C (3:32)

Well, yikes yes and no. I mean, it depends on what they're, what they're putting into a good old chat over there. But I mean, you raise an incredibly important point, Dottie. One, this is changing so fast. I mean, think about two years ago, I was also in that same boat. Like, sure, I get AI, but am.

A (3:51)

I going to use it anytime soon?

C (3:52)

No, it is here. It is real. We've talked about that. And we are going to put our data in two places that you might not want us to put it.

A (4:03)

Yeah, I mean that's, I think that's the part that, that made me say yikes. Right? It's not. Yes, of course they're using generative AI, and frankly, I mean, diligence an AI company, we want them to be using generative AI, but we want them to be using the right tools for, for the right tasks. And that's incredibly important. And you know, to your point, Megan, maybe they're not doing anything really untoward, but quite frankly, you know, it's hard to imagine very much that a director would use generative AI for that couldn't be dangerous. Like, here's just a good example, right? You know, summarize these earnings calls.

C (4:38)

Oh, I was gonna say picking restaurants for their trip to New York for the board meeting.

A (4:45)

Well, sure, I kind of doubt that's what they were thinking of when they were. I, here's what I, here's what I imagine that answer really meant was, hey, chat, GPT, read this board deck for me and tell me what's in it. Which terrifies me because, you know, if they're putting that kind of information into the model, into the 3D training model. It's now training the model and now it's available for the rest of the world to use too. So, you know, hey, just again, disclaimer to all heads up to all corporate secretaries out there. Get them the right tools. Don't wait. They're going to do it anyway. Don't make it, you know, so easy for them to get themselves in trouble. Use the right tools. Oh my goodness.

C (5:29)

Well, in trouble. And also leverage all of the opportunity and time savings and efficiencies that are out there. We can't understate that either. I mean, my biggest thing that I can't wrap my head around right now is how AI is really infiltrated itself into every tool imaginable. So it's just a matter of thinking about how I could possibly apply it to every aspect of my day.

A (5:53)

Oh, totally. I mean, totally. And look, there is going to be so much to be gained for directors, right? I mean, I'll just give a couple examples, right? So we, you know, we have a whole suite of tools that we release called Govern AI. One of the tools that, you know, some of, some of the folks that we speak with are a little concerned about is the summarization of board books and something called Smart Prep, which basically gives you key discussion topics coming out of the board materials and questions that you could ask to probe deeper on some of the topics that are in the board materials. But here's the thing, if you provide that to the management team, it helps the management team get ready for the stuff the board is going to ask them. And so if you have everybody kind of singing off the same song sheet, it just makes for a better discussion. So it's not really a, you know, it's not meant to be this crutch to get them out of reading the board materials. That shouldn't be the point. But what it can do is help everybody kind of get on the same page and create that alignment around, you know what? These are the key topics that we need to talk about. And of course you can always edit it before it goes out to the board. Right. The whole thing's editable. You know, there's always gotta be a human in the loop. But how helpful is that, right? If we, if it goes through your board deck and surfaces some issues that maybe you weren't even thinking of, it could just really help you be better prepared for a great conversation around the board tablet and sort of take things the next. So that to me has a lot of power. And the other thing that I'M excited about is the idea of using generative AI tools for that kind of scenario planning and that forecasting capability. Right. I mean, it does have ostensibly the sum total of human knowledge. It should be a little bit better than most humans are at predicting probabilities and patterns and surfacing those quickly and easily so that you can have great conversations about them. Those are the things that get me really excited. The taking the board book and feeding it into the free version of ChatGPT makes me stay awake at night.

C (7:42)

That's fair, Dottie, that's fair. But I am ever the optimist and here to to stress the excitement and enthusiasm around the. The art of the possible.

A (7:51)

Yes, indeed. Well, listen, speaking of the art of the possible, we had the opportunity to speak to two great people, interestingly about sort of the topic of whistleblowing and compliance, which honestly, it feels like one of those areas where maybe boards don't spend as much time as they should, really kind of understanding when something is potentially going wrong within the company, how is that information getting surfaced and then acted on and how can the board do a better job of just keeping their eyes on all of that? And there's so much going on right now with big companies that have had big problems that the board is now feeling all the pain of having to clean up and deal with. And maybe they just didn't have good oversight or maybe they just didn't have good processes in place. They didn't really know at all times what was happening. You know, I always try to give everybody the benefit of the doubt that if they knew what was happening, they would have done different things. Well, you know, we had the opportunity to speak to two guests who have a lot to say about that. So I think it's hopefully going to be an interesting listen and give you some food for thought.

C (8:51)

Awesome.

A (8:52)

Foreign Joining us on the Corporate Director podcast today are Neta Medev and Loidette Baimaro. Neta is the co founder and CEO of Vault Platform and Loydette is an anti corruption expert and economic crime lawyer who is also a director at Fraud Sentinel. Nada and Lloydette, thank you for joining us on the show.

D (9:18)

Thanks for having us. I'm delighted to be here.

E (9:21)

So great to be here.

A (9:23)

So I want to start by having each of you share a little bit more than the very brief introduction that I just gave you. So Loydette, why don't I start with you and you can tell us a little bit about your background and about Fraud Sentinel.

D (9:35)

Thanks, Dottie. So my background I Spent over a decade working in government as a senior Prosecutor at the UK's Crown Prosecution Service, the Cirrus Fraud Office, and what was His Majesty's Revenue and Customs Prosecution office. And in 2017 I decided to go on this rather crazy adventure of building a corporate investigations and compliance consulting firm. So I am the managing partner of Parametric Global Consulting. And then in 2025, as if I wasn't busy enough, I decided to go on another adventure of launching Fraud Sentinel, which is a joint venture between my company astraea, which is a law firm in Mayfair, and Learn Interactive, which is a learning design company.

A (10:22)

Awesome. Well Neda, I want to ask you the same question. Can you tell us a little bit more about Vault Platform?

E (10:27)

Sure. So I founded Vault Platform some seven years back ago now. And Vault is pioneering technology in ethics and compliance, creating psychological safety and a digital space for employees to raise any misconduct concerns and for companies to be able to manage their corporate investigations in a much more efficient tech enabled way. And today an AI enabled as well. And Vault is there to make companies more ethical and to help saving their boss bottom line reputation and to do the right thing for their employees as well as their shareholders. And recently very excited to join Diligent and to head the ethics and compliance tech team out of Diligent and to build a truly groundbreaking integrity proposition from within Diligent.

A (11:27)

So yeah, well, nada. We're thrilled to have you and your colleagues on the team. And today is actually a really opportune time for us to talk about something that just went into effect and in the uk and we're going to talk a little bit about the failure to prevent fraud offense under the UK Economic Crime and Corporate Transparency act that went into effect on September 1st. And so Loydetta, I hope you don't mind if I pick on you. Knowing your history, I feel like this is something that's going to be old hat for you, but could you tell us a little bit about the history of this offense and what prompted its development? What does it mean?

D (11:58)

Yeah, I mean in the conversations that we've been having with lots of people, one of the things that we said is this is really a game changer. And the reason why that is is because when we think about the genesis of this offense, it came from quite big corporate failures. So we had Fortisserie Valerie, we had Carillion. And these were companies that collapsed and caused great damage actually in their collapse. And so the failure to prevent fraud offense was really as a response to that, it was designed to tackle Fraud that wasn't necessarily what the company defends itself against externally, but really around misconduct happening within the organization. And you may be aware of the fact that we had the failure to prevent bribery offense, which came into force with the Bribery act in 2010 and really was a game changer. And we then had the failure to prevent the facilitation of tax evasion. And now we have this third type of failure to prevent offence. And what this particular offence does is that it basically transfers corporate criminal liability to large companies if they fail to have reasonable fraud prevention measures in place. If one of their associated persons commits one of the nine base frauds, we're not going to get into the technicalities of it because there's enough guidance in terms of what the government has released. But the important thing for your listeners to know is that it affects large companies. And if there is an associated person, so an employee, an agent and even somebody in your supply chain, they commit one of these nine frauds, it can mean that the company is now liable criminally and can face prosecution by the Serious Fraud Office or by the Crown Prosecution Service.

A (13:47)

And is that true for companies both inside the UK and beyond the uk?

D (13:53)

It is true for both. There is an extraterritorial element to this particular offence if that company has what is classified as a UK nexus. So, for example, if they have offices in the uk, if they have a significant trading relationship in the uk, if they have staff in the UK and they reach the criteria and the threshold in the definition of a large company, then potentially it does affect companies that are in other jurisdictions.

A (14:22)

That's really helpful. I'll just ask you one other follow up question. Annette, I want to bring you into this conversation and talk a little bit about how internal compliance teams should be getting ready for this, or hopefully already are ready for this, since it's now in effect. But I want to know, Lidette, are there particular industries or sectors that are more impacted by this than others? Are there any organizations that are exempt from this new offense?

D (14:44)

Before I answer that question, can I just tackle just one thing that I didn't say earlier, which was when we think about the offence itself, it's not just that the fraud was committed by an associated person, but it was committed for the benefit of the company or for its clients. So that's the only way in which liability transfers to the company. So if the company itself is a victim, it will not be investigated and prosecuted, but if it's for the benefit of the company, then corporate criminal liability comes into force in relation to that company. Now it affects every single sector. There is no sector that is exempt from this. We've had conversations with those in the financial services sector who say, oh, you know, we are already heavily regulated so we don't need to do anything about this. But I would really urge those in that sector to be cautious because the guidance is very clear that irrespective of how mature you think your compliance program is, you need to take another look again and simply saying we are already regulated will not be a defence. So you need to really think through what you need to do now in order to respond to this new landscape.

A (15:51)

That's a perfect segue. Ned, I want to bring you into this conversation because you work with so many internal compliance teams. So what are some of your thoughts around how they should be prepared for this new bit of regulation? How does this change what they do on a day to day basis?

E (16:06)

Well, I really want to answer that question Dottie, but would you mind if I'll insert one more question there for Lloydette actually, Because Lloydette, you're talking about how companies need to pro actively prepare and to prove that they have taken all the right measures to prevent fraud from happening. Would you mind telling us what does this mean specifically for internal whistleblowing or speak up and investigation management from your standpoint?

D (16:39)

So in terms of the government guidance, Netta, that's a great question. The government guidance is very clear that you need to have senior management, ownership and leadership in relation to compliance. In relation to this issue, you need to have in place an effective whistleblowing mechanism, a speak up channel. And you need to ensure that you as an organization either have the in house capability to undertake investigations or that you identify experts who can conduct those investigations on behalf of your organization as and when issues arise. So I think that there is something here around the renewed focus on do we have effective mechanisms for people within the organization to raise concerns. One of the things that we've been chatting about, Neta, is the fact that, you know, I speak to lots of corporates and they'll say, well you've got to speak up line, nobody uses it. And that must be great, isn't it? I mean, we're doing okay. What's the problem? We don't have anybody reporting anything. But I'm sure that you have some views on that which you might be able to share.

E (17:45)

Yeah, I might be. So Dottie, the, the really exciting gospel here and especially for me as I was building my company out of London and you know, and out of this great city is that whilst they were regulatory requirements to put a third party operated reporting system in place both in the EU and in the us. Right. So there are regulatory requirements in the us. Every public company under the Sarbanes Oxley act must have a reporting system in place in the eu. We had the very recent EU whistleblower directive that came into play a couple of years ago and that created that responsibility. Now the EU and the US are coming to this from very different perspectives. The US is there to protect the shareholders of the company, the EU is there to protect labor. However, and whilst they're, you know, wh. Once they emerged out of different schools of thought, they created a very similar requirement which is to put an effective speak up and investigation system in place. The uk on the other hand, isn't caught by any of these two, you know, major legislative requirements. And now for the first time, whilst there isn't, as far as I understand Lloyd, there isn't a firm requirement to put a whistleblower system in place. It's actually been referred to as one of the measures that allows companies to prove they have done what needs to be done in order to prevent fraud. And so that can really serve them if there is a prosecution and there is an investigation into the company to show that what they've done is to go above board and put a truly effective system in place. So Ledette, back to your comment about having a number there that no one uses, an 0, 800 or a 1, 800 number on the poster in the toilets or cafeteria somewhere. And what a shocker, no one uses it. That must say we have a great culture. Right. No, usually what it says is that the company has taken a passive approach to compliance and therefore it triggers a passive response from its, from its workforce. And the reason I'm so excited right now, growingly speaking with British businesses, but also, you know, international businesses that are crossing that, that threshold that you mentioned, Lodette, is that that this is actually now an opportunity to re establish themselves as ethical players, first and foremost inwards, right in the way they show up to their employees, to their boards and to their shareholders. So it's really about how they establish themselves. Not by creating some sort of system of fear, but by creating a system of trust and by ensuring that the tools you put out there are proactive, they create psychological safety, they tell a story to your people that this is a company that is truly about, not only speak up, but it's truly about listening as well and that it's there to, you know, to, to, to Nip misconduct in the bud.

A (21:05)

So yeah, that's super, super helpful. Lourdette, I want to ask you a little bit more about the, the offense as well. What are some of the anticipated benefits or drawbacks that you think this is going to bring to corporate governance?

D (21:18)

We think one of the key things is just to raise awareness because we understand that there is a huge amount of fraud that companies are having to deal with in terms of attacks against their systems, external issues that they're facing. But I think what this does is that it raises that internal awareness as to we're not asking for people in organizations. And I don't think this is what the government is doing, is that they want to build, build an anti fraud culture. That is what is at the heart of this, is to get businesses to think through what might be happening in their organizations and to ensure that they have proper internal controls in place, they have proper and effective platforms for speak up. That there is a culture within the organization that means that we're all accountable from the very top of the organization to all levels. And I think finally it's about making sure that people understand what they need to say, what they might need to raise, what they might need to speak up about. And so part of what we do at Fraud Sentinel is that we have, our training is really designed by experts to really help organizations tackle some of these things. Really understanding, talking to their employees and saying this is what you need to be thinking about. If you see this type of issue, you do need to raise it and you can be safe in raising that. I think the other change we're going to see if organizations are really committed to this is that we'll see senior leaders leading from the front. This isn't just something for your general counsel or your chief compliance officer or your cfo. It's actually something that should be owned by the board. It's something that should be owned not just at audit committee level, but by the CEO, by the chair, and they should be leading from the front. So I think the key message is really around turning organizations to focus on building anti fraud cultures within their organizations.

A (23:22)

That's terrific. Neda, do you have anything you want to add there? Especially, you know, because this is a show that is really geared towards corporate directors. Lloyd, I think that final point you made is so salient. Anything that you want to add there in terms of just guidance or advice to the board members listening to the.

E (23:35)

Show, I just think it's a great time for the board to re engage itself with ethics and to see Ethics as a real driver for better culture, as a real driver for growth and also as a very significant risk factor if it's done wrong for the lack of ethics or for the lack of tools that are there to discover ethics failures and breaches. And we often speak to board members who say we had all the right intentions here from the very top. And it's true that most frauds, fraud is being committed once it's the big cases that are coming to the newspapers, the big scandals, the lawsuits usually involve someone from the C suite. But it's actually in reality, most fraud is being driven kind of further into the stern of the ship. And so it's not about the good intentions of the board, it's about being able to truly, to truly invest behind an effective, proactive, inviting ethics program. And that's the kind of, you know, the biggest advice we always give to chief ethics officers is you can have the world's best performing ethics policy, the most advanced one, the most inclusive and comprehensive. At the end of the day, if you don't have the right tools that touch on every single employee in the company, then it's almost like running a super fast train on rusty tracks. It's just not going to work. You need to have the right infrastructure in place. So this is an opportunity to truly come behind this. And I'm sure the data and the insights that a company is driving on an ongoing basis from these systems would be a true revelation for the board members who will be engaged with the insights from it.

D (25:42)

I was just going to very quickly say, if that's okay, we have a few minutes which is around the fact I couldn't agree with Neta more. I think that board members and senior leaders need to look at this new compliance requirement not just as, oh gosh, another thing that we have to do and spend money on, on resource. But think about this in terms of this could potentially be a strategic advantage for our organization. When you are pitching for work, the last thing you want to be having to think about or navigate is what might have happened internally. So if you get your house in order, it allows you to think really strategically about how to drive your company forward knowing that these issues are properly resourced and properly covered within the organization.

A (26:27)

Well, I want to thank you both so much for joining us on the show today and sharing this perspective. It's been incredibly helpful and enlightening. So thank you both so much.

D (26:34)

Thank you for having us.

E (26:36)

Thank you.

A (26:37)

We've been joined today by Neta Medev and Loydette Bhai. Maro Netta is the co founder and CEO of Vault Platform and Loydet is a director at Fraud Sentinel. Thank you both so much for joining us on the show.

C (26:57)

Interesting stuff, Dottie, and I think goes really well with some of our other recent episodes around ethics and compliance in a way that it's, it's starting to shift my perspective. I mean, I very much am a in the old camp of you got to do it. It's a check the box exercise, have that hotline. Great. Let's focus on other things that matter and how that's really not necessarily the right mindset to have.

A (27:26)

Yeah, I mean, you're in good company, right, Megan? I mean, I think for the longest time that is kind of how most directors saw compliance and ethics. But the truth is there really is a lot of business opportunity to be gained by being proactive in some of these areas. And, you know, we're really focusing on this new act in the uk, the failure to prevent fraud offense. But the truth is it ties in to so much that's happening globally. It's a shifting picture right now in the compliance and ethics space, obviously, but that doesn't absolve companies of doing the right things. And in fact, the companies that aren't doing the right things are having such pain and having such bad downstream consequences. And, you know, I think back even to the episode that we did with Sharon Watkins and Cynthia Cooper, when you have a big spectacular failure of a company because of fraud like Enron or WorldCom, and that affects people for a generation. I mean, it's not just like one company suffering, it's entire ecosystems and whole sets of society that suffer. You know, especially if the company's big enough and tied in lots of ways to different parts of the economy, it can be a major, major issue that we all want to avoid. And so, you know, new laws aside or changing regulations aside, there's just a lot of compelling reasons to get smarter about this and for boards to spend a bit more time thinking proactively about this as a business growth strategy, not just as a way to keep the cops from your door.

C (28:51)

Absolutely. And thinking about how that also goes hand in hand with board's role in culture in the organization, another sort of nebulous area that we always want to talk about. But again, boards can't quite put their thumb on. They know that they want to build and be supportive of a strong culture inside the organization. But what does that mean? And what's their area of responsibility? There's.

A (29:14)

Yeah. And when you look at culture through a compliance lens. Now it actually becomes a bit more measurable, right? Because there are certain things you can measure, like, are we ever getting calls on the whistleblowing hotline? Where does that whistleblowing hotline go? You know, if you're never getting any reports, that's not necessarily a good thing. Right? It could mean that people are very uncomfortable coming forward. And so looking at those metrics can help you sort of understand what kind of a compliance culture you have within the company. What sort of ethical culture do you have? And give you some really good fodder to ask good questions. Well, Megan, that wraps up another episode of the Corporate Director Podcast, the voice of Modern Governance. Like to say a few special thank yous. First and foremost to our compliance experts Neda Medev and Lloydette Baimaro our podcast producers Kira Ciccarelli, Steve Clayton and Laura Klein our sponsors of the show, including PwC, KPMG, Wilson Sonsini, and Meridian Compensation Partners and most especially to Diligent for continuing to sponsor this show. If you like our show, please be sure to give us a rating on your podcast player of choice. Five stars only, please. You can also listen to our episodes and see more from the Diligent Institute by going to diligent.com resources thank you so much for listening.

B (30:28)

You've been listening to the Corporate Director Podcast. To ensure that you never miss an episode, subscribe to the show in your favorite podcast player. If you'd like to learn more about corporate governance and tools to help directors do their job better, visit www.digent.com. thank you so much for listening. Until next time.