance

    The Supreme Court and Compliance
    Jul 10 2024
    The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode Tom Fox and Matt Kelly take a deep dive analyzing term-ending Supreme Court decisions from a compliance perspective. They address the Jarkesy decision on SEC in-house tribunals, the Loper ruling overturning the Chevron deference doctrine, and the Snyder decision that narrows the scope of federal anti-corruption law. Despite the headlines, they conclude that these rulings have minimal direct impact on corporate compliance programs, emphasizing the ongoing importance of ethical integrity and effective compliance practices. Key Highlights · Supreme Court Cases Impacting Compliance · The Jarkesy Decision: Minimal Impact on Compliance · The Loper Case: Chevron Deference Overturned · The Snyder Decision: A Controversial Ruling · Implications and Final Thoughts Resources Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    29 m
  • Navigating DOJ’s Boeing Dilemma Under DPA Violations

    Navigating DOJ’s Boeing Dilemma Under DPA Violations
    Jun 26 2024
    The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode Tom Fox and Matt Kelly take a deep dive into the complexities surrounding the Department of Justice's potential decision to criminally prosecute Boeing under its Deferred Prosecution Agreement (DPA) related to the 737 MAX crashes. They explore the various facets of corporate justice, including retribution, remediation, and societal interests, as well as the challenges in balancing justice for the victims and the broader implications for public safety and corporate culture. The discussion also covers the FAA’s role, the potential for new operational limits on Boeing, the impact and structure of compliance monitorships, and what compliance officers can learn from this high-stakes scenario. Key Highlights · DOJ and Boeing: The 737 MAX Dilemma · Corporate Justice: Individuals vs. Corporations · Balancing Justice and Corporate Interests · Deferred Prosecution Agreements: Compliance Challenges · 07:33 Financial Penalties vs. Operational Limits · The Potential of Monitorships · FAA's Role and Challenges · Compliance Lessons and Future Considerations Resources Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    29 m
  • AI Accountability and Explainability

    AI Accountability and Explainability
    Jun 12 2024
    The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode Tom Fox and Matt Kelly delve into the recent speech by Michael Hsu, the head of the Office of the Comptroller of the Currency, on the accountability challenges posed by artificial intelligence in the banking sector. The discussion highlights Hsu's emphasis on the lack of a robust accountability framework for AI, illustrating the issue with the Air Canada chatbot incident. The conversation also touches on potential systemic risks AI could pose to the financial sector, the need for explainable AI, and the shared responsibility model used in cloud computing as a potential template for addressing these challenges. The episode underscores the necessity for compliance officers to ensure contracts and IT controls are in place and stresses the importance of developing trust and accountability mechanisms before widespread AI adoption. Key Highlights · AI Accountability: A Regulator's Perspective · Case Study: Air Canada's AI Mishap · Legal and Technological Challenges · Exploring Solutions and Shared Responsibility Resources Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    26 m
  • Analyzing The Trump Conviction: Compliance Lessons from an Unprecedented Case

    Analyzing The Trump Conviction: Compliance Lessons from an Unprecedented Case
    Jun 5 2024
    The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode of ‘Compliance Into the Weeds’, Tom and Matt take a deep dive into last week’s trial verdict against Donald Trump in NYC and lessons for the compliance professional. We explore the importance of internal controls, consistent consequence management, and effective leadership. They also delve into how compliance officers can learn from the storytelling strategies used in the trial and emphasize the application of the rule of law. Key Highlights: Overview of Trump’s Criminal Conviction Internal Controls and Compliance Lessons Consequences Management and Consistent Enforcement Ethical Leadership and Communication Who is your audience? Storytelling in Compliance Final Thoughts and Rule of Law Resources: Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    25 m
  • Of Fat Fingers, Internal Controls and Compliance

    Of Fat Fingers, Internal Controls and Compliance
    May 29 2024
    The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt delve deep into Citigroup’s $126 million trading error, resulting from poor internal controls. They discuss how a simple ‘fat finger’ error by a trader led to a major flash crash on European stock exchanges in 2022, and how the failure of Citigroup’s internal controls allowed it to happen. The discussion covers multiple compliance lessons, including the importance of understanding the human element in control design, the need for adequate staffing and monitoring, and the necessity of consistent global risk management. Fox and Kelly also highlight the importance of addressing findings from internal audits and maintaining urgency in improving internal controls. They emphasize that companies should think creatively about risk management, taking into account various global factors, including holidays and local regulations. Key Highlights: The Citigroup Internal Control Fiasco Compliance Lessons from Citigroup's Mistake The Human Element in Compliance and Control Failures Global Consistency in Risk Management Resources: Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    29 m
  • Sustainability and Managing 3rd Party Risk

    Sustainability and Managing 3rd Party Risk
    May 22 2024
    The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom Fox and Matt Kelly take a deep dive into a recent report by Prevalent on Third Party Risk Management in 2024 and Microsoft’s 2024 Environmental Sustainability Report. Tom and Matt discuss the challenge companies face in aligning their sustainability goals with their supply chain management. They question whether sustainability functions within a company have the authority to influence supply chain decisions, such as rejecting suppliers that do not meet sustainability criteria. We discuss the Microsoft Report, noting that while the company acknowledges it has not yet achieved the ability to reject non-compliant suppliers, it suggests a target of improvement by 2030. The core issue highlighted is whether sustainability initiatives will have significant influence over supply chain decisions in the future. Key Highlights: Intersection of Supply Chain Risk Management and Sustainability The Role of Sustainability in Supply Chain Decisions Microsoft’s Journey Towards Sustainable Supply Chain Management The Energy Industry Model Resources: Matt on Radical Compliance Tom Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
    Más Menos
    30 m