Compliance Perspectives SCCE

By Adam Turteltaub



In some ways it’s still the Wild West when it comes to AI, with developments happening faster than most can fathom and the law can respond. At the same time, though, the sheriff has begun to arrive.



Gwen Hassan (LinkedIn), Deputy Chief Compliance Officer at Unisys and Adjust Professor at Loyola University Chicago School of Law explains that the EU already has a law in place with a particular focus on ranking the risks of AI, including those that must not be taken, and an emphasis on the privacy implications.



In the US, there is legislation proposed that would require clear notification when content is created using generative AI. It has yet to pass.



Thus far the strongest direction in the US comes out of the White House, where President Biden issued the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.  The order urges ethical generative AI guidelines, sets key goals for what good uses of AI are and calls upon various departments of the government to provide further analysis and direction.



So what should compliance teams do now, despite the legislative holes? She recommends looking at how to extend the existing compliance program to AI and, as AI evolves, develop more specific programs that maps to its risks.



Listen in to learn more about the emerging regulatory climate for AI.

By Adam Turteltaub



If you’re thinking about attending an HCCA Research Compliance Academy, take a few minutes to l to this podcast featuring Kelly Willenberg (LinkedIn), one of the faculty members and founder of Kelly Willenberg & Associates.



Listen in as she explains:



* Who the Academy is for. Basically anyone working in or with oversight of research compliance

* The teaching structure. All of the faculty members have deep research compliance expertise.  They will teach both compliance infrastructure and many of the complexities of the numerous legal risk areas.

* The attendee experience. Small class sizes lead to opportunities to learn from your peers and build an extensive and deep network.



She also gives an overview of the Certified in Healthcare Research Compliance (CHRC) exam. To read more about the exam and see the detailed content outline click here.



So spend ten minutes listening to the podcast, and then plan on attending an HCCA Research Compliance Academy.

By Adam Turteltaub



Corruption is a well-known risk in Latin America, but how great the risk is on a country-by-country basis is less well understood. To fill in those blanks and many more, the law firm Miller & Chevalier just released its 2024 Latin America Corruption Survey.



The firm has been fielding this survey every four years since 2008, reports Matt Ellis, Latin America Practice Lead. It provides comprehensive, country-by-country data as well as, more granular information on the risks of dealing with various governmental entities.



This year’s report, he shares on the podcast, had interesting news for the compliance community. It found that, although corruption remains a pervasive problem, corporate compliance programs, more so than enforcement, are perceived as being the key driver for change.



The survey also revealed significant nuances in the anticorruption risk picture:



* Chile, Uruguay and Costa Rica are generally perceived as the lowest risk countries

* Venezuela, Bolivia, Honduras and Argentina are on the riskier side

* In general, political parties are perceived as being corrupt as well as municipal governments

* Brazil’s customs authority, Peru’s judicial branch, Argentina’s executive branch and Mexico’s police and local governments were all singled out as areas of concern



Listen in to learn more about what the survey revealed, including corporate trends in investing in anti-corruption efforts.

By Adam Turteltaub



How do you tell someone something that they don’t want to hear in a way that they will listen? How do you overcome your own desire to avoid the conversation?



To better understand why people hesitate to have difficult talks and how to communicate more effectively, especially when the conversation is going to be a tough one, we spoke with Jason Rosoff, CEO of Radical Candor (podcasts).



People hesitate to speak candidly, he explains, for a number of reasons. For one, they may fear that the conversation will harm their relationship with the other person. They may also be nervous about facing a negative reaction, or even retaliation, for speaking out.



To help challenging conversations go better, he advocates for radical candor, which he explains means challenging directly but also caring personally at the same time. Be clear about the problem, he advises, and what the potential negative consequences are. At the same time, though, show you care personally. That includes giving the other person the benefit of the doubt, avoiding sounding judgmental, and focusing on helping them.



It also means being willing to listen to the other person’s side.



Listen in to learn more about how to have better conversations and how to avoid the more common traps that we all can fall into.

By Adam Turteltaub



ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector or country.



Organizations seek ISO 27001 certification to ensure that their IT security reflects best practices. It also brings to organizations a systematic approach to work in this area. In addition, potential business partners will have greater confidence that your organization has robust data defenses.



Most organizations have a head start when it comes to becoming ISO 27001 certified. Many existing IT security practices are likely to be consistent standards. To get the rest of the way to certification, she outlines several steps including:



* Determine where your organization is already compliant

* Conduct a gap analysis

* Performing a risk assessment

* Creating policies and procedures



Listen in to learn more about meeting this important ISO standard and what it will take to maintain certification.

By Adam Turteltaub



What do we do with ESG? Is it a part of compliance? Something different? How do we handle it?



Renee Murphy, Distinguished Evangelist at Diligent argues in this podcast that while there are compliance aspects to ESG, it is best to quickly make it a part of operations and under the general risk management structure.



Of the three elements of ESG, it is the environmental sustainability side, she believes, that will be the most challenging. With new requirements for organizations to report on their fossil footprint, companies are being forced to march into unexplored territory. As a result, they will need to evolve their process, which, she believes, will become easier as management comes to understand the balance sheet implications.



Listen in to learn more about what is happening with ESG, and what compliance teams need to know.