From theory to action: Key insights from our Compliance in Action Virtual Summit
The regulatory landscape continues to evolve at breakneck speed, with compliance leaders facing unprecedented challenges, from geopolitical shifts to emerging technologies. Our recent Compliance in Action Virtual Summit brought together industry experts to share practical strategies for building resilient, forward-thinking compliance programs that turn regulatory complexity into competitive advantage.
Missed the live event? You can still access all sessions and expert insights by watching the full summit on demand.
6 critical takeaways from the summit
Here are the six takeaways that emerged from our expert discussions with actionable strategies you can implement immediately to strengthen your compliance program.
1. Break down compliance silos
The days of compliance operating in isolation are over. As Stefano Tortis, Head of International Compliance at Cardinal Health, emphasized during our supply chain integrity panel: "There is not a unique department in Cardinal Health that can follow all of these risks. Each department in the company looks at something different, which is also the challenge then that we need to coordinate and align each other on the results."
The solution lies in creating shared definitions and embedding compliance directly into business operations. Laurence Houlbert, Compliance Director at Chemelex, captured this perfectly: "Compliance earns its seat at the table by enabling the business and embedding review into operations."
Action items:
- Establish common definitions for compliance terms across all departments
- Leverage technology transitions (ERP, CRM implementations) as opportunities to realign systems
- Position compliance as a business partner, not an add-on function
As Andrew McBride, Founder and CEO of Integrity Bridge LLC, noted: "The more that we can do to be more coordinated and more efficient in our process, the better." Misaligned teams don't just create inefficiencies, they actively increase both risk exposure and operational costs.
2. Build crisis-ready programs
When regulatory storms hit, successful organizations execute well-rehearsed protocols. Roland van Weelden, Chief Compliance Officer, Global Anti-Trust Counsel and Company Secretary at Flora Food Group BV, said: "In moments of crisis, an investigation, a regulatory incident, success depends on a well thought out and documented process. Don't improvise, go back to the protocols, go back to the basics. Train on them and use them."
But crisis readiness extends beyond documentation. As van Weelden observed, “We need to emphasize both resilience and trust within the team. It’s important that everyone knows what they can expect from one another, especially in crisis situations or investigations. That mutual trust enables us to adapt and succeed together.”
Critical components of crisis-ready programs:
- Document clear response protocols before incidents occur
- Establish designated process owners for different crisis scenarios
- Build a culture of trust and shared responsibility within your team
- Regularly test and update your response plans
The investment in preparation pays dividends when pressure mounts. Teams with established protocols and mutual trust maintain control and effectiveness during high-stakes situations.
3. Embrace strategic AI adoption
Artificial intelligence (AI) isn't just hype, it's already a practical tool for compliance efficiency. Samantha McMackin, Senior Director of Compliance Office at Cargill, shared a pragmatic approach: "We wanted to find ways that we could use it ourselves...not just be the ones who are talking about responsible AI and helping set standards."
Cargill's success came from starting with approved, existing AI tools to solve immediate problems, like translating and summarizing cases in multiple languages, saving hours of manual work and allowing team members to focus on higher-value analysis.
However, crucial guardrails were shared during the discussion, which highlighted the importance of understanding what goes into an AI model, much like checking the ingredients on a product label. Knowing the source and quality of the data behind a large language model is essential for compliance planning. The conversation also emphasized a common pitfall: many AI projects fail because teams can't clearly define the problem they're solving or lose focus along the way.
AI implementation best practices:
- Start with approved tools that address specific, well-defined problems
- Understand the data and limitations of your AI solutions
- Communicate AI's constraints early and often to stakeholders
- Use real examples, including failures, to build appropriate guardrails
4. Align leadership on compliance goals
Kristy Grant-Hart, Head of Compliance Advisory Services at Spark Compliance Consulting, a Diligent brand, shared her framework for compliance planning: "If your plan isn’t aligned with your board or leadership, you won’t share a vision of success. Even if you think you've succeeded, they may not agree, so get buy-in early and define what success looks like together."
This alignment challenge extends beyond goal setting to resource planning. Grant-Hart emphasized the point that compliance rarely works in isolation. You need IT, HR and legal to execute. If your project timelines don't also take into account and reflect their bandwidth, your plan just isn't realistic.
Leadership alignment strategies:
- Secure upfront agreement on compliance priorities and success metrics
- Account for interdependencies with other departments in your planning
- Be prepared to reset expectations when business conditions change
- Focus on achievable goals rather than unrealistic commitments
The key is flexibility combined with clear communication. When new risks emerge or business priorities shift, successful compliance leaders proactively realign expectations rather than delivering on outdated promises.
5. Integrate ethics and compliance systems
Modern compliance programs work best as integrated ecosystems, not collections of standalone tools. The summit's closing session emphasized that compliance is evolving. It's no longer defined by policies alone. It's about effective operations, thoughtful leadership and the ability to turn principles into action.
This integration extends to every aspect of compliance operations — from speak-up programs and policy management to training and monitoring systems. When these elements work together, they drive better adoption rates and provide clearer insights into program effectiveness.
Integration benefits:
- Connected systems provide holistic views of compliance risks and trends
- Integrated training and communication efforts reinforce consistent messaging
- Unified reporting capabilities tell compelling stories about program effectiveness
- Seamless workflows reduce friction and improve user adoption
The goal is creating a compliance ecosystem where each component reinforces and amplifies the others, rather than competing for attention and resources.
5. Pressure-test business relationships
Third-party risk management goes beyond traditional due diligence. It requires challenging the fundamental business justification for each relationship. As a panelist in our supply chain integrity session reminded us, 90% of FCPA settlements involve third-party intermediaries, making this one of the highest-impact areas for compliance focus.
The discussion emphasized the importance of strong business partnerships in compliance, taking the time to engage with business teams, understand their models, operations and how they go to market is essential for building effective, aligned compliance strategies.
Relationship evaluation framework:
- Challenge the business need for each third-party relationship
- Embed compliance considerations into strategic decision-making processes
- Apply risk-based approaches that match oversight to actual risk levels
- Coordinate across departments to avoid duplicative or conflicting assessments
The most effective compliance programs don't just assess risk, they help the business make better strategic choices about which relationships to pursue in the first place.
6. Integrate ethics and compliance systems
Modern compliance programs work best as integrated ecosystems, not collections of standalone tools. The summit's closing session emphasized that compliance is evolving. It's no longer defined by policies alone. It's about effective operations, thoughtful leadership and the ability to turn principles into action.
This integration extends to every aspect of compliance operations — from speak-up programs and policy management to training and monitoring systems. When these elements work together, they drive better adoption rates and provide clearer insights into program effectiveness.
Integration benefits:
- Connected systems provide holistic views of compliance risks and trends
- Integrated training and communication efforts reinforce consistent messaging
- Unified reporting capabilities tell compelling stories about program effectiveness
- Seamless workflows reduce friction and improve user adoption
The goal is creating a compliance ecosystem where each component reinforces and amplifies the others, rather than competing for attention and resources.
Turn these insights into action
As emphasized in the closing session, progress comes through action, not just good ideas or high aspirations, not perfection, but steady, practical, structured execution. The summit's insights provide a roadmap, but implementation requires deliberate, consistent effort.
The common thread across all these takeaways is the evolution of compliance from a reactive, checklist-driven function to a strategic business partner that drives value through coordination, resilience, innovation and planning. Success comes from embedding compliance thinking into the fabric of business operations rather than treating it as an external constraint.
Modern compliance leadership means being deliberate, collaborative and aligned with business needs while maintaining the highest standards of integrity and risk management.
Ready to implement these strategies in your organization?
Download our comprehensive guide, Strengthening Compliance in Uncertain Times: Expert Guidance for the Road Ahead, for detailed frameworks and practical tools that help compliance leaders navigate regulatory complexity while building programs that protect corporate integrity and drive business value.
Keep exploring
Strengthening compliance in uncertain times
Download Diligent’s expert guide to strengthen compliance, manage risk and lead confidently through regulatory uncertainty.
Navigating regulatory changes and compliance in trade and data privacy
Navigate regulatory change and data privacy with Stephanie Font in part two of this Diligent-sponsored series on the Innovation in Compliance podcast.
Compliance risks: The board perspective
Kristy Grant-Hart discusses the biggest compliance risks facing businesses today, including modern slavery, due diligence, and AI regulations.
