How does the Outside World see your Compliance Program? Find out for Free with this Brand New Report

How does the Outside World see your Compliance Program? Find out for Free with this Brand New Report

Have you ever Googled your name to see what comes up?  Most of us have.  What about your company’s name?  Have you ever thought about the impression your company makes from a compliance and ethics perspective?  Most people haven’t thought about this critical element of their program, and yet, it’s the first thing regulators, customers, potential investors, shareholders and employees see.

Why is your company’s compliance-related appearance so important?  The contents of your company’s website give the impression to the world of just how important compliance and ethics is at the company.  It allows potential employees, potential customers, and even potential buyers of the company to evaluate whether corporate culture is important at the firm, and whether the management is truly committed to creating a compliant and ethical company. 

Does this mean that your external impression tells the whole story about your program?  Of course not!  Your program may be fantastic on the inside, but if it’s not obvious on the outside, that’s a major problem. 

How can you tell if your outside appearance is good?  More importantly, how can you benchmark how your program looks against others in your industry?  Wouldn’t it be great to have a concrete, specific report reviewing how your company looks to the outside world?  Wouldn’t it be great if that report could be used to show your management or board how your program looks to the outside world?  And wouldn’t it be especially great if that report were free with no strings attached whatsoever? 

I’ve been thinking long and hard about how to quantify the external reputation of a company.  I’ve created 25 proprietary inputs that we put into an algorithm to score the external appearance of the program.  For the past few months, my company has been aggregating information on the appearance of critical areas of compliance, including:

·       Code of Conduct

·       Corporate Governance

·       Whistle-blower Provisions

·       Anti-Bribery Commitments

·       Data Privacy

·       Supply Chain / Modern Slavery / Sustainability

I’m so excited to introduce Spark Score – the free report you that shows exactly how your program looks to the external world.  If you’d like to get your Spark Score Report, simply reply to this email with your name, company name and company website.  We’ll get you your free report within 10 working days.   

What do you have to lose?  The insights you gain will be invaluable, both for yourself and for talking to management about the criticality of showing how important the compliance and ethics program is to the external stakeholders that make your business profitable. 

Don’t delay – fill out the form at 

Read More

Risky Women Radio - Listen to the Fun!

Risky Women Radio - Listen to the Fun!

The fabulous Kimberley Cole interviewed me for Risky Women Radio! Listen in for a fun interview about:

  • The biggest trends in compliance and ethics

  • How to rock your career

  • What to focus on in 2019

  • The different trends in Asia versus Europe and the US

It’s a great conversation that I’m sure you’ll enjoy! Find it here:




Read More

Four Steps to Get the Most Out of Your Compliance Program Assessment

Four Steps to Get the Most Out of Your Compliance Program Assessment

The following is a guest post by Ramsey Kazem

“These recommendations are great, but what should I do with them?”  We all know that a best practice for any company in any industry is to periodically evaluate and assess the current state of its compliance program.  Such an assessment, whether performed internally or by an outside consultant, should be completely objective with a clearly defined purpose.  For example, some assessments may be designed to measure an organization’s preparedness for complying with a new law or regulation.  Others may be broader in scope and seek to measure the effectiveness of a program (or aspects thereof) in mitigating an organization’s compliance risk.  Irrespective of its scope, a good assessment can provide invaluable insights into a compliance program with important recommendations for improving its overall structure and effectiveness. 

While feedback on your program is important, there’s a risk that the company will view the assessor’s recommendations as a check-box exercise.  At worst, the company may race to complete the recommendations as quickly as possible, sacrificing quality and thoughtfulness in the process.   Because each task completed is another checkmark on the “to-do” list and, thus, a measure of progress and performance, the recommendations are often prioritized based on ease-of-completion starting with the low-hanging fruit, first.  This approach, while effective in quickly checking items off a “to-do” list, is often counterproductive and can result in a disjointed and inconsistent program.     

Four Steps to Getting the Most Out of Assessment Recommendations

A better approach is to take a more holistic view of the assessment and…

Read More

Should you fess up about data loss? Your 5-minute guide!

Should you fess up about data loss? Your 5-minute guide!

This is a guest post by Patrick O’Kane, Data Protection Officer and author of the book, “GDPR: Fix it Fast!”

Saying sorry is fashionable these days. From philandering politicians to incompetent CEOs, it is often the norm to confess all when you throw yourself at the mercy of the public. Back in the Nixon era, politicians and titans of industry often kept their heads down and hoped it would all blow over. Often it did. No longer. We now live in the Age of Accountability. And there are new rules in place around ‘fessing up when you lose customer data.

As a barrister and Data Protection Officer for a Fortune 500 company, I have been advising businesses on these new rules.

Facebook have just come clean about the fact that up to 50 million Facebook accounts may have been accessed illegally by hackers. They have ‘fessed up to the 50 million users involved.

We can lose customer information in all sorts of ways; from leaving a laptop on a train, to emailing customer spreadsheets to the wrong address, from having your customer website hacked to your having your IT systems fail. These losses of information are known as “data breaches.”

Remember the GDPR that you kept hearing so much about earlier this year? Well, under GDPR there are new rules about when and how you must come clean when you lose customer information. If you break these rules, by not reporting such a breach or not reporting it quickly enough then you could be in line for a major fine. The maximum fine for not reporting a data breach is an ulcer-inducing 2% of global annual turnover or £8.87 million.

My 3 tips for your business are:

1.       You do not have to report all data breaches – There is a myth that…

Read More

When WOULD be a good time? Tricks for Getting the Business to Respond

When WOULD be a good time?  Tricks for Getting the Business to Respond

We’ve all been there.  It’s the fourth time you’ve contacted that manager about doing his training.  You’re beginning to feel like a nag.  But what can you?  The training has to be done, but he just keeps ignoring you.  It’s maddening.  You want to scream, “What’s the matter with you?!”  Instead of getting yourself drug into the human resources office with this shouted question, try one of the following questions instead.


When would be a good time to get started?


According to Phil M. Joes, author of Exactly What to Say, The Magic Words for Influence and Impact, using the words, “when would be a good time” is a highly effective way of getting past the “I don’t have time!” obstacle.  This is because, “you prompt the other person to subconsciously assume that there will be a good time and that no is not an option.”  When you ask the manager when it would be a good time to get started, you’re assuming that he’ll be starting the training at some point, and his response should commit him to a timeframe.

When shall I check back in with you? (…)

Read More

Are your Comms in an Email Rut? - 20 Alternatives to Pique Employee Interest

Are your Comms in an Email Rut? -  20 Alternatives to Pique Employee Interest

Ding. Ding. Ding. Email. Email. Email… For many compliance professionals, communication takes place only one way – via email. It’s estimated that the average employee receives 121 emails per day. While email can be a valuable way to communicate en masse about compliance policies and requirements, it’s not always the best way to communicate. What else can you do?

There are a variety of great ways to communicate to the whole employee population. Not only can some of these channels be more effective than email, but by varying the way you communicate, you’re more likely to engage your employees and pique their curiosity. If you’re in an email rut, how can communicate more effectively? Here’s a checklist of 20 communication channels that you can use instead of email. Why not try:

o Videos from compliance

o Videos from the CEO / managers

o Intranet messaging

o Screensaver messages

o Via e-learning platform

o Live meetings

o Live training

o Whitepapers

o Podcasts…

Read More