Last week we examined the agency principle in third-party AI risk — the situations where a third party acts on your behalf and its AI-related misconduct can be legally attributed to your company. This week, we turn to the other side of the framework: what happens when a third party provides incidental goods or services and does not act on your behalf? The short answer...
The rapid integration of artificial intelligence into business operations has created a new and largely uncharted compliance frontier. Companies are scrambling to assess AI risks within their own operations, but many are overlooking an equally important question: what happens when your third parties use AI? The answer depends on a legal distinction that compliance professionals already know well from the Foreign Corrupt Practices Act and...
On June 12, 2026, at 5:21 p.m. ET, the U.S. government handed Anthropic a directive that forced the company to do something extraordinary: disable its two most powerful AI models—Fable 5 and Mythos 5—for every single customer worldwide, with no advance notice and no specific explanation of the national security concern that justified the action. The directive, issued by the Commerce Department’s Bureau of Industry...
Michael Volkov analyzes the Commerce Department Bureau of Industry and Security’s June 12, 2026 export control directive ordering Anthropic to suspend all access to its Fable 5 and Mythos 5 AI models for any foreign national—a directive that, because Anthropic cannot segment its global user base by nationality in real time, resulted in a complete worldwide shutoff of both models for every customer. Michael places...
Compliance isn’t a cost, it’s a business advantage. Compliance officers often make one critical mistake, they sell compliance as a legal requirement instead of a business advantage. Executive support grows when compliance leaders connect ethics to operational resilience, revenue protection, and enhancement, reputation, employee retention, and strategic growth. Successful compliance leaders use data, demonstrate value, communicate clearly, and align with business priorities. Employees then support...
Last week we examined the agency principle in third-party AI risk — the situations where a third party acts on your behalf and its AI-related misconduct can be legally attributed to your company. This week, we turn to the other side of the framework: what happens when a third party provides incidental goods or services and does not act on your behalf? The short answer...
The rapid integration of artificial intelligence into business operations has created a new and largely uncharted compliance frontier. Companies are scrambling to assess AI risks within their own operations, but many are overlooking an equally important question: what happens when your third parties use AI? The answer depends on a legal distinction that compliance professionals already know well from the Foreign Corrupt Practices Act and...
On June 12, 2026, at 5:21 p.m. ET, the U.S. government handed Anthropic a directive that forced the company to do something extraordinary: disable its two most powerful AI models—Fable 5 and Mythos 5—for every single customer worldwide, with no advance notice and no specific explanation of the national security concern that justified the action. The directive, issued by the Commerce Department’s Bureau of Industry...
Michael Volkov analyzes the Commerce Department Bureau of Industry and Security’s June 12, 2026 export control directive ordering Anthropic to suspend all access to its Fable 5 and Mythos 5 AI models for any foreign national—a directive that, because Anthropic cannot segment its global user base by nationality in real time, resulted in a complete worldwide shutoff of both models for every customer. Michael places...
Compliance isn’t a cost, it’s a business advantage. Compliance officers often make one critical mistake, they sell compliance as a legal requirement instead of a business advantage. Executive support grows when compliance leaders connect ethics to operational resilience, revenue protection, and enhancement, reputation, employee retention, and strategic growth. Successful compliance leaders use data, demonstrate value, communicate clearly, and align with business priorities. Employees then support...
Introduction: A Deal Too Good to Be True When Adani Enterprises Limited (AEL) entered the liquified petroleum gas (LPG) market in 2023, it needed a competitive edge. It found one — a Dubai-based supplier offering meaningfully discounted LPG, purportedly from Oman and Iraq. It was a compelling deal. It was also, as OFAC’s May 18, 2026 enforcement release makes clear, a sanctions disaster hiding in...
As artificial intelligence becomes embedded in third-party business operations, companies face a new and largely unexamined compliance challenge: when does a vendor’s use of AI become your legal or reputational problem? In this episode, Michael Volkov unpacks the critical agency principle distinction at the heart of third-party AI risk — explaining how acting third parties who deploy AI on a company’s behalf can create direct...
If you want to give your compliance team superpowers, then give them the power of automation. If your compliance program is still operating primarily through spreadsheets, emails, and manual tracking, regulators already view your program as ineffective. Modern compliance risks move too fast for manual systems. You need to have sanction screening, third-party monitoring, transaction testing, hotline analytics, policy certifications, and training program metrics. The...
Let me say something that the technology industry does not say loudly enough. Artificial intelligence makes mistakes. Serious ones. And in high-stakes professional environments, those mistakes can cause real harm. Every interaction with Claude or ChatGPT comes with the same quiet disclaimer: “AI can make mistakes.” We have all seen it. Most of us scroll past it. We should not. That disclaimer is not boilerplate....
June 24, 2026 (UK) 2:00-2:45 PM PDT June 25, 2026 (US) 7:30 – 8:15 AM PDT Sign Up Here Supplier intake now plays a critical role in managing compliance and supply chain resilience amid tariffs, sanctions, geopolitical conflict, disrupted trade routes, and rising due diligence expectations. Join NAVEX and Michael Volkov for a practical discussion on identifying supplier risk earlier, documenting decisions, and strengthening oversight...
