There is a crisis unfolding in corporate boardrooms and compliance departments across America, and most organizations are not responding with anywhere near the urgency the situation demands. The crisis is AI governance — or more precisely, the near-total absence of it. The numbers are striking. According to a Compliance Week 2026 survey, 83% of organizations are using AI tools, but only 25% have implemented a...
Michael Volkov examines OFAC’s new Venezuela general license framework—including General License 52, General License 46B, and the newly effective General License 51B covering Venezuelan-origin minerals—analyzing how these authorizations create conditional pathways for otherwise-prohibited energy and minerals transactions while preserving the underlying blocking regime applicable to PdVSA and the Government of Venezuela. Michael explains the established U.S. entity eligibility requirement, the mandatory contractual conditions requiring U.S....
Part 1 of this series examined the legal framework underlying OFAC’s new Venezuela general licenses—General License 46B, GL 51B, and GL 52—and the Foreign Government Deposit Fund payment mechanism that sits at the center of the authorized transaction structure. Part 2 turns to the practical compliance program question: what does a company actually need to build to execute Venezuela-related transactions safely, accurately, and in a...
Third-party risk management is undergoing a significant transformation. Traditional vendor due diligence programs are no longer sufficient to address the complex ecosystem of risks facing organizations today. Cybersecurity threats, supply chain disruptions, regulatory scrutiny, geopolitical instability, fourth-party dependencies, artificial intelligence risks, and operational resilience concerns have fundamentally changed the nature of third-party risk management. This evolution is what I have described as TPRM 2.0—a strategic...
If AI were a real employee and made mistakes, would you fire it? AI is transforming business operations, but organizations often overlook one fundamental problem. They hallucinate. AI can generate fake information, fake legal citations, inaccurate regulatory interpretations, incorrect sanctions screening results, and fabricated facts. The danger is not that AI makes mistakes. The danger is that it makes mistakes confidently. Employees frequently assume AI-generated...
There is a crisis unfolding in corporate boardrooms and compliance departments across America, and most organizations are not responding with anywhere near the urgency the situation demands. The crisis is AI governance — or more precisely, the near-total absence of it. The numbers are striking. According to a Compliance Week 2026 survey, 83% of organizations are using AI tools, but only 25% have implemented a...
Michael Volkov examines OFAC’s new Venezuela general license framework—including General License 52, General License 46B, and the newly effective General License 51B covering Venezuelan-origin minerals—analyzing how these authorizations create conditional pathways for otherwise-prohibited energy and minerals transactions while preserving the underlying blocking regime applicable to PdVSA and the Government of Venezuela. Michael explains the established U.S. entity eligibility requirement, the mandatory contractual conditions requiring U.S....
Part 1 of this series examined the legal framework underlying OFAC’s new Venezuela general licenses—General License 46B, GL 51B, and GL 52—and the Foreign Government Deposit Fund payment mechanism that sits at the center of the authorized transaction structure. Part 2 turns to the practical compliance program question: what does a company actually need to build to execute Venezuela-related transactions safely, accurately, and in a...
Third-party risk management is undergoing a significant transformation. Traditional vendor due diligence programs are no longer sufficient to address the complex ecosystem of risks facing organizations today. Cybersecurity threats, supply chain disruptions, regulatory scrutiny, geopolitical instability, fourth-party dependencies, artificial intelligence risks, and operational resilience concerns have fundamentally changed the nature of third-party risk management. This evolution is what I have described as TPRM 2.0—a strategic...
If AI were a real employee and made mistakes, would you fire it? AI is transforming business operations, but organizations often overlook one fundamental problem. They hallucinate. AI can generate fake information, fake legal citations, inaccurate regulatory interpretations, incorrect sanctions screening results, and fabricated facts. The danger is not that AI makes mistakes. The danger is that it makes mistakes confidently. Employees frequently assume AI-generated...
The Office of Foreign Assets Control has issued a series of new general licenses authorizing significant categories of Venezuela-related energy transactions that would otherwise be prohibited under the Venezuela Sanctions Regulations, 31 C.F.R. Part 591. These authorizations—General License 46B, General License 51B, General License 52, and General License 50A—represent the most significant expansion of permitted Venezuela-related activity in years. But they are not a relaxation...
Michael Volkov examines USTR’s unprecedented Section 301 forced labor tariff proposal, analyzing how the Trump Administration is leveraging a decades-old trade statute to rebuild broad tariff coverage following the Supreme Court’s invalidation of IEEPA emergency tariffs in Learning Resources, Inc. v. Trump. Covering economies that account for an estimated 99.4% of U.S. imports, the proposal would impose 10% duties on 14 economies with partial forced...
I am pleased to announce that Volkov Law Group, P.C. has entered into a formal strategic alliance with CBC Law, one of Turkey’s most respected and internationally recognized law firms. This partnership formalizes a relationship built over years of successful collaboration and reflects our shared commitment to delivering the highest level of legal counsel to clients navigating the complex intersection of U.S. and Turkish law....
Last week we examined the agency principle in third-party AI risk — the situations where a third party acts on your behalf and its AI-related misconduct can be legally attributed to your company. This week, we turn to the other side of the framework: what happens when a third party provides incidental goods or services and does not act on your behalf? The short answer...
The rapid integration of artificial intelligence into business operations has created a new and largely uncharted compliance frontier. Companies are scrambling to assess AI risks within their own operations, but many are overlooking an equally important question: what happens when your third parties use AI? The answer depends on a legal distinction that compliance professionals already know well from the Foreign Corrupt Practices Act and...
