Compliance Perspectives

By Adam Turteltaub Virginia MacSuibhne is not your typical compliance officer. It’s not surprising then that this former global chief compliance at Agilent and Roche, who also has an Etsy shop selling irreverent, NSFW compliance merch, decided she wanted to do an atypical podcast. Rather than focusing on a brilliant idea she had or a huge success, she suggested we discuss the mistakes she has made. Each of them has an important lesson for others in compliance. Mistake #1: Do the code of conduct yourself. It’s far better to involve the business team both to gain their insights and get their buy in. Mistake #2: Think working inside a company is like working for their law firm. When you work in a company, even in the legal department, you need to focus on relationships and be less transactional. There’s no clock or timesheet to record billable hours. So spend the time getting to know your colleagues and building personal connections with them. Mistake #3: Disregard the rhythm of the business. Every business has its own rhythm, with busy and quiet times and its own processes for getting thing done. Take the time to learn them. Mistake #4: React immediately and strongly to evaluations. Sometimes it’s better to take a breath and understand the context as well as what drives you. Unofficial mistake #5: Not listening to this podcast. Listen now Sponsored by Case IQ, a global provider of whistleblowing, case management, and compliance solutions.

By Adam Turteltaub A good, juicy case study is great for compliance training. An artfully created scenario can also be remarkably effective, especially for ethics training. What makes them so appealing, and how do you use them best? Colin May, Adjunct Professor at Stevenson University, explains that problem-based learning is very effective for adults both for knowledge transfer and retention. It also helps people apply what they have learned. Case studies, which are based on actual incidents, and scenarios, which are fictional, also benefit from a human love of stories. When determining whether to use a case study, scenario or some other learning method, he advises first thinking about the outcome: what do you want people to take away from the training. Next, think about the debriefing after employees have had a chance to either read the case study or act out a scenario. That subsequent conversation may prove to be the most valuable part of the learning exercise. Be sure, too, to keep your case studies and scenarios current. They do have an expiration date. Even big, juicy ones can seem dated after a few years. Even something as big as Enron can get old: it happened 24 years ago, before a significant portion of your workforce was born. Finally, be sure to listen to the podcast and reach out to him through LinkedIn if you would like the tool that he referred to. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub There’s a lot of discussion about the relationship between compliance and the general counsel. Less words, though, have been dedicated to the important relationship between compliance and HR. Netherlands-based Asaf Shalev, Global Ethics, Risk & Compliance Lead for DLL rightly observes that maximizing synergy between the work of HR and compliance is a key for success of both the compliance program and the business. The departments share overlapping interests in a number of areas, including the code of conduct. He advocates both sides working closely together to ensure that it is human centric. When it comes to compensation, HR can help by building in compliance-related metrics. When it comes to discipline, HR can ensure that it is documented, consistent and fair. They can also be helpful for navigating local the labor laws that may apply. Listen in to learn more about how to make the compliance-HR relationship work from recruiting and onboarding through the entire employee lifecycle. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub Stress can be a good thing. Burnout, though, is something altogether different and very real for compliance professionals. Sarah Hadden (LinkedIn), CEO and Publisher of Corporate Compliance Insights shares in this podcast the not always encouraging data on stress and burnout from their 2025 Compliance Officer Working Conditions, Stress & Mental Health survey. The research did reveal some very good news. Compliance officers are generally happy with their work. They have a sense of purpose and feel that what they are doing is important. The findings also revealed a small but notable increase in the belief that the organization is supportive of compliance efforts. On the other side of the coin, though, only 7% said that job stress was not an issue. More concerning, 51% reported that they are experiencing burnout. What causes that burnout? A variety of factors are in play including the fast pace of regulations, personal liability fears, lack of time and resources and even AI. One of the greatest causes of stress, the survey revealed, is reporting structure, with those reporting to legal, rather than to leadership or the board, being the least satisfied and most stressed out. Listen in to learn more, unless, of course, it’s going to stress you out. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub There is a tendency to think of risk assessment as one thing and demonstrating the value of the compliance program as another. In this podcast, Catherine Bruno, Assistant Director Office of Integrity and Compliance (OIC) at the FBI shows that the risk assessment process can also be a great way to demonstrate the value of a strong compliance program. So how do they make that happen?  First, the OIC ensures that individuals who are closer to the risk, the subject matter experts at each of the divisions at FBI headquarters, as well as each field office, are involved both from the start and on an ongoing basis. Every six months the OIC requires them to spend time assessing compliance risk and put forward at least one. This process ensures participation without demanding too much of the field’s time. In advance of that meeting, the OIC conducts a training session, provides a model agenda, and may do a presentation on a particular risk area. They also require that, at the meeting, the participants also spend time examining the tier 1 risks that the OIC has identified. In the future, she is looking to better spell out the cost of non-compliance and the savings of proactive measures. But, she cautions, quantifying the benefits does not have to be based on dollars exclusively. Reputational factors can and should also be considered. Each field office is also required to provide data on the risk areas that they are tracking. That data gets compiled and gives them an opportunity to compare themselves to each other. The information is also shared at higher-level branch meetings a month later, and it helps executive assistant directors understand where field offices are focused in terms of their risks. In sum, the process provides both a better understanding of risk and demonstrates the value of the compliance program. Listen in. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub The words “works council” inspires fear and dread in the hearts and minds of many who have never worked with them. They need not, says Lisanne Winde, attorney at law at Wybenga advocaten and Alain Lambert, regional ethics and compliance officer for Central Europe at WSP. In this podcast, they share how the works council can actually help compliance teams. These entities are not unions but are specific to the company. They can be helpful for facilitating communication with employees and giving greater legitimacy to company policies. In practice they collaborate with management and can be more helpful than those unfamiliar with them may think. However, there are times when working with the works council is not just a nice to have but a requirement. Issues relating to whistleblowing and disciplinary policies are two examples. And there may be others, as well.  The laws vary by country. To make the most out of the relationship they recommend taking time to listen to what the works council says. Make sure they understand your role and the independence it has from management, and invite their participation early. It’s better to find out what issues are and benefit from their expertise early rather than too late. Listen in to learn more, then, take a deep breadth and relax next time you hear the words “works council.” Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub An audit by a Unified Program Integrity Contractor auditor, better known as a UPIC audit, can be a very scary thing. Providers are often shocked and even indignant to receive a letter notifying them of the audit and alleging fraud. Jon Rawlson (LinkedIn), President & Founder of Armory Hill Advocates, reminds us that the audit was likely not triggered by an allegation but by an algorithm catching outlier events such as a provider processing claims outside of their normal daily work, utilizing a DME, a skin substitute or some other expensive item that is outside the norm. Once you have calmed down after reviewing the letter, he advises acting immediately but calmly. Begin reviewing the documents you have been providing the Medicare program and bring in whatever help you need. And, don’t forget you have a five step appeal process that enables you to prove  your innocence. But, be mindful of the timeline the government gives. The consequences can be grave if you miss a deadline. Listen in to learn more, and if you’re a member of SCCE or HCCA, be sure to read his article on the subject in Compliance Today magazine. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub As the sun set, the chief compliance officer stared out the window, wondering how she would communicate with her workforce in a way that they would understand. As much as she looked, the answer wasn’t outside in the skies turning from blue to black. She wasn’t finding it under the white LEDs in the ceiling above her desk, either. Feeling a bit desperate, and a little bit bored, she decided to walk the halls to see if perhaps the answers were there. She got all of ten feet before a colleague stopped her,  eyes open wide and voice a little breathless, to tell her about an incident discovered and resolved. As she listened to him speak, she realized the answer was right there in front of her in the power of storytelling. Janine Fadul, Compliance and Privacy officer at GW Medicine, learned long ago to focus on the story she was trying to tell people, not just the facts. By following the elements of storytelling, she explains, you can grab people’s interest, keep it, and help them understand what you are trying to communicate. That doesn’t just apply to training. It can also be useful for communicating with leadership. Listen in to learn more about the elements of good storytelling. Then, apply them, and your compliance program may live happily ever after. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub In addition to releasing its General Compliance Program Guidance, the OIG at HHS announced plans to publish a series of Industry Segment-Specific Compliance Program Guidances (ICPG). The first of these, addressing nursing facilities, was released in November 2024. As CJ Wolf, Professor in healthcare Administration at BYU Idaho explains in this podcast, the first ICPG is instructive both for skilled nursing facilities (SNFs) and those looking to anticipate what will be coming in future ICPGs. Currently, three more are expected to be published in 2025: Medicare Advantage, hospital and clinical laboratories. Two additional ICPGs – pharmaceutical manufacturers and hospice – are also planned, but with a publication date as yet to be determined. There are several notable elements to the SNF ICPG. First, it interlinks compliance, quality of care and quality of life for patients. Second, there is an entire supplement focused on reimbursement, raising the scrutiny level of billing compliance. It addresses the prospective payment system, value-based payment models, Medicare Part D, Medicare Advantage, and Medicaid managed care, amongst other issues. When it comes to Anti-Kickback, the ICPG provides specific examples that are close to home for skilled nursing facilities. These hot points include free or below fair market value goods and services, discounts, arrangements for services and supplies, pharmacist relationships, care coordination, value-based care arrangements and join ventures. It is expected that future ICPGs will also have a focus on the Anti-Kickback statute. CJ also anticipates future guidances to continue to focus on greater accuracy and quality of care. Listen in, whether you are working at a SNF or looking to learn what likely comes next with ICPGs. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.

By Adam Turteltaub Sevda Huseynova is the Ethics and Compliance Officer for SOCAR Midstream, a state-owned enterprise (SOE) in Azerbaijan. The company manages the oil and gas export pipelines of the country. If you think working for an SOE means you don’t have to worry about compliance, she warns you to think again. SOEs still faces risk in a wide range of areas including anticorruption, sanctions, third parties and more. Investors want to ensure that the company operates up to global standards, which isn’t always easy since compliance is relatively new in Azerbaijan. SOCAR midstream is up to the task, though, she reports. The company seeks to comply with local laws as well as international standards such as those of the OECD and the UN Convention on Corruption. To meet its goals, the compliance program is based on the seven elements approach found in most compliance programs and has three tiers addressing prevention, detection and corrective actions. She advises others working in SOEs to embrace five key strategies: Gain leadership buy-in and the corresponding tone at the top Customize the program to the SOE context Build a strong compliance infrastructure with adequate support Strengthen third party management Monitor, measure and improve on a continuous basis Listen in to learn more about the challenges and opportunities of compliance programs in an SOE. Listen now Sponsored by Ethena - automated compliance training, an employee hotline, and case management, all in one tool.