The compliance industry appears to be taken over by AI-this and AI-that. Third party risk bleeds into major AI risks, corporate governance needs to incorporate AI risks, and policies and procedures have to incorporate AI risks, while of course no risk assessment is worth its sale unless there is a discussion of dramatic AI risks. My first response is whoa — let’s all take a...
The Justice Department has increased False Claims Act prosecutions, reflecting a continued focus on healthcare fraud and a new initiative on trade fraud. DOJ announced the largest annual recovery figure in the FCA’s history — $6.8 billion in settlements and recoveries. FCA whistleblowers filed a record number of new cases — 1,297 lawsuits and the government initiated 401 investigations. Since 1986, DOJ has recovered a...
The most significant compliance and enforcement issue remains trade enforcement — sanctions and export controls. In the second posting, I want to focus on the new and interesting development in this area: the use of the False Claims Act to capture violations of tariffs and customs duties. With all the hype on the trade compliance front, when you calculate the numbers relating to criminal enforcement,...
Here are the five primary risk areas when a company uses AI in a supportive or assistance-based role as opposed to an algorithmic-based use case. 1. Data Protection and Cybersecurity: Internal AI use cases may involve chatbots, drafting of documents, emails, and other deliverables (e.g. slide decks). To the extent employees incorporate sensitive data (e.g. confidential, personal or regulated data) into AI vendor tools, such...
From my perspective, hopefully a reasonable one, there is a little too much AI-Risk Hype. Not to belittle the experts or ignore potential risk concerns but this is getting a little carried away. The compliance industry appears to be taken over by AI-this and AI-that. Third party risk bleeds into major AI risks, corporate governance needs to incorporate AI risks, and policies and procedures have...
The Justice Department knows how to use the False Claims Act — it is the primary tool against fraudsters in the healthcare industry, and going back even further, it was used against the defense industry in the 1980s and 1990s. DOJ has turned the tool towards another angle and this portends a significant trend. DOJ is opening up a new front in the trade enforcement...
Typically, I enjoy the New Year (notwithstanding Larry David’s rule of no New Year wishes past 15 days of the New Year). It is important to look back, assess and identify trends; after all, what better marker than annual reviews. The most significant compliance and enforcement issue remains trade enforcement — sanctions and export controls. In the second posting, I want to focus on the...
On January 7, 2026, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) issued an Order resolving an administrative enforcement action against Exyte Management GmbH, a Germany-based company headquartered in Stuttgart, in connection with alleged violations of the Export Administration Regulations (“EAR”). The action arose from conduct occurring between March 2021 and March 2022 and involved in-country transfers of items subject to the...
Welcome to 2026, a 10/1 year in numerology (if you are into it). Wherever you might be on the political spectrum, we can all agree that there is a lot happening, and there has been some significant changes. While I occasionally hear about the impact of our social climate on corporate ethics and compliance, let me offer a positive perspective that confirms the continuing —...
I was grateful to appear on Umbereen Ahmed’s new podcast, CEO Tech Talks. Umbereen and I had a great discussion on the importance of ethics and compliance, the direct financial benefit and the need for a robust compliance program to mitigate AI risks. Here is the LINK TO THE EPISODE.
