Annual Compliance Summit 2025

Over 100 industry leaders, compliance professionals, and technology experts gathered in person, with more than 300 attending our live stream, to reimagine the future of compliance in an increasingly digital world.

Our annual summit explored the pillars we believe shape this future: innovation, data-led compliance, culture and value for money.

Future of Compliance Summit Agenda

• Session 1: Innovation and Data in Compliance
• Session 2: Culture in Compliance
• Session 3: Ensuring Value in Your Business
• Session 4: Benchmarking Panel

After a networking breakfast, the summit kicked off with insights into innovative practices, where we unpacked the challenges ahead, innovative solutions and the results of our recent benchmarking survey.

Session 1: Innovation and Data in Compliance

As the regulatory landscape undergoes constant change, compliance training must adapt to address emerging challenges. Innovation in compliance involves leveraging technological advancements.

Insights on Innovative Practices

Our keynote presentation saw CMS law pattern, Charles Kerrigan unpack the integration of innovation through digital platforms as well as AI and human capabilities.

Organisations are increasingly leveraging digital platforms to unify operations and enhance decision-making. These platforms offer "infinite skill" by providing a comprehensive view of inputs and outputs. Embracing digital platforms and AI means we have the potential for better efficiency and decision-making.

However, an understanding of AI's abilities and the regulations around this is vital. The effectiveness of AI depends on human capabilities. Generative AI, which gained traction in 2022, allows machines to self-train, creating unpredictability in outcomes. Understanding what goes into and comes out of AI systems is critical for informed decision-making.

The EU AI Act and global implications

1. Brussels effect
   Similar to GDPR, the EU AI Act sets global benchmarks for AI regulation. It emphasises human rights, cultural values, and societal considerations and classifies AI systems based on risk.
2. Scope and compliance
   The Act applies broadly to organisations interacting with the EU, whether through data, models, or customers. It establishes guidelines for the safe use of AI and promotes innovation while addressing risks.
3. Risk-based classification
   AI systems are classified by risk, requiring a thorough understanding of their operation. Regulation targets the system level, not individual models, to ensure broader oversight.
   
   The EU AI Act addresses several key themes to ensure responsible AI use. It prohibits misuse by governments and big tech while safeguarding consumers from undue influence, aligning with broader regulatory principles like Consumer Duty.

The Act also distinguishes between AI providers, who create systems, and deployers, who fine-tune them, acknowledging the compliance challenges that arise when customer data is used for system adjustments. Additionally, it mandates that organisations appoint individuals with AI literacy to oversee tools and ensure responsible implementation.

Regulators emphasise the importance of human oversight, expressing caution toward autonomous AI to mitigate reputational and regulatory risks.

Broader AI considerations

• Regulatory challenges
  The primary risk is hesitancy to adopt AI due to fear of compliance breaches. The EU AI Act provides a framework to mitigate these risks. Responsible and ethical AI use is emphasised, with particular scrutiny on industries like banking.

• Data management
  Regulators encourage the use of synthetic data for training to manage privacy concerns.
  Differentiating between data used for training AI and organisational data is crucial for compliance.
• Future implications
  AI has the potential to autonomously run businesses with AI agents predicted to be at the centre of many conversations. This raises concerns about accountability and governance. UK regulations are expected to align with the EU AI Act, applying horizontally across industries.
  
  AI holds immense potential but it requires careful regulation to balance innovation with societal and ethical considerations. The EU AI Act provides a roadmap for responsible AI use, emphasising risk classification, human oversight, and data management, ensuring organisations can leverage AI effectively while adhering to global standards.

How to be a Data-led Compliance Function

Our panal-discussion, moderated by Leaman Crellin CEO, Katharine Leaman, addressed the key concepts of data-led compliance and how to build a data-led compliance function. NatWest Markets' Andreea Dewsbury and Chief Compliance Officer at Haleon, Elizabeth Wilks-Wood explored the importance of data, regulator expectations and data challenges.

• Importance of data
  Effective compliance relies on working with facts, requiring a thorough understanding of available data and what it reveals. Regulators increasingly expect organisations to adopt data-driven approaches, even though specific expectations may remain ambiguous.
• Regulator expectations
  Organisations must know what data they have, draw actionable insights, and pinpoint where issues arise when things go wrong. The focus is on using data to assess compliance effectiveness, going beyond basic metrics and aggregation to develop a feedback loop that informs internal practices.
• Challenges with data
  Data sourcing involves navigating privacy concerns, particularly with sensitive employee data. Proper agreements and harmonisation across disparate systems are essential.
  Legacy systems and fragmented data references add complexity, requiring prioritisation of high-risk data and the integration of multiple Key Risk Indicators (KRIs).

Building insights involves analysing patterns in employee behaviour or communication, such as interview transcripts, to identify suspicious language or trends.

By aggregating and connecting multiple data sets, organisations can uncover correlations that enhance risk management. Testing and refining data analysis approaches is crucial, allowing successful methods to shape long-term strategies while improving less effective ones through pilot initiatives.

Steps Toward a Data-Led Approach

1. Start small with risk prioritisation
   Begin with high-risk areas and overlay data sources to identify indicators of potential problems. Use KRIs to piece together trends and focus on pinch points within the business.
2. Utilise technology
   Leverage tools to automate data analysis, enabling long-term historical reviews to understand patterns of non-compliance and pinpoint failures in controls, teams, or markets.
   Build a holistic view of employee behaviour by correlating data across different sources, including commercial data, to detect changes and behavioural trends.
3. Analyse trends and controls
   Anti-bribery data often reveals control weaknesses, particularly where processes are manual or dependent on specific individuals. Review failed controls and commercial data for behavioural insights to identify gaps. Explore the psychological drivers behind non-compliance to inform training and address root causes.

A data-led compliance function integrates risk prioritisation, data harmonisation, and advanced analytics to proactively manage compliance risks.

By leveraging insights from data, organisations can build a comprehensive view of behaviour, identify control weaknesses, and align with regulator expectations while fostering a culture of continuous improvement.

Using AI Tutors in Compliance Learning

As organisations increasingly embrace AI in compliance training, AI tutors are transforming traditional learning methods by delivering tailored, interactive, and data-driven experiences that align with the evolving needs of learners and businesses.

We unpacked the benefits of considering AI in your training programme and how Skillcast can help. AI tutors in compliance learning offer a personalised and flexible alternative to traditional one-size-fits-all courses.

By enabling learners to prompt the AI, the system identifies knowledge gaps and provides targeted guidance, enhancing relevance and effectiveness.

Organisations can embed policies, country-specific guidelines, and external references into the AI, ensuring controlled and customised responses. You can also control the 'temperature settings' of the responses.  AI tutors also allow for varying response styles, from strictly factual (cool) to incorporating external insights (warm).

An AI Tutor:

• delivers personal content/experience
• bring policies to life
• helps you control your narrative outside of your course content
• assists in understanding common questions that are being asked so you can act on it
  
  Ultimately, this enhances compliance learning with better data and metrics for continuous improvement. We have introduced our own AI Tutor, Aida, which is available for trial on our portal.

Session 2: Culture in Compliance

A strong culture of compliance is vital for fostering trust, mitigating risks, and safeguarding an organisation’s reputation. It ensures that ethical practices are upheld, reduces the likelihood of misconduct, and reinforces accountability at all levels.

Building a Culture of Compliance

In our keynote presentation on building a culture of compliance, Skillcast advisory board member, Scott Morris, shed light on how this is not only a regulatory necessity but a critical factor in maintaining long-term success and credibility.

Building a culture of compliance hinges on trust, which is essential for fostering any organisational culture. Trust influences public perception, with shifts in confidence away from financial, food, and tech industries toward luxury brands due to various scandals.

Research shows that individuals consider three key factors when assessing compliance:

1. the likelihood of being caught
2. their emotional distance from the wrongdoing
3. the severity of penalties
   
   Notable examples, such as Danske Bank’s money laundering scandal, highlight how weak compliance and poor leadership erode trust, leading to costly consequences.

Keeping Regulators Happy Through Innovative Learning

Head of mandatory learning and people capability at Standard Chartered, Ed Chedoy, explored a compliance culture through the lens of innovative learning.

Keeping regulators satisfied through innovative learning requires addressing the modern challenges of attention spans, distractions, and diverse learning preferences.

It is a fact that human attention spans are shrinking, with focus often lasting only 20–45 seconds. This is further impacted by factors such as stress, lack of sleep, poor diet, and heavy smartphone use. These factors highlight the need for short, engaging, and focused training sessions, emphasising essential messages.

Innovative techniques, such as the Pomodoro method for focused work and using concise materials like post-it notes for key takeaways, enhance retention.

Pre-assessments help validate knowledge retention, while ensuring accessibility, language options, and consideration of neurodiversity accommodates varied learning needs. Shorter, impactful training not only improves compliance but also saves significant time and costs compared to traditional e-learning.

Ultimately, regulatory training must balance innovation and clarity to deliver memorable, engaging experiences, as regulators value compliance programmes that effectively communicate and reinforce critical messages.

Reinforcing Compliance Culture in Organisations

Our second session of the day closed with a panel discussion on reinforcing compliance culture in organisations, moderated by Skillcast Advisory Board Chair David Kenmir. Afin Bank CEO, Jason Oakley and ICG Compliance Director Joanna Palmer unpacked this topic by addressing key questions.

Question 1: What are the key elements of a successful cultural change programme, and how can you ensure that your desired culture remains embedded?

Key elements of a successful cultural change programme include a clear purpose, senior leadership commitment, and a deep understanding of the existing culture. Change often stems from significant external events and is frequently resisted, so it is essential to approach it with authenticity and focus on behaviours.

Aligning policies, procedures, monitoring programmes, and expectations is crucial, as is creating an environment where employees feel supported, heard, and not overwhelmed by legislative demands.

Mandatory training plays a key role but should be delivered in a way that motivates and engages employees rather than feeling enforced. Emphasising the purpose of the change and its context helps teams understand the "why" behind it.

Embedding culture requires consistent effort, communication, and ensuring every team member contributes to the process, as small changes across a team can have a larger impact than singular efforts by leadership. The word cloud created by attendees indicates that time is a significant barrier to embedding culture.

Our panel commented by stating that time needs to be carved out. Getting the best out of an entire team is worth more than the efforts of a single manager. In challenging environments, fostering engagement and collaboration becomes even more critical to sustaining the desired culture.

Question 2: What have you learnt from situations when you've seen cultural change programmes go wrong or where poor culture has evolved?

Effective stakeholder engagement is critical to the success of any initiative. Involving stakeholders early ensures risks are identified and mitigated while their contributions and feedback enhance outcomes.

Clear communication is essential, but it should be collaborative rather than dictatorial. Third-party investors may overlook board dynamics or regulatory considerations, emphasising the importance of fostering a culture rooted in ethical behaviour and doing the right thing.

Question 3: What engagement have you seen from other stakeholders on this topic?

Stakeholder engagement on this topic has significantly increased, with stakeholders exerting more influence, particularly on reputation. Regulators are emphasising ESG agendas, driving organisations to address cultural issues and manage risks such as sexual harassment.

Employee engagement has also emerged as a critical focus, highlighting the need for staff to feel pride in their organisation as part of fostering a positive and accountable workplace culture.

Question 4: What's your top tip for the audience to bear in mind?

Focus on how your actions affect your colleagues, as this is a great way to ensure you're doing the right thing in your business. Always put yourself in the shoes of those who would be affected by misconduct, and consider how you'd feel if this were directed at you.

Compliance isn't always about clear-cut answers; it's about navigating the grey areas with pragmatism and responsiveness.

Session 3: Ensuring Value in Your Business

A robust compliance culture not only protects against legal and ethical breaches but also strengthens operational resilience and provides a competitive edge in the marketplace.

Tesco: Data-Driven Decisions in Action

Product Manager in learning technology at Tesco, Andrew Mussett, provided a comprehensive overview of the company's history of e-learning and how it has helped to enhance a compliance culture.

Key features of the e-learning system

1. Mobile-first design:
   The system prioritises accessibility, allowing employees to complete training on the go. However, system errors can disrupt operations, highlighting the importance of reliability.
2. Ensuring training completion:
   This includes empowering managers to oversee and drive employee compliance with training requirements is critical. Reporting dashboards provide real-time insights into completion rates and allow managers to monitor progress effectively.
3. Feedback and continuous improvement:
   Regular feedback is collected to identify high-performing and underperforming content. A data-driven approach is used to refine and enhance the training experience.
4. Governance and uniform processes:
   A clear governance structure ensures consistency across sites. Managers are trusted and empowered to assign and oversee training effectively, even as assigning role-specific content remains a challenge.

AI Integration

AI-driven tools, such as an AI Tutor, will enhance the user experience by directing employees to the right training and simplifying navigation.

Diverse Workforce Support

Content that is tailored to meet WHCE standards, catering to the needs of a diverse workforce, including older generations.

Improved dashboards and reporting

A centralised dashboard provides up-to-date completion data with minimal effort, enabling efficient tracking and reporting.

Customised solutions

Bespoke learning experiences, such as the click-and-learn platform tailored for Tesco, add value by addressing specific organisational needs.

A robust e-learning system supports a strong compliance culture by prioritising accessibility, empowering managers, leveraging data for improvement, and embracing AI-driven innovations. These efforts ensure that training is effective, inclusive, and aligned with organisational goals.

Session 4: Benchmarking Panel

Panel Discussion: Benchmarking Survey Results & Analysis

Our advisory board members, David Kenmir, Katharine Leaman and Scott Morris, unpacked the results of our annual benchmarking survey, which revealed industry insights and year-on-year trends.

Innovation

As technological advancements and change continue at an unrelenting pace, the emphasis is on understanding how organisations navigate innovation and manage change effectively. This involves leveraging diverse learning methodologies and complementary strategies.

• Engagement and accessibility: Relying solely on email updates is ineffective for maximising engagement or ensuring continuous learning. Embedding learning at the point of need is critical (currently at 37%) and has proven to be the most effective approach, as people need quick access to answers.
• Microlearning decline: Microlearning adoption has dropped to 29%, which is concerning given its potential to address waning attention spans. Training needs analysis must align with behavioural outcomes, proving its impact and linking to measurable results like improved customer outcomes.
• Regulatory alignment: Capturing metrics that demonstrate the impact of training on individual behaviour and customer outcomes would align well with FCA expectations, making this a powerful focus area. Messaging and communication of key insights remain vital for success.
• Diverse training routes: Users should have multiple, accessible pathways to training. Embedding learning fosters inclusivity, and creative approaches can compensate for limited budgets.
• AI adoption and integration: While AI adoption appears slow, tools like Microsoft and Google Suites already integrate AI features. Organisations should focus on leveraging AI strategically and ensuring system integration to unlock its full potential.

Data-led compliance

The responses to the data-led compliance section of our survey highlight a growing demand for higher-quality data in compliance practices. Organisations are increasingly recognising the importance of accurate, integrated, and accessible data to drive compliance efficiency and effectiveness.

However, challenges remain, including reliance on outdated tools, disconnected systems, and manual processes, which hinder progress. The discussion outlined some of the key trends and challenges.

• Current tools: It is surprising that Excel remains the dominant tool for managing compliance data, despite its limitations. The use of disconnected systems is also a concern.
• Encouraging trends: The growth of specialist digital platforms is a positive development, offering better solutions for compliance management.

Value for money

The survey responses shed light on key aspects of compliance, including cost perception, cost justification, and common obstacles.Effective compliance can serve as a business enabler, driving growth and building trust.

• Leadership opportunity: Manual processes, reported by 58% of respondents, present clear obstacles. Senior leadership should recognise compliance as a business-enabling function and drive change to streamline these processes.

• Strategic value: Justifying the cost of compliance should be seen as a competitive advantage, ultimately contributing to business growth.

• Senior management buy-in: Without senior leadership support, compliance programmes are ineffective. Compliance should be viewed as a business enabler, with the cost of non-compliance being too significant to ignore. Investment in compliance is essential, and framing it as good business sense rather than a fear-based approach is more persuasive.

Culture, conduct and ethics

While this section of the survey reveals evidence of clear and consistent leadership messaging, they also highlight areas where organisations may be falling short. Missed opportunities to reinforce culture and ethics emphasis the need for a more proactive and integrated approach to fostering a strong compliance culture.

• Legacy systems and risks: Many large institutions are hindered by outdated systems, relying heavily on email, paper, and Excel. While Excel is versatile, it poses significant risks due to challenges in data backup and transfer, highlighting the need to explore modern solutions and embrace "the art of the possible."

• Adapting to societal shifts: Compliance must address generational shifts, such as aligning control environments with the expectations of the TikTok generation. Connecting learning strategies with a robust analysis of needs ensures training is relevant and impactful.
• Compliant growth: The compliance community must focus on achieving growth that adheres to regulations without compromising customer outcomes, striking a balance between business success and ethical responsibility.

Compliance made simple

We are making compliance simpler for both learners and leaders by adopting strategies that enhance accessibility and effectiveness.

For learners

Shorter courses provide a focused and time-efficient learning experience, while simplified content ensures clarity and ease of understanding. Leveraging AI fosters an inquisitive culture, encouraging proactive engagement with compliance topics.

Additionally, tools like the Compliance Passport offer a clear and comprehensive view of obligations.

For compliance leaders

Smooth onboarding ensures that new team members quickly understand compliance requirements, minimising disruption and accelerating integration.

Clear manager dashboards provide a comprehensive view of all compliance activities, enabling leaders to monitor progress, identify gaps, and maintain control effortlessly. Actionable data further empowers leaders to make informed decisions, addressing risks proactively and ensuring compliance.

We offer various options to meet you where your organisation where it is at:

Standard Offering

- Access to E-learning content
- Basic reporting capabilities (content and data only)

Enhanced Learning

- AI-powered tool: Aida for personalised learning experiences
- Diagnostic assignments for tailored compliance insights
- Fast-track learning options for accelerated progress
- Microlearning modules for shorter, focused training

Premium Offering

- Includes all Enhanced Learning features, including the latest version of Aida
- Access to advanced compliance tools such as Declarations, Compliance surveys, Registers for ease of management.