In this new podcast series, recovering screenwriter (and Mr. Monitor) Jay Rosen and I will indulge in passion for the movies by looking at them through the lens of compliance. Jay is a contemporary movie fan and I am more of a classic movie maven so we present a well-rounded view of the movie fandom. To jump start the series, Jay and I revisited the intersection of Star Wars and compliance in five episodes this week. Today for our first full episode, we look at the recently released music bio-pic Bohemian Rhapsody. So if you want to indulge in your love for the movies with two guys who are passionate about Hollywood and get some ideas for your compliance program, this is the podcast series for you.

Some of the highlights include:

  • How the movie came together after years in development and how it could have been a much different picture.
  • The stars were spot on in their portrayals of the band members (living and dead).
  • How do you wrap a story of redemption around a character you know will die of a terminal illness?
  • Tom indulges in his love of tracking shots.
  • Jay explains how the story structure worked in this movie.

The Compliance takeaways:

  1. A compliance program must continually innovate.
  2. You must bake continuous improvement into your compliance program.
  3. Every compliance professional should be ready for the opportunity; whether it be to move up in your profession or sell a new compliance initiative.
  4. The creative process in music can inform your innovation in compliance—engage your audience.
  5. Use the design thinking model, listen to what your audience wants from compliance.
  6. Learn from your mistakes and move forward incorporating the lessons learned into the next iteration.

As Tom and Jay prepare for the December holiday season, they consider data privacy, an FCPA trial, the Moonves scandal, give personal remembrances of and say farewell to George H. W. Bush and all while reviewing the week’s top compliance and ethics stories.

  1. Compliance Week devotes an entire issue to data privacy. Some of the highlights include: Hillary Wandall on what could federal data privacy legislation; Joe Mont, Jaclyn Jaeger and TomFox on unintended consequences; Jaclyn Jaeger considers the elements of a best in class data . (sub req’d for all articles)
  2. Huawei CFO (and daughter of founder) arrested in Canada for US trade sanction violations. What will be the fallout? In the New York Times. In the Wall Street Journal.
  3. Did Jho Low bribe US government officials? John Rausch weighs in on his blog Dipping Through Geometries. 
  4. Can banks improve their AML programs without fear of enforcement? US regulators say yes. State of New York-maybe. Sam Rubenfeld reports in the WSJ Risk and Compliance Journal. Matt Kelly weighs in on Radical Compliance.
  5. How will Goldman Sach’s role in the 1MDB scandal test the DOJ? Robert Anello and Richard Albert explore this question in a New York Law Journal. 
  6. Hong Kong’s former home secretary was convicted of FCPA violations bribing African officials on behalf of a Chinese energy company. Dick Cassin reports in the FCPA Blog.
  7. More commentary on modifications to the Yates Memo and what it means for the CCO. Jonathan Marks on Board and Fraud. Michael W. Peregrine and Rebecca Martin on NYU’s Compliance and Enforcement Blog. Tom weighs in on the FCPA Compliance Blog. Matt Kelly’s thoughts on Radical Compliance. Kevin LaCroix looks at the insurance implications on the D&O Diary.
  8. The investigation into Les Moonves and his conduct at CBS is damning. James Stewart reports in his Common Sense column in the NYT. Rachel Abrams and David Enrich report on Four Key takeaways, also in the NYT. Matthew Dessem, writing in Slate says no matter how bad you think it may have been; it was much worse and he is right.
  9. Great Women in Compliance premiered on the Compliance Podcast Network this week. In Episode 1, Tom interviews Mary Shirley and Lisa Fine on why they started the podcast. In Episode 2, Mary Shirley visits with Kristy Grant-Hart. In Episode 3, Lisa Fine visits with Ellen Hunt. All podcasts are also available on iTunes, JDSupra, YouTube and Panoply.
  10. Interested in learning some compliance lessons through the movies? Tom and Jay begin a new podcast series Popcorn and Compliance where they consider compliance lessons while indulging in their love of the movies. Saturday we will premiere on the Queen bio Bohemian Rhapsody. This week they are running a five-part series on the intersection of Star Wars and Compliance. A New Hope and Risk; The Empire Strikes Back and Due Diligence; Return of the Jedi and Compliance Training; The Force Awakens and Disruptive Innovation; Rogue One and the Myth of the Rogue Employee. You can listen to the first ‘new’ episode of Popcorn and Compliance, Bohemian Rhapsody Saturday at 8 AM CST. All episodes are also available on iTunes, JDSupra, YouTube and Panoply.
  11. Tom and Jay pay tribute to George H. W. Bush.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive Michael Cohen’s guilty plea and DAG Rod Rosenstein’s ‘substantially responsible” amending of the Yates Memo. Since Cohen said in the plea agreement that he only lied to Congress to support what he believed Trump wanted; not at Trump’s direction. It gives us the opportunity to explore a gray area about accountability for senior execs complicit in misconduct or to use Rosenstein’s language have ‘substantial involvement’ but not substantially responsible for it. It provides several new lessons learned for the compliance professional (and some old ones as well).

Some of the highlights from this podcast are:

  1. What does ‘substantially involved in or responsible for the misconduct’ actually mean?
  2. What does ‘substantially involved in or responsible for the misconduct’ actually mean?
  3. If the voting public, and employees; don’t see justice served, for legal distinctions they may neither appreciate nor care about, that’s going to blunt their interest in talk about ethical conduct; will it will corrode the trust they have in organizations?
  4. What if the senior executives are complicit in the misconduct by fostering a poor control environment; and yet they personally were not substantially involved in the misconduct?
  5. Will this drive up the importance of strong governance? For example, where were the auditors, inspecting the control environment? Or would this lead to shareholder lawsuits against the board?
  6. How would the Justice Department apply the Rosenstein policy to those circumstances?
  7. What were the key lessons learned for the compliance practitioner?

You can certainly tell when a person is beloved. As Phil Liggett said, “I’ve never seen such an outpouring. I’m convinced Paul had no idea how much he was loved. But the answer is clear today.” I am talking about Paul Sherwen, the noted cycling commentator, who died over the weekend. According to his obituary in the New York Times, Sherwen was a cycling participant, maven and aficionado, a two-time British national champion and rode in the Tour de France in the 1970 and ‘80s.

But most of us knew Sherwen through his annual commentary on the Tour de France. He was paired with his co-commentator, Phil Liggett. Jason Gay, writing in the Wall Street Journal, said “They were known, simply, as Phil and Paul. Or Paul and Phil. Either way, Liggett and Sherwen were synonymous with cycling, and especially the Tour de France, where, every July, they would turn a three-week bike race into a two-man rhapsody about athleticism and the marvels of the French countryside. Paul and Phil could enthuse over a thrilling victory, but also a 500-year-old church. Or a flock of sheep. As commentators, they were lyrical and playful. There was no one like them in sports.”

Last week there were two speeches by Department of Justice (DOJ) officials which directly impacted corporate compliance programs going forward. They were a speech by Principal Deputy Assistant Attorney General John P. Cronan who spoke at the Practising Law Institute Event in Washington. The second was Deputy Attorney General Rod Rosenstein, who delivered a keynote address to the conference the same week as ACI. Taken together, these speeches provided solid information for the compliance practitioner going forward into 2019. I am in the midst of a three-blog post exploration of what these speakers said, what it means for the compliance profession and how a Chief Compliance Officer (CCO) or compliance practitioner can use the information going forward.

Public/Private Partnership in Fight Against Corruption

Cronan’s remarks were probably of the most interest to the compliance practitioner. He began by noting the DOJ continues to strive for more public-private partnership in fighting the global scourge of bribery and corruption. The DOJ believes it can more effectively do so when companies come in and self-report bribery and corruption they uncover in their organization. He stated, “I want to talk today about the importance of law enforcement and private industry working together in pursuit of common, shared objectives. There can be a perception – and I would say, often a misperception – of the Department of Justice and private industry as adversaries. While that certainly is sometimes the case, viewing law enforcement and the private sector in such stark black and white terms all too often is an oversimplification and simply inaccurate. That misperception not only can pose an obstacle to effective law enforcement, but it can also work against the interests of corporations that are victimized by crime or whose employees engage in misconduct.” The law enforcement he is referring to is fighting corruption and the law is the Foreign Corrupt Practices Act (FCPA).

Role of the Compliance Professional

Interestingly, no doubt due to the audience, Cronan said, “In-house counsel are also on the front lines of efforts to promote lawful business practices.” This is not correct as that is not the role of in-house counsel in a corporate legal department. Their role is to protect the organization. However, if you insert the corporate compliance professional in the role of ‘in-house counsel’ not only does the statement make more sense, it is correct as he then goes on to add “Those of us in law enforcement well recognize that in-house counsel – together with boards of directors and senior management – are leading the charge from within companies to detect, deter, and rectify corporate misconduct and misbehaviors.” Moreover, it is the compliance professional and corporate compliance function which “will confront difficult decisions about how to respond to bad actors; what compliance, audit, and ethics programs will look like; what resources will be devoted to those programs; and the level of access that compliance personnel will have to management and the board. It therefore is you to whom we in government want to make our message clear about the incentives for companies to prevent and redress corporate misconduct.”

Effective Compliance Programs

Finally, and perhaps most importantly, was Cronan’s words on an effectivecompliance program, not a paper compliance program. He stated, “when we at the Department talk about compliance, we are referring to effective compliance. The Principles of Federal Prosecution of Business Organizations make that clear. Under those Principles, in determining whether to charge a corporation, prosecutors must consider, among other factors, the existence and effectiveness of the corporation’s preexisting compliance program, as well as the corporation’s subsequent remedial actions including efforts to implement an effective compliance program or improve an existing one. In assessing a compliance program, the Principles specifically direct prosecutors to consider “whether a corporation’s compliance program is merely a ‘paper program’ or whether it was designed, implemented, reviewed, and revised, as appropriate, in an effective manner.””

He provided the example of the entity MoneyGram International Inc. who had its Deferred Prosecution Agreement (DPA) extended when “during the course of the DPA, MoneyGram experienced significant weaknesses in its anti-money laundering and anti-fraud programs. It then inadequately disclosed those weaknesses to the government, and instead told the Department that a rise in the number of consumer fraud transactions it was processing was substantially related to external circumstances. MoneyGram also failed to complete the enhanced compliance undertakings required by its 2012 DPA.” The additional penalties placed upon MoneyGram were not insignificant as it “found itself facing a 30-month extension of its DPA, as well as forfeiture in the amount of $125 million.” That is what happens when even a company under a DPA, tries to slide by with a paper compliance program.

Tomorrow I will consider the speech by Rod Rosenstein. 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2018

Today, the new podcast series Great Women in Compliance premiers on the Compliance Podcast Network. It is hosted by Lisa Fine and Mary Shirley and is produced by One Stone Creative. For a long time, compliance was perceived as a part of the larger legal world. Today, compliance is its own profession — a place where people work tirelessly to make the world a better place, one where doing the right thing is the standard for everyone. There are a lot of amazing and inspirational women who have helped the compliance field develop into what it is today and women who are joining this field every day. They are leading the work on cutting-edge issues and breaking barriers for women. Join Mary and Lisa as they talk with women in compliance who are making a difference. You can Find Great Women in Compliance on Itunes at, or search for Great Women in Compliance in your favorite podcast player.

Episode 1-Introduction

In the first episode, I interviewed Mary and Lisa on why they desired to start this podcast and what they hoped to achieve through it. I am extraordinarily excited they have decided to start this podcast. Frankly, I cannot wait to see where you take it. I think it is going to be fabulous and it will be not only a resource for women in the compliance profession but, more importantly, for the entire compliance community.

Episode 2-Kristy Grant-Hart

In this episode, Mary Shirley interviews well-known compliance practitioner, Kristy Grant-Hart. They discussed how to develop a career in the compliance industry – the traits you need, how to make a name for yourself, and how to go about joining a board of directors. Only 3 Fortune 500 companies have an equal number of male and female board members – and that’s something they believe needs to change – listen to the full conversation and find out how you can start to make a difference. You can Find Great Women in Compliance on Itunes at, or search for Great Women in Compliance in your favorite podcast player.

Episode 2-Ellen Hunt

In this episode,  Lisa Fine visits with Ellen Hunt, CCO at the AARP. They talked about creating solid relationships with Boards of Directors, finding sponsors in your career, and being a women in the compliance industry. I hope you’ll enjoy listening to it, which you can do by subscribing to the podcast in Itunes at, or by searching for Great Women in Compliance on your favorite podcast player!