I am deeply honored to announce that I have been named a Trust Across America 2019 Top Thought Leader in Trust. For the past nine years, Trust Across America has identified, and honored professionals who are transforming the way organizations do business. 

The award celebrates global professionals who walk their talk in terms of trust.  This year’s honorees come from a broad functional base, including integrity, trust, leadership, culture, compliance, ethics, reputation and risk management, governance, communications, employee engagement, sales, and customer service.

You can see the full press release HERE.  

This is a guest post from Patrick O’Kane, lawyer (UK barrister), Data Protection Officer for a US Fortune 500 company, and author of GDPR: fix it fast – How to apply GDPR to your company in ten simple steps.

“It’s too early to say!” quipped the Chinese Premier in 1972 when he was asked about the effects of the French Revolution in 1789.

It may be too early to say how hard regulators across the EU will penalize ordinary companies for breaching the EU General Data Protection Regulation (‘GDPR’)., but last week we saw the first shot across the bow.  The French CNIL fined Google 50 million Euros, which finally broke the dam.  The fine was levied under GDPR for "lack of transparency, inadequate information and lack of valid consent regarding ads personalization".

GDPR came into effect on 25th May 2018. It is a data regulation nonpareil - arguably the most-hyped compliance regulation for a generation. 

Regardless, some of the GDPR hype has died down.

At the pinnacle of the hype, GDPR was more of a phenomenon than a compliance regulation. At one stage it was reported that it had outranked Beyonce on Google Search.

Consumers received emails from needy companies asking them to consent to marketing. GDPR ‘consultants’ of all shapes and sizes filled the marketplace. London lawyers promised to salve our GDPR anxiety if only we retained their services

And then…. nothing. By July 2018, it seemed to have slipped off may board agendas.

The Other GDPR fines

As you know, the maximum fine under GDPR is €20 million or 4% of a company’s global turnover (whichever is greater).

Some of the GDPR fines levied by Regulators have been tame. Before the Google action, post GDPR-fines have been scarce, and they have not been headline-grabbing. For example:

• A German social media company was fined €20,000. The company had been hacked and 808,000 email addresses were compromised.

• An Austrian retail company was fined €4,800 fine after its CCTV captured too much of the public sidewalk.

• A Portuguese hospital was fined €400,000 after hospital staff illegally accessed patient records.

The Google fine – 3 takeaways …

Q:  I would like to become a part-time or adjunct university professor teaching compliance or anti-money laundering, but I don't really know where to start. How can I reach out to universities? Many thanks for your time and help.

Best regards,

Adjunct-in-Waiting

A: Hi Adjunct-in-Waiting,   

Thanks for reaching out.  Compliance is a hot and growing topic, especially in law schools.  Many MBA programs are adding entire courses in corporate ethics and compliance, and some undergraduate colleges are adding compliance as an offering as well. 

At first it can seem tricky to get these types of roles.  After all, they don’t normally come in your LinkedIn feed.  However, it can be fun to be known as “professor,” and if you want to give back through teaching the next generation of compliance officers, it’s worth pursuing.  Here are some tried and true ways of getting into the adjunct teaching world. 

Call Your Alma Matter

The first place I'd look is to the dean at your alma mater.  Students enjoy learning from a successful professional that graduated from the school at which they’re studying.  You become a de facto role model by exemplifying a successful career post-graduation…

Two years ago, Time Magazine’s Person of the Year was the silence-breakers of the #MeToo movement.  In late 2018, in response to the movement, many U.S. state laws came into force requiring sexual harassment training and policies for employers.  For instance, in New York, most employers are now required to implement an anti-harassment policy as well as delivering “interactive” anti-harassment training.

The public, regulator, and shareholder expectations for companies are sky-high when it comes to preventing and responding to sexual harassment.  What can you do to protect your company in 2019?  Start with these five actions.

1.     Define Who is in Charge

In most companies, sexual harassment complaints are dealt with by the human resources team.  However, the new laws are mandating policies and training – frequently topics owned by compliance.  Additionally, investigations into whistle-blower complaints relating to sexual harassment may fall into the murky area between HR and compliance.

Get ahead of the problem by defining roles.  Pro-actively talk to HR, as well as to your investigations team (if you have a separate function) so that it is clear who is in charge of which actions.  Like data privacy or modern slavery, the response to this compliance risk can’t live just in the compliance department.  A multi-functional approach is best, so get people together and make a plan.

2.     Add Questions to Your Engagement Survey

I’m SO PROUD of my team at Spark Compliance Consulting for being shortlisted for the THIRD consecutive year as Compliance Consulting Team of the Year at the International Women in Compliance Awards! You can see our press release HERE. Thank you to my amazing team in London, Los Angeles, and Atlanta. I am so grateful for each of you!

Isn’t it fun to have a brand new year ahead? I love a clean slate.  We each have 365 days of opportunities for growth.  However, it’s all too easy for this year in your career to end up exactly the same as last. To avoid this, make the following three commitments to yourself now:

1.     Commit to meeting one new person in the industry each quarter

Inspirational guru Charlie “Tremendous” Jones reminds us that, “You will be the same person in five years as you are today, except for the people you meet and the books you read.”  Commit to meeting one new person in the industry each quarter.  Put a deadline on your calendar and set a reminder every two weeks to ensure you stick to the schedule. 

By the end of the year, you’ll have four new contacts.  That doesn’t sound like much, but if you extrapolate that number to the contacts of your new contacts, your network will have expanded dramatically.  Where can you meet at least one of these four new people?

2.     Commit to going to a conference this year