Megan Day (3:11)

It just brings up a lot of questions. I mean, we are used to instant feedback, sending things. When it comes to us, you want to have that type of conversation and that flow when you are discussing important things. Like we live in this very mobile, disconnected or decentralized world, I should say. And so it's hard to get everybody in the same room together to have those conversations. Not to defend their choices by any stretch of the imagination. But yeah, I could see this happening a lot. There's a lot we don't know about probably.

Dottie Schindlinger (3:46)

Well, there's a lot we clearly are going to be knowing about because if they keep, if they keep accidentally including reporters, we're going to learn everything. Listen, this relates so beautifully to the conversation that you had for our podcast today. Megan, you had the opportunity to speak to one of our newest colleagues, Christy Grant Hart, who's the vice president and head of advisory services at Spark Compliance, which is now a diligent brand. We're delighted to have her on board. And you had the opportunity to talk to her about the way the compliance profession is changing and talk about compliance. Talk about not being in compliance.

Megan Day (4:17)

Well, Johnny, it just like you talk. You saying that right now just has me almost in stitches because I am envisioning like senior members of our government going through like the little compliance training widgets that like we all have to.

Dottie Schindlinger (4:31)

Go to on a regular basis and just hitting ignore.

Christy Grant Hart (4:35)

Yes.

Megan Day (4:35)

I don't know, it just, it makes me laugh. I should might be not be laughing.

Dottie Schindlinger (4:42)

But laughing, sort of like gallows humor style of laughing I think is really.

Megan Day (4:47)

Where we are right now.

Dottie Schindlinger (4:48)

Well, listen, before we get to Defcon 3, let's listen to your interview with Kristy Granthart and maybe we can come back and talk a little bit about how to apply some of the lessons she shared with members of our federal government.

Megan Day (5:06)

Joining us on the corporate director podcast today is Kristy Grant Hart. Kristy is the vice president and head of advisory services at Spark Compliance, a diligent brand. Christy is also an author and former CEO and cco. Christy, welcome to the show and welcome to the diligent team.

Christy Grant Hart (5:26)

Thank you. Could I be More excited? I don't think so. It's so much fun. We're about seven weeks in now to our diligent relationship and I couldn't be happier with it.

Megan Day (5:36)

Love it. Well, let's find out a little bit more about yourself, about Spark Compliance.

Christy Grant Hart (5:41)

Sure. So I am a former FCPA defense attorney. Worked on a couple of corporate monitorships with the law firm of Gibson Dunn. 2011 they moved me to London to work on a LIBOR financial services investigation. Ended up marrying a Brit and staying. So I became a director of compliance for Europe, the Middle east and Africa, handled 100 countries and then became a chief compliance officer at the joint venture of Paramount and universal pictures, again 65 countries managing that and then nine years ago started Smart Compliance. We're a consulting and training company that seven or eight weeks ago was acquired by Diligence. So I couldn't be more pleased to be part of this diligent journey.

Megan Day (6:26)

Well, I feel like we could probably have a whole episode on FCPA and what is happening there. But want to open up the lens a little bit and, and talk about what you think are some of the biggest compliance risks facing businesses today. You know, what are some things they might be think, not be thinking about at the company level. What can we be doing to better wrap our arms around compliance risk?

Christy Grant Hart (6:48)

Well, I think that the biggest risk right now is just the uncertainty and the chronic changing that is happening constantly. It's very difficult to execute a well thought out plan when those plans get jumped out the window every 24 hours. But in terms of things that I think people aren't paying enough attention to besides putting out those fires and responding to them, I don't think that there's enough focus on what's happening in the modern slavery, human trafficking, due diligence space. There are more and more transparency requirements. If we're looking at, you know, Canada with $250,000 fines, if you get it wrong, there's also all the things happening in Europe with the different transparency directives as well as the Forced Labor Prevention act. That's going to stop products going in to Europe, the European Union if there's forced labor thought that may be part of their supply chain. So huge amounts there. And the second thing I think is really under the radar is the local AI regulations. So people know about the EU AI act typically, but because the federal U.S. government isn't jumping in and is unlikely to, what we're actually seeing is states and even cities jumping in. And so you end up with all of these various requirements for disclosure, including things like I believe it's Chicago. If you use AI in human resources recruiting, you have to post about it and tell everyone and there can be individual fines for not. So I think that trying to get your head around not just the big, but the small AI regulation pieces is incredibly challenging right now.

Megan Day (8:23)

Well, that certainly gives us a lot to talk about. And tied into that, we, we recently published a survey of U.S. public Company Board directors, our what Directors Think report, which we do in partnership with Corporate Board Member and FTI Consulting. And in that survey we noticed though, that regulatory compliance ranked relatively low on the list of company priorities for this year and also low on the list of items directors wanted to discuss at their next board meeting. Where is the love for compliance? What is your take on this, Kristie?

Christy Grant Hart (8:53)

Well, I think the first question mark is what do they mean by regulatory compliance? Because if you're looking at the same types of regulations that you've been complying with for year on year, say you're in financial services or insurance or in healthcare, then maybe that isn't as important as the more global compliance and ethics. That includes things like culture, investigations, those types of pieces, conflicts of interest, management, where they can actually be very, very problematic if you're not paying attention to them because of what they tell you about the culture and how your company is going. And I mean, look, to a certain degree it makes sense, right? But the middle, the minute you get those executive orders in and suddenly people are responding to chaos, then I think that might have changed. The answer is perhaps depending on when you had this survey done. But ultimately, you know, culture is a major driver of business profitability and talent retention. So if you aren't paying attention to what's going on in the compliance world and certainly how it affects your own company, I think that that's not a great way of approaching things from a director or C suite member.

Megan Day (9:57)

In that same survey, we also asked directors about mitigating bribery and corruption risk in their supply chain. Only 65% of respondents said their company had implemented ethics and and employee training. 60% had regular audits, and almost a quarter, 22% said they didn't know whether their company had any action in this regard. What is your reaction on this? How can boards really ensure their company is mitigating bribery and corruption in their supply chain and heck, in their organization, given the state of the United States right now?

Christy Grant Hart (10:33)

Oh my. So look, I, I think part of this is the word supply chain. So if we're talking about the whole breadth of the supply chain, there frequently aren't a lot of high risk suppliers. And so to a certain degree, if you're just looking and using a risk based approach throughout the whole supply chain, it might not be necessary. Now if those companies aren't vetting distributors, resellers, consultants that are opening new markets, then that's crazy. So I think to a certain degree it depends on what you're actually looking at. But the training number is what's baffling to me because anti bribery training is really pretty basic for most companies. And especially if even if it's stuffed into the code of conduct training that you get, that's five minutes of that is dealing with bribery or anti bribery, that is a shockingly low number to me in terms of what I would tell companies that that training, if you don't have any of it, it truly is, it's indefensible. So even if at this, and by indefensible, I mean to a prosecutor, regulator, somebody looking at your program, even to potentially your customers or the people that you're serving, that it will be indefensible to them as well. The fact of the matter is training is pretty much ground zero. So the fact that you have as many people doing regular audits, that 60% is actually higher than I would anticipate because a lot of companies don't put that kind of money and effort in. But not having training is just baffling. I mean we just saw that despite what's happening in the federal government, US, the state AGs are enforcing bribery laws. And recently UK, France and Switzerland announced a joint task force for anti bribery. So not doing the training is very, very short sighted.

Megan Day (12:22)

At the least it seems like that is something you can easily tick the box for. Not that compliance is a check the box exercise, but as you said it, this is such a foundational piece of having a strong program and practice inside your organization. So we also asked directors which Personas outside the CEO and CFO they wanted to hear from more in board meetings. And Christy, unfortunately chief compliance officer ranked pretty low on that list. You know this, this aligns what we hear from compliance leaders anecdotally too, that they sometimes feel neglected by their boards or not given the time or resources they need. What advice would you give to directors to ensure that compliance leaders are heard? And in reverse, what would you give advice to compliance leaders to advocate for themselves?

Christy Grant Hart (13:15)

I would advocate that this survey is very sad in terms of the outcomes of it. I would remind directors of their personal responsibilities under many laws as well as the Reputational issues that come if they face compliance meltdowns on their watch from. I think a lot of the challenge though does come from that second question, which is what can compliance officers do better? There is a tendency in our industry to report on what you are doing, which is your activities. No one cares what your activities are. And especially boards of directors, you know, they don't want a litany of what you've been up to. They want to understand forward looking risk, not just backwards looking risk. So the more that people can be that strategic partner, which I think is an. It's an overused phrase, but it's a real one. If you can get into forward facing risk and storytelling about what's happening and what's coming, that makes you much more interesting to listen to than if you are backwards looking and reporting on activities.

Dottie Schindlinger (14:18)

That's great advice.

Megan Day (14:20)

We also tend to hear from board members that they struggle to oversee culture in their organizations. Any tips for directors on improving their oversight in this area?

Christy Grant Hart (14:30)

Yeah, absolutely. I think the doj, when it came out with its update to the evaluation guidelines for corporate compliance programs, it really upped the bar in saying that boards need to understand culture. And that's a really hard ask to be fair. Right. These people don't go to work every day on the ground and see what everyone is saying, but they're responsible for it regardless. And so, by the way, I've written a white paper about this topic if you want to link to it. Happy to have you have it. Because there isn't one specific input that tells you what's happening in culture. What it really is is a mix of subjective and objective points of view. So it can be things like exit interview data, it can be culture surveys, whistleblower statistics, focus groups. There's all sorts of ways of understanding what's happening with the culture. So if I were the board, the directors, I would tell the compliance officer, go get that information, synthesize it and tell me what the trends are. Because I don't have time to look at all these data points, nor can I put them all in context. So compliance officers can do a great service for the board by putting together a plan and monitoring how these different metrics are behaving.

Megan Day (15:43)

Love that idea. Any best and final thoughts for our audience?

Christy Grant Hart (15:48)

Yeah, I mean, look, compliance doesn't seem important until it's the only thing when you're responding to big problems. Right? And that sometimes happens with investigations, whether that's a regulatory investigation or whether it's an internal investigation. But the thing is, compliance does still matter even in this environment. Fines and statute of limitations, reputational damage, they're all still out there. So please make sure you're still paying attention.

Megan Day (16:14)

Definitely. Well, Kristi, before we wrap, we have a couple of questions that we ask all of our guests. The first is what do you believe will be the biggest difference between boardrooms today and 10 years from now?

Christy Grant Hart (16:26)

I think it's going to be how information is synthesized. So live dashboards, live monitoring, live metrics, I think will be much more part of the conversation. So it's less of big board books with lots of different pieces of information that they're reading in PDF format or something like that, and actually looking at more live data to talk about what's happening in real time.

Megan Day (16:47)

Love that. What was the last thing you read, watched or listened to that made you think about governance in a new light?

Christy Grant Hart (16:55)

So I don't know if everyone listening has seen the HBO Max program, Silicon Valley.

Megan Day (17:02)

Absolutely.

Christy Grant Hart (17:03)

It's fantastic. But I'm rewatching it now partially as with the viewpoint of being a former CEO of a small company, now part of a big one, and just how scrappy they are, but how much they need real CEO leadership when you become a bigger company and the directors being a couple of sort of, you know, hangers on, versus actually having big directors who understand what they're doing and have a background in it. Really watching it again from that perspective has been pretty fascinating to say. We really do need, you know, the adults in the room, as it were, to be running the ship because it matters.

Megan Day (17:40)

I love that. Well, Christie, what is your current passion project?

Christy Grant Hart (17:46)

So two years ago, I took up the aerial silks. Oh, wow. So hanging. Hanging from the ceiling like a circus performer, Cirque du Soleil style. I go three times a week. I did my first performance at a recital. I had 12 people come support me. It is the best. When you're hanging upside down 6, 16ft in the air, you can't think about anything else. And that is a really good way of being.

Megan Day (18:12)

I love that. That sounds like a welcome distraction right now for sure. Well, Christy, thank you so much for joining us on the show today.

Christy Grant Hart (18:20)

Thanks for having.

Dottie Schindlinger (18:21)

Megan, thank you so much for that interview with Christy. First of all, how much do you just love Christy's energy? She's just so phenomenal. Yeah, I mean, she's just the best.

Christy Grant Hart (18:37)

You know what?

Megan Day (18:37)

I think it flips on its head a little bit. The average expectation for a compliance executive, a chief compliance officer. She brings a lot of energy. She brings a lot of strategic thinking. And I think to some of the things that we talked about, a lot of people overlook that that is hugely valuable for your compliance leadership.

Dottie Schindlinger (19:01)

Hugely valuable. And also from a strategic lens, looking at compliance as a strategic asset for the company. I think too often boards and audit committees kind of look at compliance as the people we must bring in a few times a year to check some boxes or if something goes wrong, that we drag them in to help us figure out how to get out of the mess. But frankly, there's a lot of ways to sort of look at compliance through a different lens. And Christie's a really good example of people who are doing that. You know, she's kind of looking out across the landscape to understand what are some of the things that are coming up next and how do we need to make sure that the company is positioned well to address them and to deal with them, and how do we just make sure that we keep everybody safe and doing the right things? I mean, that's really, you know, at the end of the day, that's sort of the name of the game of compliance. But also, I have to say, Megan Christie's a perfect example. Every time I would go to our annual user conference, I would find myself gravitating to the compliance sessions. And you might think, why aren't they the driest? Oh, no. Oh, no, no, no. These people have the best stories because they have the stories of the people who do the wrong things and how they got it cleaned up and what came as a result. And it's like walking into a Grisham novel, into every one of those sessions. It is so fun. And they are often some of the people with the best senses of humor.

Megan Day (20:19)

That's been a theme in this episode. I feel like sometimes that sense of humor carries us through these tough situations.

Dottie Schindlinger (20:25)

I think it's got to.

Megan Day (20:27)

I was going to say, maybe hanging upside down is part of the trick too. Maybe we all need to embrace some aerial yoga. Aerial gymnastics.

Dottie Schindlinger (20:36)

Aerial yoga. Yes, I know. I really wanted to say to her, like, Pixar, it didn't happen. I gotta see the aerial yoga. I mean, it sounds incredible. It sounds incredible. Well, that wraps up another episode of the Corporate Director Podcast, the voice of modern governance. Like to say a few special thank yous. First and foremost to our brilliant compliance expert, Christy Grant Hart, podcast producers Kira Ciccarelli, Steve Clayton and Laura Klein, our sponsors for the show, PwC, KPMG, Wilson Sonsini and Meridian Compensation Partners. And most especially, thank you to Diligent for continuing to sponsor this show. If you like our show, please be sure to give us a rating on your podcast. Player of choice. Five stars only, please. You can also listen to our episodes and see more from the Diligent Institute by going to diligent.com resources thank you so much for listening.

Podcast Announcer (21:25)

You've been listening to the Corporate Director Podcast. To ensure that you never miss an episode, subscribe to the show in your favorite podcast player. If you'd like to learn more about corporate governance and tools to help directors do their job better, visit www.digent.com. thank you so much for listening. Until next time.