Right now, in your organization—regardless of size, industry, or location—some of your coworkers are using artificial intelligence (AI) systems like ChatGPT to produce their work outputs. They are using it for:

• Writing first drafts of outputs like marketing and sales emails

• Creating or editing images for presentations

• Updating Excel sheets and databases with the most recent monthly sales data

Of course, new software tools are used constantly. What sets so-called generative AI apart is its ease of use and access; your employees can sign up and start using ChatGPT for free, without permission from their manager or anyone in compliance. And these tools are so powerful, and advancing so much each week, that more and more work will be done in generative AI systems.

Compliance programs come in many shapes and sizes depending on the organization and industry. Compliance professionals rely on the U.S. Federal Sentencing Commission’s Effective Compliance and Ethics Program guidelines, along with the U.S. Department of Justice’s Evaluation of Corporate Compliance Programs. Government contractors use the Federal Acquisition Regulation’s Contractor Code of Business Ethics and Conduct. All are great resources and have come a long way in helping compliance professionals figure out how to formulate and tailor their programs.

But what happens if you are in a smaller organization? With 500 employees in a less-regulated sector, having a robust compliance program as outlined in these guidelines might seem like overkill.

The first step should be to take an inventory of where your organization currently stands:

Customer due diligence (DD) is a fundamental component in compliance, ensuring that banks comply with anti-money laundering (AML) laws and protect themselves from fraud. Even though banks have spent billions of dollars on AML procedures, and the modern market offers a variety of IT programs for compliance, banks continue to commit AML violations, and regulatory audits often end with complaints about the quality of customer data. That’s why compliance professionals know that in 2024, the term KYC doesn’t mean “know your customer” but rather “kill your career.”

This article will take a closer look at this year’s most significant KYC trends and the modern secrets of DD methodology in banking.

Conversation is easily underestimated. We often overlook the incredible power of this simple act in our daily lives. Consider all the time we spend sending emails, attending meetings, or otherwise sharing information. How much of this is effective, and why should compliance professionals care?

Conversation is more than a tool for exchanging information. It acts as the foundational structure to build organizational success, an integral component connecting every corporate action.^[1] The importance of forward-looking compliance conversation cannot be overlooked. Whether in trainings, informal gatherings, or emails, the words we choose to use in conversation need to be effective and efficient.

In the intricate tapestry of modern business, compliance reports stand as vital threads, ensuring that organizations not only adhere to legal and ethical standards but also communicate their adherence effectively. However, the art of crafting these reports is no mere administrative task; it’s a nuanced exercise in precision and adaptability, often learned through trial and error in real-life experiences.

As organizations strive to maintain ethical practices and adhere to regulatory guidelines, the U.S. Department of Health and Human Services Office of Inspector General (OIG) plays a crucial role in ensuring compliance within the healthcare industry. The 2023 OIG compliance update brought forth new measures and guidelines that organizations must implement to enhance their compliance programs,^[1] and although OIG deals specifically with healthcare, some of its directives can apply to any compliance program. This column will explore the key aspects of the update and discuss how organizations can measure their progress in implementing these updates over the past year.

I have been researching the increasing activity of “First Amendment auditors” or “social media auditors” who exercise their rights to film in public spaces and record antagonistic interactions with security staff at the gates of businesses and government premises—sometimes using drones to film from above. They use their footage to monetize their interactions on social media accounts. It made me realize that we need to train our staff to react appropriately to such auditors—particularly as their activity becomes more common.

By coincidence, the U.K. National Protective Security Authority published guidance in December 2023 that states:

You probably know if you’re a night owl or a morning person. Sadly, it doesn’t matter for most of us since we typically work nine-to-five (or seven-to-seven!). But just because you don’t choose your working hours doesn’t mean you have no choice in how you spend them. You can plan to make every week the best it can be by monitoring your energy and planning accordingly. Here’s how to do it.