What separates effective trade compliance programs from ineffective ones? It starts at the top. Good, bad, or ugly, it all trickles down from the top. Here are the five keys to an effective trade compliance program. The first two are building blocks for leadership and due diligence. First, senior executives and boards must actively support trade compliance. Without leadership engagement, compliance programs become check-the-box exercises....
On June 23, 2026, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued General License X (“GL X”), authorizing a broad range of transactions ordinarily incident and necessary to the production, sale, delivery, or offloading of Iranian-origin crude oil, petrochemical products, and petroleum products through August 21, 2026. The authorization applies notwithstanding prohibitions imposed under multiple Iran-related sanctions authorities and expressly...
If you read Parts I and II of this series and concluded that the AI governance problem is primarily an internal one — about what your employees do with AI inside your organization — you have only identified half the exposure. The other half lives outside your walls. It lives in your vendors, your service providers, your agents, your supply chain. And for the vast...
If Part I of this series described the governance gap at the organizational level, Part II describes the crisis that is already unfolding inside your organization right now — whether you know it or not. Shadow AI is real, it is pervasive, and the statistics are alarming. According to Gartner research across 500 companies, 68% of employees use unauthorized AI tools at work — a...
Are your employees whispering corporate secrets into the greedy ears of public-facing AI? Many organizations have no visibility into how their employees are using AI. The solution is not to ban AI. The solution is AI governance. Organizations need approved AI tools, acceptable use policies, employee training, and ongoing monitoring. Organizations need approved AI tools, acceptable use policies, employee training, and ongoing monitoring. The question...
What separates effective trade compliance programs from ineffective ones? It starts at the top. Good, bad, or ugly, it all trickles down from the top. Here are the five keys to an effective trade compliance program. The first two are building blocks for leadership and due diligence. First, senior executives and boards must actively support trade compliance. Without leadership engagement, compliance programs become check-the-box exercises....
On June 23, 2026, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued General License X (“GL X”), authorizing a broad range of transactions ordinarily incident and necessary to the production, sale, delivery, or offloading of Iranian-origin crude oil, petrochemical products, and petroleum products through August 21, 2026. The authorization applies notwithstanding prohibitions imposed under multiple Iran-related sanctions authorities and expressly...
If you read Parts I and II of this series and concluded that the AI governance problem is primarily an internal one — about what your employees do with AI inside your organization — you have only identified half the exposure. The other half lives outside your walls. It lives in your vendors, your service providers, your agents, your supply chain. And for the vast...
If Part I of this series described the governance gap at the organizational level, Part II describes the crisis that is already unfolding inside your organization right now — whether you know it or not. Shadow AI is real, it is pervasive, and the statistics are alarming. According to Gartner research across 500 companies, 68% of employees use unauthorized AI tools at work — a...
Are your employees whispering corporate secrets into the greedy ears of public-facing AI? Many organizations have no visibility into how their employees are using AI. The solution is not to ban AI. The solution is AI governance. Organizations need approved AI tools, acceptable use policies, employee training, and ongoing monitoring. Organizations need approved AI tools, acceptable use policies, employee training, and ongoing monitoring. The question...
There is a crisis unfolding in corporate boardrooms and compliance departments across America, and most organizations are not responding with anywhere near the urgency the situation demands. The crisis is AI governance — or more precisely, the near-total absence of it. The numbers are striking. According to a Compliance Week 2026 survey, 83% of organizations are using AI tools, but only 25% have implemented a...
Michael Volkov examines OFAC’s new Venezuela general license framework—including General License 52, General License 46B, and the newly effective General License 51B covering Venezuelan-origin minerals—analyzing how these authorizations create conditional pathways for otherwise-prohibited energy and minerals transactions while preserving the underlying blocking regime applicable to PdVSA and the Government of Venezuela. Michael explains the established U.S. entity eligibility requirement, the mandatory contractual conditions requiring U.S....
Part 1 of this series examined the legal framework underlying OFAC’s new Venezuela general licenses—General License 46B, GL 51B, and GL 52—and the Foreign Government Deposit Fund payment mechanism that sits at the center of the authorized transaction structure. Part 2 turns to the practical compliance program question: what does a company actually need to build to execute Venezuela-related transactions safely, accurately, and in a...
Third-party risk management is undergoing a significant transformation. Traditional vendor due diligence programs are no longer sufficient to address the complex ecosystem of risks facing organizations today. Cybersecurity threats, supply chain disruptions, regulatory scrutiny, geopolitical instability, fourth-party dependencies, artificial intelligence risks, and operational resilience concerns have fundamentally changed the nature of third-party risk management. This evolution is what I have described as TPRM 2.0—a strategic...
If AI were a real employee and made mistakes, would you fire it? AI is transforming business operations, but organizations often overlook one fundamental problem. They hallucinate. AI can generate fake information, fake legal citations, inaccurate regulatory interpretations, incorrect sanctions screening results, and fabricated facts. The danger is not that AI makes mistakes. The danger is that it makes mistakes confidently. Employees frequently assume AI-generated...
