What does the “failure to prevent fraud” offense mean for your organization?

Please see below for a transcript from this episode:

Intro/Outro:[00:00:00] Welcome to the Corporate Director Podcast, where we discuss the experiences and ideas behind what's working in corporate board governance in our digital tech field world. Here you'll discover new insights from corporate leaders and governance researchers with compelling stories about corporate governance, strategy, board culture, risk management, digital transformation, and more.

Dottie Schindlinger: Hi everybody and welcome back to the Corporate Director Podcast, the Voice of Modern Governance. My name is Dottie Schindlinger, executive Director of The Diligent Institute, and I'm joined once again by my amazing co-host Meghan Day strategy leader here at Diligent. Meghan, how are you doing today?

Meghan Day: I'm doing great.

Dottie. I feel like we're headed into, the last bits of 2025 we're, we're into the home stretch, whether we like it or not. Hush your mouth, Meghan. [00:01:00] 

Dottie Schindlinger: I'm not ready for it to be 2026 yet. Where did this year go? It went too fast. It went too fast and I, and it's already, very much feeling like summer is in the rear view mirror.

it's the, the weather's really cold. It started to get a little bit chilly here. yeah, I'm, I'm still. Wishing I can get a beach day. Yeah,

Meghan Day: it's just not gonna happen. Not gonna happen. It's time to, to hunker down for winter Dottie and start, start planning for 2026.

Dottie Schindlinger: Well, Meghan, we have a really good episode coming up talking about, whistleblowers.

But before we get into that, I feel like we need to talk a little bit about the most recent director Confidence Index report that came out of Diligent Institute. Did you get a chance to take a look at that report? 

Meghan Day: I did, I always love the director confidence index, not because it's tens of thousands of directors, but it's just a good little snapshot of, of sentiment, little pulse check on how things are doing and well, I feel like as we've seen in other months this year, yeah, things are [00:02:00] not.

Dottie Schindlinger: Yeah. The, yeah, the, the economic conditions are what they are. I think people are flagging rest. But the part that really caught my eye, we had the opportunity to ask a number of public company directors how they're using AI and sort of how they see AI in terms of risk or, or opportunity. here were the big ones that stood out to me.

first of all. Directors really see generative AI as a top business opportunity above anything else in the current business environment that really stands out. 'cause usually we cast that question really widely and say, what do you see as the greatest opportunity? They're putting all their money on generative ai, which was pretty fascinating.

That said, there were only 2% of directors that say that they are not planning on using AI for their board work. So. Heads up, corporate secretaries, if you're not already using AI tools to help your board, they're gonna do it without you. and compare that to the 26% who said they see no role for AI in corporate governance.

Just two years ago, [00:03:00] back in May of 2023, you know, that was, more than a quarter, said like, yeah, they don't, they don't think that's ever gonna touch corporate governance. Now it's only 2% are like, yeah, I'm, I'm not already planning on using it. But here was the, here was the biggie, Meghan, here was the big eye-opener.

It was nearly half. Nearly half, 46% who admitted that they're already using AI for board work. They're using off the shelf consumer tools, like the freebie version of Chad GBT for board work.

Meghan Day: Yikes. Well, yikes. Yes and no. it depends on what they're, what they're putting into. good old chat over there.

But you raise. Incredibly important point. Dottie one. This is changing so fast. think about two years ago I was also in that same boat, like, sure, I get ai, but am I gonna use it anytime soon? No, it is here. It is real. We've talked about that and we are going to put, our data in two places that you might not want us to put it.

Dottie Schindlinger: Yeah, that's, I think that's the part that that made me say yikes, right? It's not, yes, of course they're using generative [00:04:00] ai and frankly, diligence and AI company, we want them to be using generative ai, but we want them to be using the right tools for the right tasks. And that's incredibly important.

And I, to your point, Meghan, maybe they're not doing anything really untoward, but quite frankly, it's hard to imagine. Very much that a director would use generative AI for that couldn't be dangerous. Like, here's just a good example, right. summarize these earnings calls. Oh, I was gonna say pick

Meghan Day: picking restaurants for, their, their trip to New York for the board meeting.

Dottie Schindlinger: Well, sure. I kind of doubt that's what they were thinking of when they were, I, here's what I, here's what I imagine that answer really meant was, hey. Chat, GPT, read this board deck for me and tell me what's in it, which terrifies me because if they're putting that kind of information into the model, into the 3D training model, it's now training the model and now it's available for the rest of the world to use too.

So. [00:05:00] Hey, just again, disclaimer to all, heads up to all corporate secretaries out there. Get them the right tools. Don't wait. They're gonna do it anyway. Don't make it, so easy for them to get themselves in trouble. Use the right tools.

Meghan Day: Oh my goodness, well in trouble. And also leverage all of the opportunity and time savings and efficiencies that are out there.

We can't understate that either. I mean, my biggest. Thing that I can't wrap my head around right now is how AI has really infiltrated itself into every tool imaginable. So it's just a matter of thinking about how I could possibly apply it to every aspect of my day. Oh, totally.

Dottie Schindlinger: totally. And, and look, there is gonna be so much to be gained for directors, right?

I mean, I'll just give a couple examples, right? So we, we have a whole suite of tools that we release called Govern ai. one of the tools that, Some of some of the folks that we speak with are a little concerned about is the summarization of board books and something called Smart Prep, which basically gives you [00:06:00] key discussion topics coming outta the board materials and questions that you could ask to probe deeper on some of the topics that are in the board materials.

But here's the thing. If you provide that to the management team, it helps the management team get ready for the stuff the board is gonna ask them. And so if you have everybody singing off the same song sheet, it just makes for a better discussion. So it's not really a, it's not meant to be this crutch to get them out of reading the board materials.

That shouldn't be the point. But what it can do is help everybody get on the same page and create that alignment around, these are the key topics that we need to talk about. And of course you can always edit it before it goes out to the board, right? The whole thing's editable. there's always gotta be a human in the loop, but how helpful is that, right?

If we, if it goes through your board deck. Surfaces some issues that maybe you weren't even thinking of. It could just really help you be better prepared for a great conversation around the board tablet and sort of take things the next step. So that to me has a lot of power. And the other thing that I'm excited about is the idea of using generative AI tools for that scenario planning and that [00:07:00] forecasting capability.

Right? it, it does have. Ostensibly the sum total of human knowledge. It should be a little bit better than most humans are at predicting probabilities and patterns and surfacing those quickly and easily so that you can have great conversations about them. Though, those are the things that get me really excited, the taking the board book and feeding it into the free version of Chat g pt.

Makes me stay awake at night.

Meghan Day: That's fair, Dottie. That's fair. But I am ever the optimist and here to, to stress the excitement and enthusiasm around the, the art of the possible.

Dottie Schindlinger: Yes, indeed. Well, listen, speaking of the art of the Possible, we had the opportunity to speak to two great people. interestingly about sort of the topic of whistle blowing and compliance, which honestly it feels like one of those areas where.

Maybe boards don't spend as much time as they should. Really understanding when something is potentially going wrong within the company. How is that information getting surfaced and then acted on, and how can the board do a better job [00:08:00] of just keeping their, their eyes on all of that,

And, and there's so. Much going on right now with big companies that have had big problems that the board is now feeling all the pain of having to clean up and deal with. And maybe they just didn't have good oversight, or maybe they just didn't have good processes in place. They didn't really know at all times what was happening.

You know, I always try to give everybody the benefit of the doubt that if they knew what was happening, they would've done different things. Well, you know, we had the opportunity to speak to two guests who have a lot to say about that, so I think it's hopefully gonna be an interesting listen and, and give you some food for thought.

Awesome.

Joining us on the Corporate Director Podcast today are Neta May Dev and Lode by Marrow. Neta is the co-founder and CEO of Vault platform, and Lode is an anti-corruption expert and economic crime lawyer who is also a director at Fraud Sentinel. Neta and Lode, thank you [00:09:00] for joining us on the show.

Thanks for having us. I'm delighted to be here. So great to be here. So I wanna start by having each of you share a little bit more than the very brief introduction that I just gave you. So, Ette, why don't I start with you and you can tell us a little bit about your background and about Fraud Sentinel.

Lloydette Bai-Marrow: Thanks Dottie. So, my background, I spent over a decade working in government as a senior prosecutor at the UK's Crown Prosecution Service, the Serious Fraud Office. and what was his Majesty's Revenue and Customs Prosecution Office. In 2017, I decided to go on this rather crazy adventure of building a corporate, investigations and compliance consulting firm.

so I am the managing partner of Parametric Global Consulting. And then in 2025, as if I wasn't busy enough, I decided to go on another adventure of launching Fraud Sentinel, which is a joint venture between my company, Australia, which is a, a law firm in Mayfair and Learn [00:10:00] Interactive, which is a learning design company.

Dottie Schindlinger: Awesome. Well, Neta, I wanna ask you the same question. Can you tell us a little bit more about Vault Platform?

Neta Meidav: Sure. So I founded Vault Platform some seven years back, ago now. And Vault is, pioneering technology and ethics and compliance, creating psychological safety and a digital space for employees to raise any, misconduct concerns and for companies to be able to manage their corporate investigations in a.

Much more efficient, tech enabled way. And today an AI enabled as well. And, and vault is there to make companies, more ethical and to help, saving their, their bottom line reputation and, to do the right thing for their employees as well as their shareholders. And, recently very excited to join.

Diligent and to head the ethics and compliance tech team out of diligent and to build a truly [00:11:00] groundbreaking integrity proposition, from within Diligent. So, yeah.

Dottie Schindlinger: Neta, we're thrilled to have you and your colleagues on the team, and today is actually a really opportune time for us to talk about something that just went into effect in the UK.

I know we're gonna talk a little bit about the failure to prevent fraud offense under the UK Economic Crime and Corporate Transparency Act, that went into effect on September 1st. And solo, I hope you don't mind if I pick on you, knowing your history, I feel like this is something that's gonna be old hat for you, but could you tell us a little bit about the history of this offense?

and. What prompted its development? What does it mean?

Lloydette Bai-Marrow: Yeah. I mean, in the conversations that we've been having with lots of people, one of the things that we said is this is really a game changer. And the reason why that is, is because when we think about the genesis of this offense, it came from quite big.

corporate failures. So we had patisserie Valerie, we had Carilion, and these were companies that collapsed and caused great damage actually in their collapse. And so the failure to prevent fraud offense was [00:12:00] really as a response to that. It was designed to tackle fraud. That wasn't necessarily what the company defends itself against externally, but really around misconduct happening within the organization.

and you may be aware of the fact that we had the failure to prevent bribery offense, which came into force with a bribery act in 2010, and really was a game changer. And we then had the failure to prevent the facilitation of tax evasion. And now we have this third type of failure to prevent offense.

And what this particular offense does is that it. It basically transfers corporate criminal liability to large companies if they fail to have reasonable prevent for prevention measures in place, if one of their associated persons. Commit one of the nine base frauds. We're not going to get into the technicalities of it because there's enough guidance in terms of what the government has released, but the important thing for your listeners to know is that it [00:13:00] affects large companies and if there is an associated person, so an employee.

An agent and even somebody in your supply chain, they commit one of these nine frauds. It can mean that the company is now liable, criminally and can face prosecution by the serious fraud office or by the Crown prosecution service.

Dottie Schindlinger: And is that true for companies both inside the UK and beyond the.

Lloydette Bai-Marrow: It is true for both.

There is an extraterritorial element to this particular offense if that company has what is classified as a UK Nexus. So for example, if they have, offices in the UK, if they have a significant trading relationship in the uk, if they have staff in the UK and they reach the criteria and the threshold for, in the definition of a large company, then potentially it does affect companies that are in other jurisdictions.

Dottie Schindlinger: That's really helpful. I'll just ask you one other follow-up question. Neta, I wanna bring you into this conversation and talk a [00:14:00] little bit about how internal compliance teams should be getting ready for this or hopefully already are ready for this, since it's now in effect. but I wanna know Lloydette, are, are there particular industries or sectors that are more impacted by this than others?

Are there any organizations that are exempt from this new offense?

Lloydette Bai-Marrow: Before I answer that question, can I just tackle just one thing that I didn't say earlier, which was when we think about the offense itself, it's not just that the fraud was committed by an associated person, but it was committed for the benefit of the company or for its clients.

So that's the only way in which liability transfers to the company. So if the company itself is a victim. It will not be, investigated and prosecuted, but if it's for the benefit of the company, then corporate criminal liability, comes into force in relation to that company. Now, it affects every single sector.

There is no sector that is exempt from this. We've had conversations with those in the financial services sector who say, we are already heavily regulated, so we don't need to do anything [00:15:00] about this. But I would really urge those in, in that sector to be cautious because the guidance is very clear.

Irrespective of how mature you think your compliance program is, you need to take another look again. And simply saying, we are already regulated, will not be a defense. So you need to really think through what you need to do now in order to respond to this new, landscape.

Dottie Schindlinger: That's a perfect segue. Neta, I wanna bring you into this conversation because you work with so many internal compliance teams.

So what are some of your thoughts around. How they should be prepared for this new bit of regulation. Now what? How does this change what they do on a day-to-day basis?

Neta Meidav: Well, I really want to answer that question, Dottie, but would you mind if, I'll insert one more question there for Ette actually, because Ette you're talking about, how companies need to proactively prepare and to prove that they.

Have taken all the right measures to prevent fraud from happening. Would you mind [00:16:00] telling us what does this mean specifically for internal whistle blowing or speak up and investigation management, from your, from your standpoint.

Lloydette Bai-Marrow: So in, in terms of the government guidance, Neta, that's a great question.

the government guidance is very clear that you need to have, senior management, ownership and leadership in relation to compliance. In relation to this issue, you need to have in place an effective whistle blowing mechanism, a speak up channel. You need to ensure that you as an organization either have the in-house capability to undertake investigations, or that you identify experts who can conduct those investigations on behalf of your organization as and when issues arise.

So I think that there is something here around the renewed focus on do we have effective mechanisms for people within the organization? To raise concerns. one of the things that we, we've been chatting about Neta is the fact that, I speak to lots of [00:17:00] corporates and they'll say, well, you've gotta speak up line.

Nobody uses it. And that must be great, isn't it? I mean, we're doing okay. What's the problem? We don't have anybody reporting anything, but I'm sure that you have some views on that, which you might be able to share.

Neta Meidav: Yeah, I, I might be, so Dotti, really exciting gospel here, and especially for me as I was building my company out of London and, and out of this great city is that whilst they were regulatory requirements to put, a third party operated reporting system in place, both in the EU.

And in the us right, so there are regulatory requirements in the us. Every public company under the Sarbanes Oxley Act must have a reporting system in place in the EU. We had the very recent EU whistleblower directive that came into play a couple of years ago, and that created that responsibility.

Now, the EU and the US are coming to this from very different perspectives. The US is there to protect the shareholders of the company. The EU is there to protect [00:18:00] labor. however, and whilst they're. Once they emerged out of, different schools of thought, they created a very similar requirement, which is to put an effective speak up and investigation system in place.

The UK, on the other hand, isn't caught by any of these two, major. Legislative requirements and now for the first time, whilst there isn't, as far as I understand, Lloyd, that there isn't a firm requirement to put a whistleblower system in place. It's actually been referred to as one of the measures that allows companies to prove there they have done what it, what needs to be done in order to prevent fraud.

And so that can really serve them. There is a prosecution and there is an investigation into the company to show that what they've done is to go above board and put a truly effective system in place. So Loydette, back to your comment about. [00:19:00] Having a number there, that no one uses an oh 800 or one 800 number on the poster in the, in the toilets or cafeteria somewhere.

And, what a shocker. No one uses it. That must say we have a great culture, right? No, usually what it says is that the company has taken a passive approach to compliance and therefore it triggers a, a passive response from, its, from its workforce and. The reason I'm so excited right now growingly speaking with British businesses, but also, international businesses that are crossing that, that threshold that you mentioned Lloyd at is that, that this is actually now an opportunity to reestablish themselves as ethical players.

First and foremost, inwards, right? In the way they show up to their employees, to their boards, and to their shareholders. So it's really about how they establish themselves, not by creating some sort of system of fear, [00:20:00] but by creating a system of trust and by, by ensuring that the tools you put out there are proactive.

They create psychological safety. They tell a story to your people that this is a company that is truly about, not only speak up, but it's truly about listening as well, and that it's there to, to, to, to nip misconduct in the bud. So, yeah.

Dottie Schindlinger: That's super, super helpful. Lloyd, I wanna ask you a little bit more about the, the offense as well.

I, what are some of the anticipated benefits or drawbacks that you think this is gonna bring to corporate governance?

Lloydette Bai-Marrow: So I think one of the, the key things is just to raise awareness. Because we understand that there is a huge amount of fraud that companies are having to deal with, in terms of attacks against their systems, Exter, external issues that are, that they're facing.

But I think what this does is that it raises that internal awareness as to, [00:21:00]we're not asking for people in organizations, and I don't think this is what the government is doing, is that they want to build a anti anti-fraud culture. That is what is at the heart of this is to get businesses to think through what might be happening in their organizations and to ensure that they have proper internal controls in place.

They have proper and effective platforms for Speak Up, that there is a culture within the organization. That means that we are all accountable. From the very top of the organization to all levels. And, and I think finally it's about making sure that people understand what they need to say, what they might need to raise, what they might need to speak up about.

And so part of what we do at Fraud Sentinel is that we have a, our training is really designed by experts to really help organizations. Tackle some of these things. Really understanding, talking to their employees and saying, this is what you need to be thinking about. If you see this type of issue, [00:22:00] you do need to raise it and you can be safe in raising that.

I think the other change we're going to see if organizations are really committed to this is that we'll see senior leaders leading from the front. This isn't just something for your, general counsel or your chief compliance officer or your CFO, it's actually something that should be owned by the board.

It's something that should be owned, not at just at audit committee level, but by the CEO, by the chair, and they should be leading from the front. So I think the key message is really around turning organizations to focus at, on building anti-fraud cultures within their organizations.

Dottie Schindlinger: That's terrific.

Neta, do you have anything you wanna add there? Especially I, because this is a show that is really geared towards corporate directors, Loydette, I think that final point you made is so salient. Anything that you wanna add there in terms of just guidance or advice to the board members listening to the show?

Neta Meidav: I just think it's a great time for the board to reengage itself with ethics [00:23:00] and to see ethics as a, as a real driver for, for better culture, as a real driver for growth and. Also as a very significant risk factor if it's done wrong, right? for the lack of ethics or for the lack of tools that are being, that are there to discover ethics, failures, and breaches.

And we often speak to board members who say, we had all the right intentions here from the very top, and it's true that most fraud is being committed. whilst, whilst it's the, the big cases that are coming to the newspapers, the big scandals, the lawsuits usually involve someone from the C-suite.

But it's actually, in reality, most fraud, is being driven kind of further into the stern of the ship. And so it's not about the good intentions of the board, it's about being able to truly. To truly invest behind a, an [00:24:00] effective, proactive, inviting ethics program. And that's the kind of, the, the biggest advice we always give to chief ethics officers is you can have the world's best performing ethics policy, the most advanced one, the most inclusive.

And comprehensive. At the end of the day, if you don't have the right tools that touch on every single employee in the company, then it's almost like running a super fast train on Rusty tracks. It's just not gonna work. You need to have the right infrastructure in place. So this is an opportunity to truly.

come behind this, and I'm sure the data and the insights that a company is driving on an ongoing basis from these systems would be a true revelation for, for the board members who, who will be engaged with, who the insights from it.

Lloydette Bai-Marrow: I'm just gonna very quickly say, that's okay. We have a few [00:25:00] minutes, which is around the fact I, I couldn't agree with net anymore.

I think that board members and and senior leaders need to look at this new compliance requirement, not just as, oh gosh, another thing that we have to do and spend money on and resource, but think about this in terms of this could potentially be a strategic advantage for our organization. When you are pitching for work, the last thing you want to be having to.

Think about or navigate is what might have happened internally. So if you get your house in order, it allows you to think really strategic about how to drive your company forward, knowing that these issues are properly, resourced and properly covered within the organization.

Dottie Schindlinger: Well, I wanna thank you both so much for joining us on the show today and sharing this perspective.

It's been incredibly helpful and enlightening. So thank you both so much. Thank you for having us. Thank you. We've been joined today by Neta Meidav, and Lloydette Bai-Marrow. Neta is the co-founder and CEO of Vault platform, and Lloydette is a [00:26:00] director at Fraud Sentinel. Thank you both so much for joining us on the show.

Meghan Day: Interesting stuff, Dottie, and I think. Really well with some of our other recent episodes around ethics and compliance in a way that it's, it's starting to shift my perspective. I very much am a. In the old camp of you gotta do it, it's a check the box exercise, have that hotline. Great. Let's focus on other things that matter, and how that's really not necessarily the right mindset to have.

Dottie Schindlinger: Yeah, you're in good company, right, Meghan? I think for the longest time that is. Kind of how most directors saw, compliance and ethics. But the truth is there really is a lot of business opportunity to be gained by being proactive in some of these areas. And, and, you know, we're really focusing on this new act in the UK the failure to prevent fraud offense.

But the truth is it ties [00:27:00] in to so much that's happening globally. There's, it's a shifting picture right now in the compliance and ethics space. obviously. But that doesn't absolve companies of doing the right things. And in fact, the companies that aren't doing the right things are having such pain and having such bad downstream consequences.

And, you know, I I, I think back even to the episode that we did with Sherron Watkins and Cynthia Cooper, you know, when you have a big, spectacular, failure of a company because of fraud like Enron or WorldCom. That, that affects people for a generation. it's not just like one company suffering it's entire ecosystems and, and whole sets of society that suffer.

You know, especially if the company's big enough and tied in lots of ways to different parts of the economy, I, it can be a major, major issue that we all want to avoid. And so, you know, new laws aside or changing regulations aside, there's just a lot of compelling reasons. To get smarter about this and for boards to spend a bit more time thinking proactively about this as a business growth strategy.

Not just as a [00:28:00] way to keep the, the cops from your door.

Meghan Day: Absolutely. And, and thinking about how that also goes hand in hand with board's role in culture in the organization. Another sort of nebulous area that we, we always want to talk about, but again, boards can't. Quite put their thumb on. They know that they want to build and be supportive of a strong culture inside the organization.

But what does that mean? And what's, what's their area of responsibility there?

Dottie Schindlinger: Yeah. And when you, and when you look at culture through a compliance lens, now, it actually becomes a bit more measurable, right? Because there's certain things you can measure, like. Are we ever getting calls on the whistleblowing hotline?

Where does that whistleblowing hotline go? if you're never getting any reports, that's not a necessarily a good thing, right? it could mean that people are very uncomfortable coming forward. And so looking at those metrics can help you sort of understand what kind of a compliance culture you have within the company.

What sort of ethical culture do you have and, give you some really good fodder to ask good questions. Well, Meghan, that wraps up another episode of the [00:29:00] Corporate Director Podcast, the Voice of Modern Governance, like to say a few special thank yous, first and foremost, to our compliance experts, Neta Meidav, Lloydette Bai-Marrow, our podcast producers, Kira Ciccarelli, Steve Clayton and Laura Klein, our sponsors of the show, including PwC, KPMG, Wilson Sonsini and Meridian Compensation Partners, and most especially too diligent for continuing to sponsor this show. If you like our show, please be sure to give us a rating on your podcast Player of Choice five Stars only, please. You can also listen to our episodes and see more from The Diligent Institute by going to diligent.com/resources. Thank you so much for listening.

Intro/Outro: You've been listening to the Corporate Director Podcast. To ensure that you never miss an episode, subscribe to the show in your favorite podcast player. If you'd like to learn more about corporate governance and tools to help directors do their job better, visit www.diligent.com.

Thank you so much for listening. Until [00:30:00] next time.