Category: General

The Shadow AI Crisis — Your Employees Are Already Using AI, and You Don’t Know How (Part 2 of 3)

If Part I of this series described the governance gap at the organizational level, Part II describes the crisis that is already unfolding inside your organization right now — whether you know it or not. Shadow AI is real, it is pervasive, and the statistics are alarming. According to Gartner research across 500 companies, 68% of employees use unauthorized AI tools at work — a...

AI Is Here. Is Governance?

Are your employees whispering corporate secrets into the greedy ears of public-facing AI? Many organizations have no visibility into how their employees are using AI. The solution is not to ban AI. The solution is AI governance. Organizations need approved AI tools, acceptable use policies, employee training, and ongoing monitoring. Organizations need approved AI tools, acceptable use policies, employee training, and ongoing monitoring. The question...

The AI Governance Gap — The Urgency Is Now (Part 1 of 3)

There is a crisis unfolding in corporate boardrooms and compliance departments across America, and most organizations are not responding with anywhere near the urgency the situation demands. The crisis is AI governance — or more precisely, the near-total absence of it. The numbers are striking. According to a Compliance Week 2026 survey, 83% of organizations are using AI tools, but only 25% have implemented a...

Venezuela Sanctions Update: Building the Operational Compliance Program (Part 2 of 2)

Part 1 of this series examined the legal framework underlying OFAC’s new Venezuela general licenses—General License 46B, GL 51B, and GL 52—and the Foreign Government Deposit Fund payment mechanism that sits at the center of the authorized transaction structure. Part 2 turns to the practical compliance program question: what does a company actually need to build to execute Venezuela-related transactions safely, accurately, and in a...

Why the Third Party Risk Association Is Leading the Future of TPRM 2.0

Third-party risk management is undergoing a significant transformation. Traditional vendor due diligence programs are no longer sufficient to address the complex ecosystem of risks facing organizations today. Cybersecurity threats, supply chain disruptions, regulatory scrutiny, geopolitical instability, fourth-party dependencies, artificial intelligence risks, and operational resilience concerns have fundamentally changed the nature of third-party risk management. This evolution is what I have described as TPRM 2.0—a strategic...

Would You Fire AI?

If AI were a real employee and made mistakes, would you fire it? AI is transforming business operations, but organizations often overlook one fundamental problem. They hallucinate. AI can generate fake information, fake legal citations, inaccurate regulatory interpretations, incorrect sanctions screening results, and fabricated facts. The danger is not that AI makes mistakes. The danger is that it makes mistakes confidently. Employees frequently assume AI-generated...

Venezuela Sanctions Update: OFAC’s New General Licenses and the Foreign Government Deposit Fund Framework (Part 1 of 2)

The Office of Foreign Assets Control has issued a series of new general licenses authorizing significant categories of Venezuela-related energy transactions that would otherwise be prohibited under the Venezuela Sanctions Regulations, 31 C.F.R. Part 591. These authorizations—General License 46B, General License 51B, General License 52, and General License 50A—represent the most significant expansion of permitted Venezuela-related activity in years. But they are not a relaxation...

Volkov Law Group and CBC Law Announce Strategic Alliance: Premier U.S. – Turkey Legal Coverage for a Complex World

I am pleased to announce that Volkov Law Group, P.C. has entered into a formal strategic alliance with CBC Law, one of Turkey’s most respected and internationally recognized law firms. This partnership formalizes a relationship built over years of successful collaboration and reflects our shared commitment to delivering the highest level of legal counsel to clients navigating the complex intersection of U.S. and Turkish law....

Detangling Third-Party AI Risks — Reputational Risk When Your Vendor’s AI Misbehaves (Part II of II)

Last week we examined the agency principle in third-party AI risk — the situations where a third party acts on your behalf and its AI-related misconduct can be legally attributed to your company. This week, we turn to the other side of the framework: what happens when a third party provides incidental goods or services and does not act on your behalf? The short answer...

Detangling Third-Party AI Risks — When Your Vendor’s AI Becomes Your Problem (Part I of II)

The rapid integration of artificial intelligence into business operations has created a new and largely uncharted compliance frontier. Companies are scrambling to assess AI risks within their own operations, but many are overlooking an equally important question: what happens when your third parties use AI? The answer depends on a legal distinction that compliance professionals already know well from the Foreign Corrupt Practices Act and...