Masters of Disaster

Stories of Risk, Ethics & Compliance. Host Leona Lewis interviews people about leadership, managing risk, ethics and compliance strategies for businesses, government, academia or society.
RSS Feed Subscribe in Apple Podcasts
Masters of Disaster




All Episodes
Now displaying: Page 3
Sep 5, 2016

Eric Feldman, Senior Vice President at Affiliated Monitors, Inc. discusses with me why third party assessments are essential to meeting the obligations outlined by the Federal Sentencing Guidelines.  We also discuss the barriers to making a decision to conduct third-party assessments that executives sometimes create for themselves. 

Third-party assessments can bring to leaders attention information that internal auditors or departments would rather not emphasize.  What you don’t know can hurt you.  Business leaders are held responsible for bad actors (or bad actions or facts) within their organizations that they do not personally know. 

It is human nature to look at the world with an optimistic bias.  Business leaders often unconsciously assume that not knowing about bad facts within their organization means that these facts do not exist.  Leaders sometimes make the mistake of believing they cannot be held responsible for bad actions they do not know. 

The line between what a business leader is held responsible for is not whether or not they had a knowledge of bad facts, but whether he or she could have known the facts using common techniques to find out.  Federal Sentencing Guidelines state this expectation in Section 8.2.B.1(a)(1), an organization shall exercise due diligence to prevent and detect criminal conduct.

The DOJ wants to see companies have an evolving, continuously improving compliance program, not a perfect one. The Federal Sentencing Guidelines includes the requirement of periodic assessment of compliance programs as part of program of continuous improvement in Section 8.2.B.19(c)(1):

[T]he organization shall periodically assess the risk of criminal conduct and shall take appropriate steps to design, implement, or modify each requirement set forth in subsection (b) to reduce the risk of criminal conduct identified through this process.

Companies need to identify whether various parts of compliance programs are working, and how the programs are impacting corporate culture.  It is important to have a third party to take a look to see whether what you are doing to make sure the company is getting accurate and complete information.

Eric R. Feldman, CFE, CIG retired from the Central Intelligence Agency (CIA) in 2011 with over 32 years of experience in Inspector General oversight and federal auditing, in both the Executive and Legislative branches of government.  He has served in executive positions with Offices of Inspector General at the Department of Defense, Defense Intelligence Agency, and CIA, and was the longest serving Inspector General of the National Reconnaissance Office (NRO) from 2003-2009. At the NRO, he presided over a highly successful procurement fraud prevention and detection program, widely recognized by the Department of Justice as a model throughout the federal government.

While serving as a Federal Inspector General, Mr. Feldman was an active member of the National Procurement Fraud Task Force at the Department of Justice and chaired the Private Sector Outreach Committee. In this role, he was a driving force behind the amendments to the Federal Acquisition Regulations requiring the mandatory disclosure of contractor fraud and the implementation of business ethics and conduct programs for federal contractors.

Mr. Feldman is a frequently sought-after speaker and author on the topics of procurement fraud detection and prevention, corporate business ethics and compliance, and managing an Inspector General function. During the last year, he has given presentations at national conferences of the Association of Certified Fraud Examiners, the Society of Corporate Compliance and Ethics, and the Association of Inspectors General.


Eric Feldman, CFE, CIG 

Affiliated Monitors, Inc. 

The Federal Sentencing Guidelines 

Aug 29, 2016

Compliance is a team sport, and building a network to share ideas, experience, and concerns is critical. The Society of Corporate Compliance and Ethics (SCCE) has played a big part in my growth as a professional and in my knowledge of the current state of the struggles and achievements of compliance practitioners.

I got the chance to talk with Roy Snell, CEO of SCCE and HCCA (Health Care Compliance Association), on the role the annual meeting plays in the careers of compliance professionals. When SCCE started, it was important to form relationships and forward the sophistication and effectiveness of compliance professionals. SCCE created every possible forum for people to share information and educate each other, allowing a framework for the profession of compliance to grow.

Personally, I am looking forward to the 2016 annual SCCE meeting, held in Chicago next month. Send me an email at if you would like to meet in Chicago at SCCE!

The Society of Corporate Compliance and Ethics (SCCE) is a member-based association for regulatory compliance professionals. SCCE was established in 2004 and is headquartered in Minneapolis, Minnesota. SCCE provides training, certification, networking, and other resources to thousands of members. Our members include compliance officers and staff from a wide range of industries. The need for guidance in meeting regulatory requirements extends to a wide range of sectors, including academics; aerospace; banking; construction; entertainment; government; financial services; food and manufacturing; insurance; and oil, gas, and chemicals. The following observation from Roy Snell is found on the SCCE/HCCA website:

One often wonders why HCCA, and then SCCE, all worked. It’s hard to know. Is it being in the right place at the right time or getting the right people involved? To me, it’s obvious that it is both. What has kept it going is a simple truth, that people who face significant challenges need to communicate with others facing similar challenges. Compliance professionals face huge challenges. The reason we continue to meet in ever-larger numbers is the very same reason the first call to Mary Dunnaway was made—to share compliance war stories and learn from each other.


2016 SCCE Chicago Conference Information

SCCE official site

Masters of Disaster® is the U.S. registered trademark of ComplyEthic Consulting LLC

Aug 22, 2016

Cecelia Jefferson discusses the unintended compliance risks of implementing technology in many different business contexts.  It is critical when seeking to close compliance gaps with technology that compliance professionals dig deeper to the problems that the technology may create in real life, for example:

  • For liquor stores, if drivers licenses can be scanned to ensure all purchasers’ ID’s are checked, what privacy and security problems does collecting drivers license information create?
  • How difficult is the new system to train across large numbers of employees?
  • Do employees face this compliance issue every day or rarely?  How does this impact the effectiveness of the proposed solution?
  • For hospitals, if the pharmacy is automated, what happens in the event the computer goes down?  Is there a manual back-up?
  • What are compliance issues discoverable by the general public, including regulators, and how does this exposure impact the decision to devote resources to the solution?
  • Are the systems flexible to be changed if regulators change their interpretation of the law or prioritization of enforcement?
  • How do the systems interact with a continually changing enforcement environment and changing laws?
  • Is the issue so closely intertwined with the company’s brand that the risk of any noncompliance can be devastating?

Everybody has the intention to be committed to compliance, but when resources need to be devoted to compliance, the company’s true commitment comes into focus.

Cecelia Jefferson is a  strategic, multi-talented compliance executive with extensive and diversified legal, compliance, and governance. She has almost two decades of experience in compliance, government and as an attorney in the state of Florida.  Cecelia is the former Director of Alcohol, Tabacco, and Firearms Compliance at Walmart, Assistant General Counsel for the Florida Agency for Health Care Administration, and has held several other roles in state regulation, enforcement, and consumer protection.



Cecelia Jefferson’s email


Twitter @cdjdst

Aug 8, 2016

Jay Rosen is back on the Masters of Disaster podcast. He celebrates five years working in the compliance and ethics industry and has seen many changes to the industry during this time.  Jay explains how two basic areas where compliance has changed:

  1. Consolidation of service providers to be the one-stop shop for general solutions for compliance programs.  Compliance officers should keep an eye on how they can benefit from specialist service providers who may have more context about relevant businesses.
  2. More information from the DOJ and SEC is now available on what government believes an effective compliance program looks like.  It is now clear that a check-the-box paper compliance program is insufficient.

We discuss the significance of internal controls and other actions companies need to take to create a culture of compliance beyond implementing tools and hiring compliance service providers. We discuss reputational risks in the marketplace and within the company with employees.

We even talk a little politics, but not too much.  Everyone gets more political talk than is healthy these days.

Jay Rosen works for Merrill Brink International and assists global companies with foreign language based investigations of potential Foreign Corrupt Practices Act (FCPA) exposure, patent and IP litigation and import/export compliance and cross-border matters. 

Jay has the experience to guide clients through both the best practices and pitfalls of translation solutions.  He helps businesses and representative counsels understand how and when to save on translation costs while minimizing business risk, essentially helping them navigate the appropriate ways to take advantage of cost-effective resources while ensuring the highest quality certified translations when necessary. 



Jay Rosen Linkedin Page

(310) 729-6746

Stanford Law School FCPA Clearinghouse

twitter @FCPA_Translate

YouTube Videos

Merrill Brink International

Society of Corporate Compliance and Ethics

Aug 1, 2016

Keith Furst and I discuss how data scientists working on compliance projects can work together better to avoid unintended consequences which prevent compliance from getting the data it needs.  It is almost impossible to have one person embody all the compliance and communication skills required in a data scientist that might allow that data scientist to understand easily and execute a data project for a compliance project.  A better understanding by compliance that there may be communication gaps is essential.  Collaboration between data scientists and compliance must occur throughout the data project.

For example, if information needs to be delivered to compliance to take next steps, assumptions can be made a substantial risk of non-compliance by leaving some information out.  Also, communication between compliance and data needs to be maintained over time checks are not in place to react to planned changes.  Changes can occur in systems, data, law or business that changes the significance of the data to compliance.

Keith Furst is a fraud detection expert with years of proven experience within a variety of financial institutions including Tier 1 wholesale banks, investment banks, foreign bank branches, commercial banks, retail banks, broker-dealers, prepaid card providers and merchant acquirers with a focus on implementing fine-tuning and validating financial crime systems.  His forte relates to transaction monitoring, customer due diligence, fraud and market abuse systems and his work included custom data analytics resulting in the identification of suspicious activity outside of the traditional surveillance models.

Keith has experience effectively working with and reporting to a diverse range of stakeholders and senior executives in compliance, technology, operations, audit, and finance.  He has managed global initiatives composed of cross-functional teams dispersed over the Americas, Europe, the Middle East and Africa (EMEA) and Asia Pacific (APAC).

He is well-versed on model risk management and has performed deep-dive assessments of banking institutions policies which resulted in enhancements to policies and model governance. With deep knowledge of Society for Worldwide Interbank Financial Telecommunication (SWIFT) message types and correspondent banking, he performed multiple risk assessments to ensure cross-border payment transparency aligns with both industry and internal policy guidelines.

Keith Furst holds an MBA from Baruch College, Zicklin School of Business.



Jul 25, 2016

Laurence Guihard-Joly is back with information showing that disaster recovery can save companies money from a study conducted by the Ponemon Institute.  Compliance leaders are always on the hunt for metrics to support the business case for compliance.  The study we discuss on the podcast, the 2016 Cost of Data Breach Study: The Impact of Business Continuity Management (BCM) from the Ponemon Institute.  The study shows how having a BCM program reduces the cost of data breaches and increases the speed of detection and repair of data breach incidents.

We also discuss what the Ponemon study means in practical terms. The increasing costs of data breaches and downtime as business becomes more reliance on 24/7 availability of data and Internet-connected products or systems.

Business Continuity Management provides the skills, practical knowledge and relationships needed for handling a crisis well. We discuss the benefits the resilience of the corporate culture from a BCM using the example of the recent flooding in Paris.

Laurence Guihard-Joly is the General Manager of the IBM Resiliency services, leading resiliency teams across the world who provide services and solutions to help IBM clients manage their risks in an increasingly “always on” world. Within the IBM Enterprise Risk Management, Laurence also leads the IBM Business Continuity Management program, with a dedicated team and a leadership BCM community across all IBM business units and corporate functions and processes.



Laurence Guihard-Joly

Previous Masters of Disaster podcast interview with Lawrence Guihard-Joly

The Ponemon Institute’s 2016 Cost of a Data Breach Study: Impact of Business Continuity Management (BCM) has produced significant findings on the worldwide challenges businesses are currently facing when it comes to identifying and confronting data breaches within their IT infrastructures.

Masters of Disaster:

Jul 18, 2016

Edward Chenard explains the significant risks go along with the potential benefits of data science.  Privacy practices in how company information is used extend to big data analytics.  The algorithms used in data analytics may not be tested or thoroughly understood even when the results of the analysis impact the lives of real people.

Data collection and use in company Big Data projects have become more strictly controlled over the past few years, as awareness of privacy requirements has increased in the data analytics community.  However, more education is still needed of how data analytics teams support company privacy requirements in the course of their work.  Good privacy practices is fundamental to maintain the trust of consumer and business customers.

New programs like Hadoop have made machine learning attainable to more data analyst teams in more companies.  The recent explosion in machine learning has exponentially increased risks associated with flaws in the algorithms built into a machine learning digital products.  Human biases and assumptions can live on in algorithms used to made determinations like wether a job is offered, credit is extended, products or services are offered.  The validity of the algorithms used and the quality of the interpretations made from the results needs questioning from multiple points of view to manage these risks. Big data is a team sport.

Edward Chenard is a data analytics advisor who inspires and motivates teams to innovate, build, launch and iterate emotional products that create better customer experiences. He is an adviser to top-tier consulting firms, investment banks, and private equity firms on digital. Global speaker about our evolving digital world.

Some people know how to build digital products but are not always good at knowing what to do with those products. Other people know what to do with digital products but cannot build digital products. Edward can do both, and is the intersection between business and technology. 


Edward Chenard’s E-mail

Edward Chenard’s LinkedIn Page

Privacy and Data Security in the Age of Big Data and the Internet of Things, U.S. Federal Trade Commissioner Julie Brill. Delivered at Washington Governor Jay Inslee’s Cyber Security and Privacy Summit, January 5, 2016,

Chris Matyszczyck, The Internet Will Vanish, Says Google’s Eric Schmidt, CNET (Jan. 22, 2015, 6:00 PM), available at

FTC Event Big Data a Tool for Inclusion of Exclusion? September 15, 2014,

Jul 18, 2016

Jonathan Armstrong from Cordery Compliance explains last week's Privacy Shield Agreement between the EU and US.  For more information see


Jul 11, 2016

Mark Duvall explains the recent changes to regulation of chemicals in the U.S., specifically, what reform to the Toxic Substances Control Act (TSCA) means. In June, President Obama signed the Frank R. Lautenberg Chemical Safety for the 21st Century Act making significant reforms to TSCA. Now we discuss what comes next. The Environmental Protection Agency has many new obligations that were formerly handled by the States. Manufacturers and processors should begin to assess their obligations and opportunities now.

Mark Duvall has over two decades of experience working in-house at large chemical companies.  His focus at the law firm of Beveridge & Diamond, P.C. has been on product regulation at the federal, state, and international levels across a wide range of programs, and occupational safety and health. 

He heads the Firm’s Toxic and Harmful Substances/Toxic Substances Control Act practice.  His experience under TSCA includes enforcement actions, counseling, rulemaking, advocacy, and legislative actions.  He chairs the TSCA Dialogue Group, an informal group of companies that manufacture, import, distribute, and sell chemicals, and related trade associations, that address possible legislation to amend TSCA and alternatives to legislation.  He also works with foreign counterparts to TSCA, including REACH and CEPA.

He has worked on green chemistry issues at the federal and state levels, as well as a variety of voluntary programs that affect products.  He has helped clients with the Emergency Planning and Community Right-to-Know Act, the Controlled Substances Act, the Chemical Weapons Convention, and other chemicals-related requirements.

He has advised clients and written and lectured on the regulation of the products of nanotechnology by FDA and by EPA under FIFRA and TSCA and on related product stewardship issues.

He is Vice Chair and former Chair of the Committee on Pesticides, Chemical Regulation, and Right-to-Know of the American Bar Association’s Section on Environment, Energy, and Resources.



Mark Duvall contact information and bio

Beveridge & Diamond TSCA Reform Resource Center

Frank R. Lautenberg Chemical Safety for the 21st Century Act (as signed by President Obama, June 22, 2016)

Now That TSCA Reform Is Here—What’s Next?

Jul 4, 2016

The skills and requirements needed for compliance roles have evolved in the last several years.  Often compliance professionals were originally trained in lawyers or auditors. Today compliance professionals need to use creativity to persuade and engage company employeres and executives to be effective.  Nicole discusses how we can all use creativity to add to our roles in compliance.

Nicole wrote the e-book Compliance with Attitude to express her point of view on creativity and compliance.  She explains that small changes can mean substantial results in compliance and improve our lives. What can we do within our work life that can make the company better?

Nicole Rose is a rare blend of lawyer, artist and trainer. She took the phrase “a picture says a thousand words” and combined it with 20 years of experience as a lawyer and trainer with my love of art and illustration.

Nicole is an avid writer and write articles and thought leadership pieces that blend her passion for neuroscience and creativity with law and compliance. She regularly writes for leading compliance publications such as The FCPA Blog, the SCCE and Ethics Intelligence and, of course, her very own Ethics Corner at



Nicole Rose

Compliance with Attitude e-book

Nicole Rose is CEO of Create Training

Jun 27, 2016

Donna Boehme discusses the evolution from “Compliance 1.0” to “Compliance 2.0.”  Compliance 1.0 was incorrectly structured as a captive arm of the Legal department.  Compliance 1.0 was a flawed model because it did not recognize the independent mandate, skill set and needed for empowerment that a Compliance department needs to be effective. Compliance 1.0 also lead to big compliance disasters found in recent headlines. Compliance 2.0 closes the gaps of Compliance 1.0 and builds a well-designed program to prevent misconduct.

We also discuss the example of the Volkswagen emissions scandal as an illustration of how the evolution of compliance is needed.  Investors and governments do not look at a compliance problem in isolation, but how that problem may indicate more widespread issues.

Donna Boehme is an internationally recognized authority in the field of organizational compliance and ethics with 20+ years experience designing and managing compliance and ethics solutions, within the US and globally.

As Principal of Compliance Strategists LLC, Donna has advised a wide spectrum of private, public, governmental, academic and non-profit entities. She is a regular columnist with Corporate Counsel, Corporate Compliance Insights, ComplianceX, and the FCPA Blog. She has been published and quoted widely on issues in the field including in The Wall Street Journal, the Boston Globe, the Washington Times, Reuters, the Economist, the Financial Times, Chicago Tribune, Bloomberg, New York Law Journal, Board IQ and Compliance Week.

A featured expert in the award-winning PBS documentary, “In Search of the Good Corporate Citizen,” Donna is frequently interviewed by the media as an authority on organizational compliance and ethics, including by Dow Jones, Fox News, Compliance Week, Canadian Business Network, Corporate Compliance Monitor and Progressive Radio Network.  She has been named to The Top Thought Leaders for Trustworthy Business in 2014 and 2015 by Trust Across America, is a recipient of the 2014 SCCE International Compliance & Ethics Award for extraordinary contributions to the field, and was named as Who Compliance Professionals Should Follow on Twitter in 2013 by ComplianceX.



Donna Boheme

Compliance 2.0: The Next Generation of Compliance

Masters of Disaster is produced by Leona Lewis, Founder of ComplyEthic Consulting LLC

Jun 24, 2016

This morning over coffee in Minneapolis USA I found out that the UK has voted to leave the EU. Like many, I am SHOCKED! How will this change life and business in the EU? Jonathan Armstrong from the UK discusses BREXIT with me.

Jun 20, 2016

Eric J. Conn explains on the Masters of Disaster podcast last month’s breaking news, OSHA issued a new final rule to “Improve Tracking of Workplace Injuries and Illnesses,” which requires hundreds of thousands of employers to submit electronically to OSHA their injury and illness recordkeeping logs (and in many instances, their detailed incident reports). More importantly, for no apparent safety reason, OSHA intends to publish employers’ injury data and incident reports online.  We discuss the possible consequences for employers and compliance difficulties.

Eric J. Conn is a founding partner of Conn Maciel Carey and Chair of the firm’s national OSHA Workplace Safety Practice Group. His practice focuses exclusively on issues involving occupational safety and health law.

Before founding Conn Maciel Carey, Mr. Conn was Head of an OSHA practice group that was honored as the “Occupational Health & Safety Law Firm of the Year” by Corporate INTL Magazine in its 2014 Global Awards. In 2013 and 2014, he was named a "Rising Star" by Washington, DC Super Lawyers, and was selected for inclusion in the Washington Post's Top Rated Lawyers list in Washington, DC.

Mr. Conn is a prolific writer on all topics OSHA related. He edited a popular OSHA law blog at another firm and authored the chapter "OSHA Inspections" in the Occupational Safety and Health Law Handbook, 2nd ed. (Government Institutes, 2008), and the chapter "Defending Clients Against the Occupational Safety and Health Administration's Increasingly Severe Enforcement Practices" in Complying with the Occupational Safety and Health Act: Leading Lawyers on Navigating OSHA Investigations and Developing Successful Compliance Strategies (Aspatore, Inside the Minds, 2012).

Mr. Conn is also a popular speaker on OSHA and related legal issues and is often quoted as a leader in the field. He created the OSHA Defense Report Group on LinkedIn and can be found on Twitter as @OSHA_Guy.



Conn Maciel Cary OSHA practice!osha-workplace-safety/c1fm0

Final Rule Issued to Improve Tracking of Workplace Injuries and Illnesses

Jun 13, 2016

Doing a training return on investment analysis can help secure your compliance training budget. Joel Smith explains how to use this tool to bolster the persuasiveness for the budget with a measurable system. The first step is defining the benefit you want to measure. Going through an ROI calculation is also important for better decision-making on the effective use of compliance resources.

Joel Smith is a corporate attorney and founder of InHouseOwl, a provider of compliance training services, and the Corporate Counsel Training Tips LinkedIn Group. Joel has always enjoyed explaining difficult concepts to people in easy-to-understand terms. To him, this is the basis of being an effective teacher. Because Joel wanted to be an effective teacher as Corporate Counsel, he dove into the best available research on employee training.  He brings the best in training research to others on his InHouseOwl blog.



Joel Smith

In House Owl

How to Calculate Training ROI (Part 1 of 2)

How to Calculate Training ROI (Part 2 of 2)

Jun 6, 2016

Masters of Disaster features Richard Bistrong, fresh from the Compliance Week 2016 in D.C. We discuss the most memorable underlying approaches to compliance talked about among thought leaders and practitioners in the field. The compliance community seems to be evolving.  Messages from both prosecutors and private industry now speak more holistically on how to view the effectiveness of a compliance program than they did a few years ago.  Compliance professionals and government prosecutors are both moving away from a myopic focus on compliance as a set of policies, to a compliance strategy focused on dis-incentivizing wrongdoing by the Chief Compliance Officer becoming a strategic partner to the business. 

Richard Bistrong is CEO of Front-Line Anti-Bribery LLC, a consultancy that engages organizations seeking to take their compliance efforts beyond the traditional "bolt-on" set of rules and procedures. Richard’s story highlights the importance of identifying both "spoken and unspoken" organizational messages, including forecasts and compensation, that might have unintentional consequences on the behavior of front-line employees who may be inadvertently rewarded for bad behavior contrary to the stated intentions of leadership. He also looks at ethical behaviors and messaging as potential red-flags of decision making. 

With respect to bribery in particular, Richard also provides a point of view on how training and tools might be created to provide those at the front-lines with a deeper understanding of why bribery is never a "win-win," which is an illusion too often embraced at the front-lines of international business. Having spent the better part of ten years living and traveling in high-risk areas through the "dark side" of international business, he shares his own perfect storm of "rationalizing bribery" as an insightful perspective to help organizations better understand how corruption is confronted at the field level of international business.

The risk of corruption in the field remains great, and corporate personnel are tasked with business growth in high-risk areas, often working among corrupt local officials, third parties, and other entities. Keeping company employees on the ethical "right side" does not happen without engagement, understanding and training. Front-Line Anti-Bribery LLC is centered on helping organizations with those "where to start" moments and the comfort that you can "fix what you know."

In other words, while you might have a robust compliance department & program, but is it understood at the front-line of business where policies & procedures meet the behaviors? Richard’s experience and journey is there to help you calibrate programs to factor in realities in the field.



Richard Bistrong  

Front-Line Anti-Bribery LLC

Compliance Week 2016


Masters of Disaster is produced and hosted by Leona Lewis, J.D. | Founder

May 30, 2016

Kristy Grant-Hart fills rin Masters of Disaster podcast listeners on how her book How to be a Wildly Effective Compliance Officer has been received since it launched.  Kristy’s perspective on the critical nature of human relations in compliance has resonated with her readers internationally. In our discussion, Kristy reflects on comments she received from readers and the future of the profession.

Kristy Grant-Hart is an expert at transforming compliance departments into in-demand business assets.  She's the author of How to be a Wildly Effective Compliance Officer and Managing Director of Spark Compliance Consulting, a boutique consultancy focusing on the creation, energizing and optimization of corporate compliance and data privacy programs.  She is also an adjunct professor at Delaware Law School, Widener University, teaching Global Compliance and Ethics. 

Before launching Spark Compliance, Ms. Grant-Hart was the Chief Compliance Officer at United International Pictures, the joint distribution company for Paramount Pictures and Universal Pictures in 65+ countries.  Ms. Grant-Hart was shortlisted for the 2015 Chief Compliance Officer of the Year award at the Women in Compliance awards. 

Ms. Grant-Hart began her legal career at the international law firm of Gibson, Dunn & Crutcher, where she worked in the firm’s Los Angeles and London offices. While at Gibson Dunn, her team was nominated for Best Regulatory Law Firm of the Year at Thomson Reuter’s Compliance Awards. She is an experienced international conference speaker, and has published articles in magazines and trade publications in the United States and Europe on anti-bribery topics and on data privacy and data transfer between the United States, the United Kingdom and the European Union. She has advised Fortune 500 companies on international compliance, and created and revamped compliance programs for major companies in Europe and the United States. 

Ms. Grant-Hart graduated summa cum laude from Loyola Law School in California. She holds certification as a Corporate Compliance and Ethics Professional – International (CCEP-I) and is a member of the California Bar.



May 23, 2016

Lisa McClennon specializes in risk management in the international arena and is a trusted authority on investigations and government enforcement. She is a seasoned global executive with 25 years of experience in federal law enforcement, compliance, and ethics. Lisa loves leading teams to prevent and detect fraud, sophisticated financial crimes, and public corruption. 

On the podcast, Lisa and I discuss her work on the U.S. federal government’s investigation of Ranbaxy USA Inc. (“Ranbaxy”), a subsidiary of Indian generic pharmaceutical manufacturer, Ranbaxy Laboratories Limited. Ranbaxy pleaded guilty to felony charges related to the manufacturer and distribution of adulterated drugs made at facilities in India. The investigation and prosecution of Ranbaxy lead to the largest federal drug safety settlement (as of May 13, 2013) of a criminal fine and forfeiture totaling $150 million plus and additional $350 million to settle civil claims under the False Claims Act and related State laws.



DOJ Press Release: Generic Drug Manufacturer Ranbaxy Pleads Guilty and Agrees to Pay $500 Million to Resolve False Claims Allegations, cGMP Violations, and False Statements to the FDA

U.S. Office of Inspector General

Fighting a culture of fraud, Fraud Magazine (interview with the whistleblower in Ranbaxy)

May 16, 2016

Trade in counterfeit goods is an insidious and growing problem worldwide. The OECD recently released a report estimating that trade in counterfeit goods has grown to approximately 2.5 % of world trade (as of 2013) or almost half a trillion dollars. 

Jason Daniels is Senior Investigation Manager (Americas) Global Security & Brand Protection for Underwriters Laboratories. Jason explains what it takes to keep the public safe from goods with counterfeit safety testing UL trademarks.

Counterfeiting crimes pose safety concerns for consumers worldwide, requiring coordinated global law enforcement efforts.  Beyond safety and reliability, trade in counterfeit goods funds organized crime and terrorism globally, posing additional threats to the public.  Underwriters Laboratories has worked with INTERPOL to create training programs to educate law enforcement, regulatory authorities and private sector investigators on intellectual property (IP) crimes and transnational organized IP crime syndicates.

Jason Daniels is the Senior Investigation Manager with Underwriters Laboratories’ Global Security & Brand Protection Unit.  His primary responsibility is to facilitate intellectual property theft investigations in the Americas and lend support to the EMEA.  Mr. Daniels has focused his efforts on combatting counterfeiting for over 13 years. 

Jason has written curriculum that has been presented throughout the United States concerning fraud investigations and has been a certified law enforcement instructor for over 18 years.  Before entering the corporate arena, Mr. Daniels was a sworn law enforcement officer in the State of North Carolina serving his last post as the Special Agent in Charge with the Secretary of State’s Office.  He is a graduate of Shaw University and continued his graduate development at the University of Louisville.   



Underwriters Laboratories Introduces Global Anti-Counterfeiting Training Program

UL about page 

Trade in fake goods has worsened to almost half a trillion dollars: OECD 

OECD study 

May 9, 2016

Jay Laramore works for SAS training business teams how to use data.  What surprises Jay is how many new contexts people want to apply data analytics today.  As data has become more available, people have more ideas where to use it.

In compliance, education of compliance teams on the possibilities of data analytics can spur new ways of gathering data and making it available to the compliance team for innovation. Jay explains that sometimes data that could be helpful simply has not been captured, resulting in a “chicken and the egg” problem where analytics cannot be applied because the data does not exist, but the data does not exist because the value of collecting the data for analytics is not known.  In these cases, education in data analytics in the organization encourages the collection of new types of data that can be used to create answers to new problems.

Often, compliance teams are faced with problems that seem unquantifiable, for example, the cost of effort spent on non-compliance problems by business teams.  Even in these cases, Jay explains that techniques exist that allow “subjective” issues of effort to be included in analytics models.

Jay Laramore is an Analytical Training Consultant at SAS where he trains clients how to build analytical solutions, and explores new technologies and methods that will revolutionize the constantly evolving analytics industry. He is a strategic, naturally curious, analytical problem solver with the ability to clearly communicate results to individuals with various backgrounds and technical acumen. Jay’s passion is not just building predictive models, but automating model building processes to deliver scalable solutions to complex business problems. 



Moneyball is Dead. Long Live Moneyball!

Spring Training, Fresh Grass and Analytics on the Field

SAS Training and Books


The Masters of Disaster® podcast is produced and hosted by Leona Lewis, Founder of ComplyEthic Consulting

May 2, 2016

Ricardo Pellafone is Founder and Creative Director at Broadcat, a legal services firm making legal and compliance accessible to non-lawyers. Broadcat makes simple, graphic content that helps employees learn their legal and compliance obligations in seconds through visual content and infographics without having to sit in front of a computer or a training room. In graphics, Ricardo matches the risks with real tasks people need to perform, simplifying the message that needs to be delivered and allowing information to be quickly absorbed.

Simplifying compliance content is not easy. It takes mastery of the legal content to tell people what they need to do to support compliance. In this interview, Ricardo explains what needs to be considered in to create effective training, in addition to enjoyable training. We also discuss governance of compliance programs and the difference between “communication” and “training.” Ricardo also gives listeners the very good advice to get out from behind their desks as much as possible to get to know the business people directly.

Broadcat can make learning about suspicious invoices simple and enjoyable.  See Broadcat’s work here  Also, do not overlook Ricardo’s interview with Compliance and Ethics Professional, a copy of the interview is available here

Ricardo Pellafone is a former Associate General Counsel WD, a Western Digital Compan,y where he built out WD's compliance investigations program and drove the content for communications and media efforts. He was also the first global compliance lawyer for the Mubadala Group, a job that was more fun than the phrase "compliance lawyer" suggests, leading investigations for a sovereign wealth company in Abu Dhabi.




Ricardo Pellafone

Apr 25, 2016

How your executives will work together in a crisis is the most important question that a company’s crisis management program needs to answers. Without a clear communication and decision-making framework, detailed plans for particular scenarios do not mean much. The major benefit of a plan is that many decisions will be settled before crisis strikes, saving precious time.

We also discuss how important it is to tell the company’s story before the public makes up their minds on what the story is, and opinions about working with company legal departments.

Bryan Strawser is Founder & CEO of Bryghtpath LLC, a global strategic advisory firm specializing in global risk, business continuity, emergency management, crisis communications, and public affairs.  Bryan is a globally recognized strategist having had a 21-year career at Target Corporation where he built the retailer’s Global Crisis Management & Business Continuity Function. Under Bryan’s leadership, Target received numerous awards from FEMA, the International Association of Emergency Managers, and the Business Continuity Institute.  At Bryghtpath, Bryan leads a team of experts that offer strategic counsel on identifying, preparing for, and managing risk to the world’s leading brands, nonprofits, and public sector agencies.





The Masters of Disaster® podcast is hosted and produced by Leona Lewis, Founder of ComplyEthic Consulting

Apr 18, 2016

This Masters of Disaster episodes features an interview with Eric Siegel, one of the most popular and well-known experts in predictive analytics and bestselling author and founder of Predictive Analytics World. 

Predictive analytics is the core of “Big Data” and machine learning. The exponential increase in data in today’s world makes predictive analytics an even more exciting tool.  Eric is also the only data scientist with a rap video on YouTube that I know. In the podcast, we discuss what predictive analytics is and the ethical nuances of reliance on predictive analytics.

Eric’s book, Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie or Die, is one of my favorite books on the topic, written in plain language with a healthy dose of humor and interesting stories.  If you have not read a book on this topic before, this is the book to read.



Predictive Analytics World

Predictive Analytics: The Power to Predict Who Will Click, Buy, Lie or Die

Rap Video, Predict This, on YouTube

Apr 11, 2016

The Masters of Disaster® podcast features Jason Meyer on how knowing one thing, your audience, improves compliance training.  From how the training is delivered to what the training covers, Jason explains that compliance training can be designed to impact the behavior of the audience. It is critical that compliance training does not just happen, rather it needs to impact results in lowering the risk of the behavior of employees.

Jason Meyer is Founder and President of LeadGood LLC. Jason has shown a career-long commitment to innovative education and the engaging communication of knowledge, as a means of improving communities, personal behavior, and business performance. He is an attorney and a Certified Ethics and Compliance Professional (CCEP) with experience as a leader on the senior management teams of several enterprises. His executive experience encompasses the fields of education, compliance, integrated services, the life sciences, government contracting, and the media.




Twitter @MeyerJasonB


The Masters of Disaster® podcast is produced and hosted by Leona Lewis, Founder of ComplyEthic Consulting LLC

Apr 4, 2016
When business services depend on millions of products and sensors connected to the internet, the importance of a system that works 24/7 increases dramatically. Outages will still happen, and natural disasters cannot be stopped, but anticipating these disasters can change how systems accommodate these risks to remain operational, seamlessly.For example, in the shipping industry when a storm or a strike closes the port of Los Angeles, shippers might all re-route to Seattle, but this could cause delays as Seattle can overload with new shipping traffic. Shippers use predictive data analytics to find the best alternative route with the fewest delays. Shippers become more resilient with the use of data to anticipate the actions of
other shippers.
IBM’s Resiliency services take a similar approach to risks in business in the continuously, rapidly dynamic nature of the internet of things.  Laurence Guihard-Joly is the General Manager of the IBM Resiliency service line, leading resiliency teams across the world who provide services and solutions to help IBM clients manage their risks in an increasingly “always on”world. Within the IBM Enterprise Risk Management, Laurence alsoleads the IBM Business Continuity Management program, with a dedicated team and a leadership BCM community across all IBM business units and corporate functions & processes.
Laurence earned the Scientific Graduation, and her Master from Lille Business University, France.  She joined a Consulting organization in 1983, before joining IBM in Paris in 1984. Laurence and her husband reside in NY, USA since 2003 with their two boys – and also lived 2 + years in Singapore.
IBM Resiliency Services
Are you ready for an always-on world? (Infographic)
Forbes Insight Report download available here
Masters of Disaster is produced and hosted by Leona Lewis, JD
Mar 28, 2016
What is “Design Thinking” and how does it apply to compliance? Design Thinking is an approach to product development, but more broadly, it is an approach to problem solving.  Popularizing “Design Thinking” is sometimes credited to the d.School at Stanford.  A good summary of the Design Thinking approach is the explanation of how students of the d.School approach product development. 

Students start in the field, where they develop empathy for people they design for, uncovering real human needs they want to address. They then iterate to develop an unexpected range of possible solutions, and create rough prototypes to take back out into the field and test with real people.  Our bias is toward action, followed by reflection on personal discoveries about process. Experience is measured by iteration: students run through as many cycles as they possibly can on any project.  Each cycle brings stronger insights and more unexpected solutions.  

Eric Lambert explains how Design Thinking can improve adoption and engagement of compliance programs.  By focusing on the needs of the “users” of the compliance program, it can be improved for both front-line employees and executive leadership, working to give them solutions that meet their needs. 

Eric is Associate General Counsel at Jostens with experience in contracts, e-commerce, marketing, supply chain, compliance, privacy, export, intellectual property, litigation management, and general in-house practice.  He seeks practical, creative, risk-appropriate solutions to facilitate business objectives.   

Eric holds a B.A. in Economics from the University of Rochester, and a J.D. from Cornell Law School.  He is a Certified Information Privacy Professional (CIPP/US).  Before joining Jostens in April 2014, Eric served as Associate General Counsel of Digital River, a leading e-commerce and e-marketing company.  Before Digital River, Eric served as a senior associate at Larkin Hoffman Daly & Lindgren, a Minneapolis-based law firm, as a member of their Intellectual Property and e-commerce group.  Eric began his career in New York, working for Emanuel Publishing Corporation (a legal publisher), Prodigy Communications LP (an internet service provider), and IntraLinks, Inc. (a Software-as-a-Service provider). Eric resides in Lakeville, MN with his wife and two sons. 



Eric Lambert  



Harvard Business Review 

« Previous 1 2 3 4 5 Next »