Compliance is not a function.
It is a character.

We work with organisations that have decided to make integrity part of who they are — not just what they report.

Years of practice

Satisfied clients

Professionals trained

Projects delivered

How we think

Culture over control

Rules define boundaries. Culture shapes decisions. We focus on the second — because boundaries alone have never been enough.

The honest majority

Most people in most organisations come to work wanting to do right. A compliance programme worth its name starts from that truth.

Integrity as a living practice

What works today may need rethinking tomorrow. We build programmes that are designed to evolve — because the world they operate in never stops changing.

Our full philosophy →

What we do

Compliance programme design

Compliance training and awareness

Third-party audits and due diligence

Policy and procedure development

Speak-up culture and whistleblowing systems

Compliance risk assessment

All services →

"Compliance earned my respect the hard way. Not through a framework — through the moments when a framework was not enough, and something deeper had to take its place."

Tayfun Zaman — Founder, Compliance House

Knowledge Hub

Latest articles and analysis

Insight, frameworks, and honest conversation — shared openly.

No articles published yet.

Browse all 50 articles →

We take on a small number of engagements each year. Each one gets our full attention.

If your organisation is ready to treat integrity as a long-term investment — not a one-time deliverable — we would like to hear about it.

Start a conversation →

The compliance officer is not wrong.

When a fraud is discovered, the response is rational. Investigate. Contain. Remove the threat. Strengthen the controls. Direct resources toward the place where real damage has already occurred — or where it is most likely to occur next.

This is professionally sound. It is what the role demands. And any compliance programme that does not take clear and present threats seriously is not doing its job.

"The problem is not the focus on the fraudster. The problem is when that focus becomes the only focus."

Because while resources, attention, and budget flow toward the visible risk — the one with a face, a file, and a clear narrative — something else is happening quietly on the other side of the organisation.

There is a person who has not done anything wrong. Who is not on any watchlist. Who does not appear in any risk assessment. Who comes to work every day with every intention of doing the right thing.

And that person is under pressure.

Not the pressure of criminal intent. The pressure of a target they cannot meet by honest means. The pressure of a manager who has never once asked how they are doing. The pressure of a culture that rewards results and asks no questions about how they were achieved. The pressure of an ethical dilemma they have never been prepared to face — and no one around them seems to notice.

Here is the question that compliance programmes rarely ask out loud: What happens to a good person when the organisation around them makes the wrong choice feel like the only choice — and nobody has ever built them the tools to resist it?

This person is not an imminent threat. They have not broken anything yet. They do not trigger alerts. They are not a clear and present danger.

Which is precisely why they are invisible to a compliance programme designed only to catch what is already broken.

"The fraudster takes. The culture failure creates the conditions where taking becomes thinkable."

We are not suggesting that organisations stop managing the risks they can see. We are suggesting that the risks accumulating beneath the surface — in the gap between declared values and lived experience — are often the ones that cause the deepest damage when they finally surface.

Not because a bad person planned it. Because a good person ran out of road.

A compliance programme that only manages what is already visible is necessary. But it is not sufficient.

The work of building a culture where misconduct cannot take root — where the good person never runs out of road — is quieter, slower, and less dramatic than catching a fraudster. It does not produce a case file or a headline. But over time, it produces something more valuable: an organisation where the question should I do this is answered not by a policy, but by who the people inside it have become.

How this shapes our work

Every engagement we take begins with a question about culture — not just controls. Every training we design speaks to the person who wants to do right, not only to the person who might not. Every policy we help write is tested against one measure: will the person under pressure, alone, at the moment of decision, find this useful?

That is the standard we hold ourselves to. We know it shifts with time, with context, with the organisations we work in. What we built yesterday may need rethinking today. We accept that — because integrity as a practice is never finished.

Pressure is not an excuse. But it is worth understanding.

When we look at cases of workplace misconduct — not the calculated, premeditated kind, but the kind that surprises everyone including the person responsible — we almost always find pressure at the centre of the story.

Not the pressure of greed. The pressure of a number that cannot be reached any other way. The pressure of a relationship that feels too important to risk with honesty. The pressure of a team depending on a decision that should never have been left to one person alone.

We are not describing an excuse. We are describing a mechanism. And understanding a mechanism is the first step to interrupting it.

"The moment of poor judgment is rarely the beginning of the story. It is usually the end of a long silence."

This is why the compliance interventions that stay with people are not the ones that list what is forbidden. They are the ones that name what pressure feels like — and give people the language, the permission, and the practical tools to respond to it differently.

We design every training around one test: does this prepare a person for the moment they are alone, under pressure, with no obvious right answer — and nobody to ask?

That is a high bar. We do not always clear it perfectly. But it is the bar we return to every time.

Culture is set by what leaders do when it costs them something.

Every organisation we have worked with has a stated set of values. Most of them are good values. Honest, well-considered, genuinely meant at the moment they were written.

And yet values written in an annual report mean something quite different from values lived in a quarterly review. The distance between those two things — between what an organisation declares and what it actually rewards — is where compliance culture is either built or quietly dismantled.

"No training programme reaches further than the behaviour of the person who runs the meeting."

This is not a criticism of leadership. It is an observation about how culture works. People in organisations watch what happens to those who speak up. They watch what happens to those who push back. They watch what happens when a target is missed for the right reasons, and what happens when it is met for the wrong ones.

They draw their conclusions quietly. And they act accordingly.

When we sit down with a new client, one of the first questions we ask is simple: can you name a recent moment when someone in this organisation chose integrity over convenience — and was seen to be the better for it? The answer tells us a great deal about where to begin.

We ask this question without judgment. Every organisation is on a journey. What matters is not where they are starting from — it is that they are genuinely willing to move.

Why we work with a small number of organisations at a time.

We are a boutique practice. We have made a deliberate decision to limit the number of engagements we carry at any one time.

The work we do — building something that genuinely changes how an organisation thinks and behaves — takes time. It takes honest conversation. It takes a relationship with enough trust on both sides that difficult things can be said when they need to be said.

"We do not measure our success in deliverables produced. We measure it in the change that remains after we have left."

We hold ourselves to the same standard we bring to our clients. Our thinking is tested and updated by every engagement we take. We do not carry past work forward as a fixed template — we carry it forward as experience that the next context may require us to question, adapt, or set aside entirely.

Compliance is a living practice. We treat it as one.

If this way of working fits how your organisation thinks about integrity — we would like to hear from you.

Start a conversation →

We offer each service as a standalone engagement when that is what a situation requires. But our most meaningful work happens when these pieces are designed to work together — as a system that an organisation can grow into over time.

Compliance programme design

Building rigorous, human compliance frameworks tailored to your organisation's culture and risk profile.

An organisation that has outgrown its current compliance structure — or is building one for the first time — faces a particular challenge. The framework needs to be rigorous enough to meet international standards, and human enough to actually be used.

We design compliance programmes that are built around the specific risk profile, culture, and operating context of the organisation — not around a generic template.

What this coversProgramme architecture aligned with ISO 37001, ISO 37301, FCPA, UK Bribery Act, and Sapin II. Risk-based design. Governance and oversight structures. Implementation roadmap. Gap analysis against current state.

Compliance training and awareness

Scenario-based training that prepares people for the moment when doing right requires something from them.

Most people forget a training session within days of completing it. The ones that stay are the ones that felt real — where the dilemma was genuine, the pressure was recognisable, and the answer was not obvious until it was.

We design training that speaks to the person who wants to do right — and prepares them for the moment when doing right requires something from them.

What this coversBehavioural science-informed methodology. Scenario and case-based learning. Role-specific content for all levels. Anti-bribery, conflict of interest, gifts and hospitality, third-party risk, data privacy, speak-up culture. Digital interactive and in-person formats.

Explore our training programmes →

Third-party audits and due diligence

Independent assessments of the relationships that carry your greatest integrity exposure.

The integrity risks that reach organisations most often do not originate inside them. They arrive through the relationships an organisation keeps — its suppliers, agents, distributors, and partners.

What this coversRisk-based due diligence methodology. Supplier and intermediary assessments. Red flag identification. Ongoing monitoring frameworks. Remediation guidance. Alignment with FCPA, UKBA, and Sapin II third-party requirements.

Policy and procedure development

Policies designed to be used at the moment of decision — not filed and forgotten.

A policy document that lives on a shared drive and is opened once a year during an audit is not a compliance tool. It is a filing exercise.

We write policies that are designed to be used — in the language of the people they apply to, at the level of detail that makes them genuinely useful at the moment of decision.

What this coversCode of conduct. Anti-bribery and anti-corruption policies. Conflict of interest guidelines. Gifts and hospitality frameworks. Whistleblowing procedures. Sanctions and third-party policies. Turkish and English versions.

Speak-up culture and whistleblowing systems

Building the conditions where speaking up feels possible — and where it leads to change.

A reporting channel that nobody uses is not a sign that nothing is wrong. It is usually a sign that people do not feel safe enough to use it — or do not believe anything will happen if they do.

What this coversSpeak-up culture assessment. Reporting channel design and implementation. Case management frameworks. Communication and awareness strategies. Alignment with EU Whistleblower Protection Directive and local requirements.

Compliance risk assessment

Mapping where your real integrity risks lie — so resources go where they matter most.

Compliance resources are always finite. The organisations that use them well are the ones that have a clear, honest picture of where their real risks lie.

What this coversEnterprise-wide compliance risk mapping. Bribery and corruption risk assessment. Conflict of interest and third-party risk profiling. Sector-specific risk analysis. Risk register development. Remediation prioritisation.

ISO 37001 and ISO 37301 certification support

From gap analysis to certification day — guided by a firm that has walked the road itself.

Achieving international certification is a meaningful milestone. It is the moment an organisation can demonstrate — to its clients, its partners, its regulators, and its own people — that its commitment to compliance is not a stated intention but a verified reality.

We have walked this road ourselves. As the only advisory firm in Turkey holding both ISO 37001 and ISO 37301 certifications, we bring direct practical experience to every stage of the journey.

What this coversGap analysis against ISO 37001 and ISO 37301 requirements. Programme design and implementation support. Management system documentation. Internal audit preparation. Certification body liaison. Post-certification maintenance and continuous improvement.

Regulatory compliance — FCPA, UK Bribery Act, Sapin II, LkSG, CSDDD

Navigating international regulatory frameworks with clarity, rigour, and practical expertise.

Regulations are not in place to make business harder. They exist to create a safe operating environment for the executives and organisations that work within them.

We help organisations understand the regulatory environment they operate in — clearly, practically, and with the rigour the subject demands.

"A well-understood regulation is not a constraint on good business. It is the ground it stands on."

What this coversFCPA compliance programme design and assessment. UK Bribery Act adequate procedures review. Sapin II compliance mapping. LkSG human rights due diligence. CSDDD readiness assessment. International sanctions programme design. Cross-jurisdictional risk analysis. Executive awareness and decision-maker briefings.

Collective action and anti-corruption partnerships

Coordinating shared commitments to ethical conduct where no single organisation can act alone.

Some integrity challenges are larger than any single organisation can address alone. Where corruption is systemic, the most effective response is a coordinated one.

What this coversCollective action framework design. Multi-stakeholder engagement. Industry integrity pact development. NGO and civil society coordination. Anti-corruption partnership facilitation. Alignment with UNGC, OECD, and Basel Institute frameworks.

"Every service on this page is connected to the same question: what does this organisation need to become, so that the people inside it can make good decisions — consistently, under pressure, over time?"

Discuss your situation with us →

Founder

A practice built on lived experience.

Tayfun Zaman has spent more than twenty years in compliance and ethics advisory. But the foundation of his thinking was laid earlier — in a career in the maritime industry, where he encountered the full complexity of how business actually operates.

Those years were not a detour. They were an education. They gave him something that purely academic or regulatory training cannot: an understanding of compliance from the inside.

"The most credible thing I can bring to this work is honesty about what I have seen — and what I have learned from it. That includes the things that were hard to learn."

Over two decades, that approach has been refined through engagements across energy, aviation, and technology — with organisations ranging from Turkish market leaders to subsidiaries of global groups.

The firm

Turkey's only advisory firm holding both ISO 37001 and ISO 37301 certifications.

Compliance House was founded on a specific conviction: that compliance advisory done well is not a transactional service. It is a long-term partnership.

We operate as a boutique practice by choice. Our engagements are limited in number so that each one receives the full attention it deserves.

Compliance House holds both ISO 37001 and ISO 37301 certifications — the only advisory firm in Turkey to hold both. We pursued these certifications because we hold ourselves to the same standards we ask of our clients.

ISO 37001

Anti-bribery management systems

ISO 37301

Compliance management systems

FEDN Member

Foreign Economic Relations Board

20+ years

Field practice across sectors and geographies

Beyond client work

Compliance as a public conversation.

Tayfun's commitment to integrity extends beyond client engagements. Over the years he has founded and led three organisations dedicated to advancing ethics, compliance, and sustainability as shared professional and civic values in Turkey.

Ethics and Reputation Society of Turkey

A platform for advancing ethical business practices and reputational integrity across Turkish corporate life.

Turkish Integrity Center of Excellence

A centre dedicated to building knowledge, standards, and community around integrity and anti-corruption in Turkey.

Ethics and Compliance Professionals Academy

A professional development organisation for compliance and ethics practitioners.

Knowledge sharing

Sharing what we know — openly and regularly.

Knowledge that stays inside a practice benefits only its clients. These are the channels through which we contribute.

Bilmediklerim

A long-form conversation series exploring the things we thought we understood — until closer examination revealed something more interesting.

Video Podcast · In Turkish

Ask the Ethicist

Real ethical dilemmas explored honestly. No easy answers. No false certainty. Just careful thinking applied to situations that deserve it.

YouTube Series

The Board Insight

Compliance and governance through the lens of board responsibility — for directors and those who advise them.

YouTube Series

The Sustainability Talk / The ESG Talk / The Eco Dialogue

Three connected series exploring sustainability, ESG frameworks, and environmental responsibility as business and ethical obligations.

YouTube Series

"I built this practice to do work I can stand behind completely. Work that is honest with clients, rigorous in its methodology, and humble enough to know that what we build today will need to be revisited tomorrow."

Tayfun Zaman — Founder, Compliance House and Integrity Partners

Talk to us →

Blog

Articles and analysis

50 articles across 10 series — covering the full architecture of a serious compliance practice. Use the filters to browse by topic.

Ethics and Culture

The Difference Between a Compliance Programme and a Compliance Culture

Why a well-documented programme is necessary but never sufficient — and what it takes to build the culture that makes it work.

Read article → Ethics and Culture

Why Your Most Honest Employees Are Your Most Important Compliance Asset

The people who have never appeared on a watchlist are the ones most worth investing in — before pressure changes the equation.

Read article → Ethics and Culture

What Pressure Does to Good People — And What Culture Can Do About It

Understanding the mechanism behind ethical failure — and how organisations can interrupt it before the moment of decision.

Read article → Ethics and Culture

The Manager in the Middle

How middle managers become the invisible front line of compliance culture — and why supporting them changes everything.

Read article → Ethics and Culture

How to Know If Your Ethics Programme Is Working

The metrics that matter, the signals that do not, and the questions worth asking before the next audit tells you what you already knew.

Read article → Anti-Corruption

What Sapin II Actually Requires — And Why Most Companies Miss the Point

The eight measures of Article 17 are not a checklist. Understanding the difference between having them and implementing them is the difference between compliance and exposure.

Read article → Anti-Corruption

Third-Party Due Diligence Under Sapin II: What It Looks Like in Practice

The third-party obligation is among the most demanding Sapin II imposes — and among the most commonly implemented in ways that would not survive an AFA investigation.

Read article → Anti-Corruption

The Anti-Corruption Risk Map: The Foundation Every Other Obligation Rests On

Every Sapin II measure should be calibrated to the company's actual risk exposure. Without a credible, living risk map, that calibration is impossible.

Read article → Anti-Corruption

The FCPA's Reach Is Longer Than Most Companies Think

Non-US companies have discovered the Foreign Corrupt Practices Act's extraterritorial scope through enforcement rather than compliance. The pattern is consistent enough to serve as a clear warning.

Read article → Anti-Corruption

Books, Records, and Internal Controls: The Part of the FCPA That Catches Companies by Surprise

The accounting provisions of the FCPA are broader, carry a lower intent threshold, and receive less compliance attention than the anti-bribery provisions. That imbalance creates exposure.

Read article → Leadership

Why Tone at the Top Is Not Enough — and What Has to Come with It

Senior commitment to compliance is the necessary starting point. Understanding why it is never the finishing point is what separates organisations that build culture from those that only communicate it.

Read article → Leadership

The Board's Compliance Responsibility: Beyond Oversight and Into Accountability

Oversight is the minimum the governance framework requires. Accountability is what actually moves the culture. The difference is visible in the questions a board is willing to ask.

Read article → Leadership

What Senior Leaders Get Wrong About Compliance Culture

Most senior leaders who are told their compliance culture has a problem are genuinely surprised. Three misunderstandings account for much of the gap between their confidence and the reality their people experience.

Read article → Leadership

When the Leader Is the Risk: Managing Compliance Exposure at the Top

Compliance programmes are built to manage risk that flows downward. The risk that sits at the top of the authority structure is the one they are least designed to reach.

Read article → Leadership

How to Have the Compliance Conversation with the Executive Committee

The quality of the conversation a compliance function has with its executive committee determines almost everything else. Most of those conversations are not working as well as they should.

Read article → Training Methodology

Compliance Training Is Not Skill Development: Why the Distinction Changes Everything

When compliance training is classified as a learning activity rather than a control activity, it loses the properties that make it effective — and produces the kind of evidence that satisfies no one in an enforcement inquiry.

Read article → Training Methodology

Learning Performance Must Be Documented and Reported: The Case for Treating Training as a Control

Most compliance training programmes leave behind records. Very few leave behind evidence. The difference determines whether training can be presented as proof that internal controls are functioning.

Read article → Training Methodology

The KPIs That Actually Tell You Whether Your Compliance Training Is Working

Completion rates and average scores measure activity. The metrics that tell you whether your training is functioning as a control measure something more precise — and require more from the compliance function to produce.

Read article → Training Methodology

From Measurement to Improvement: Building a Compliance Training Strategy That Never Stops Developing

A compliance training programme that produces the same results year after year is not functioning as a strategy. Continuous monitoring, benchmarking, and structured improvement are not optional features.

Read article → Training Methodology

Digital Training as a Data Collection Tool: How the Classroom Becomes a Window Into Integrity Risk

Every scenario-based question in a digital compliance training module is a data point. Organisations that analyse those data points at scale gain real-time field intelligence on the integrity risk environment.

Read article → Regulatory Updates

LkSG: What the German Supply Chain Act Requires and Who It Actually Reaches

Germany's supply chain due diligence law has been in force since 2023. Its reach extends well beyond German companies — and its enforcement authority is real.

Read article → Regulatory Updates

CSDDD: The EU's Most Ambitious Due Diligence Obligation and What It Will Mean in Practice

The Corporate Sustainability Due Diligence Directive goes further than any previous supply chain framework — with civil liability, a climate plan obligation, and duties on directors.

Read article → Regulatory Updates

The EU Whistleblower Protection Directive: What Changed, What Is Still Being Missed

Most in-scope organisations have now built the formal infrastructure the Directive requires. Significantly fewer have built the operational substance that makes it work.

Read article → Regulatory Updates

The EU AI Act and the Compliance Function: New Obligations, New Risks, New Territory

The EU AI Act is a risk management law as much as a technology law. For compliance functions, it creates obligations as deployers, responsibilities as overseers, and a new category of integrity risk.

Read article → Regulatory Updates

The Global Convergence of ESG Reporting: Why What Was Voluntary Is Becoming Mandatory

CSRD, IFRS S1/S2, and the SEC climate rule have transformed sustainability reporting from a voluntary exercise into a mandatory compliance obligation with substantial implications for compliance functions.

Read article → Supply Chain Integrity

Why Third-Party Risk Is Your Most Significant Compliance Exposure

The majority of major corporate integrity failures originate not inside the organisation but in the relationships it keeps. Understanding why — and what that demands of the compliance programme.

Read article → Supply Chain Integrity

Building a Third-Party Due Diligence Programme That Actually Works

Most third-party due diligence programmes fail in predictable ways. Understanding those failure modes — and the architecture that avoids them — is what separates a programme that manages risk from one that creates the appearance of doing so.

Read article → Supply Chain Integrity

Risk Tiering: How to Calibrate Due Diligence to What the Relationship Actually Exposes You To

Applying the same due diligence to every third party is neither efficient nor rigorous. Risk tiering directs the most intensive scrutiny to the relationships that carry the greatest exposure.

Read article → Supply Chain Integrity

Contractual Protections Are Not Due Diligence: What Your Third-Party Contracts Actually Need to Contain

Due diligence tells you what the risk is. The contract determines what you can do about it. Most third-party contracts do not contain the compliance provisions needed to manage the relationship.

Read article → Supply Chain Integrity

Ongoing Monitoring: Why Onboarding Due Diligence Is Only the Beginning

A third-party relationship does not stay still after it is approved. Ownership changes. Risk profiles evolve. The programme that treats clearance at onboarding as a permanent status is managing yesterday's risk.

Read article → ISO 37001 · ISO 37301

Two Standards, One Architecture: Understanding How ISO 37001 and ISO 37301 Work Together

ISO 37001 and ISO 37301 are frequently misunderstood as alternatives or equivalents. They are neither. Understanding how they relate — and why holding both matters.

Read article → ISO 37001 · ISO 37301

What ISO 37001 Actually Requires: A Practical Guide to the Anti-Bribery Management System Standard

ISO 37001 specifies the management system an organisation must build to prevent, detect, and respond to bribery. What the standard actually requires — and how auditors assess it.

Read article → ISO 37001 · ISO 37301

What ISO 37301 Actually Requires: Building a Compliance Management System That Meets the Standard

ISO 37301 is the first certifiable international standard for compliance management systems. Its requirements go further than most compliance programmes have built.

Read article → ISO 37001 · ISO 37301

The Gap Analysis: How to Assess Where Your Programme Stands Before the Certification Journey Begins

The gap analysis is the process that makes the decision to certify credible from the start. Without it, certification programmes over-invest where systems already exist and under-invest where gaps are most significant.

Read article → ISO 37001 · ISO 37301

Certification Is Not the Destination: How to Maintain and Continuously Improve What You Build

The organisations that struggle most with ISO certification are the ones that treated it as a project with an end date. What certification requires after the certificate is issued.

Read article → Speak-Up Culture

The Difference Between a Reporting Channel and a Speak-Up Culture

Most organisations have a channel. Very few have a culture. The distinction is not technical — it is human. Understanding it is the starting point for building something that actually works.

Read article → Speak-Up Culture

Why People Don't Speak Up — and What Organisations Can Do About It

Silence in organisations is rarely the result of having nothing to say. Understanding the five barriers that prevent people from raising concerns — and what specifically addresses each one.

Read article → Speak-Up Culture

Designing a Reporting System That People Will Actually Use

A reporting system designed for compliance purposes and one designed for human use are not automatically the same thing. The design decisions that make the difference.

Read article → Speak-Up Culture

What Happens After a Report Is Made: The Follow-Up That Makes or Breaks the Culture

The response to a concern is the organisation's most powerful act of communication about its speak-up culture. Acknowledgement, investigation quality, and closing the feedback loop are the culture in action.

Read article → Speak-Up Culture

How to Measure the Health of Your Speak-Up Culture

Case volume and closure rates measure speak-up activity. They do not measure speak-up culture. The indicators that reveal whether the culture is genuinely working require a different measurement approach.

Read article → Conflict of Interest

What Conflict of Interest Actually Is: The Definition Most Organisations Apply Too Narrowly

Financial interest is one dimension of conflict of interest. Relational, reputational, and positional conflicts are equally significant — and largely invisible to programmes built around the narrow definition.

Read article → Conflict of Interest

The Disclosure Architecture: Building a System That Captures Conflicts Before They Become Problems

The organisation cannot manage what it does not know about. Building a disclosure architecture that employees actually use requires as much design attention as the management framework that follows it.

Read article → Conflict of Interest

Conflicts at the Top: Why Senior-Level Conflicts of Interest Carry Disproportionate Risk

Senior-level conflicts carry consequences disproportionate to the interest involved. The authority attached to senior roles amplifies every dimension of the risk — and the standard disclosure process is not adequate.

Read article → Conflict of Interest

Third-Party Conflicts: The Overlap Between Procurement, Relationships, and Integrity Risk

The procurement process is the organisation's most conflict-exposed operational function. Personal interests in supplier relationships create integrity risks that develop gradually and require careful management.

Read article → Conflict of Interest

When a Conflict Is Real: How to Manage the Situation After Disclosure

Disclosure is the beginning of conflict management, not its conclusion. Assessment, management measures, monitoring, and documentation determine whether the framework actually protects the organisation.

Read article → The Compliance Officer's Role

The Authority Problem: Why the Compliance Officer's Position in the Organisation Determines Everything

The compliance officer is responsible for outcomes they do not have the authority to produce. Understanding this structural tension — and how to work within it.

Read article → The Compliance Officer's Role

Building Credibility With the Business: The Compliance Officer as Trusted Advisor, Not Enforcement Agent

The compliance officer seen as an enforcement agent will be avoided. The one seen as a trusted advisor will be sought out. The difference is not in the role — it is in how it is performed.

Read article → The Compliance Officer's Role

When What the Business Wants and What Compliance Requires Diverge: How to Handle the Hardest Conversations

The moments when commercial pressure and compliance requirements pull in different directions define the function. How to distinguish legitimate revision from inappropriate capitulation.

Read article → The Compliance Officer's Role

Measuring Your Own Programme: The Compliance Officer's Self-Assessment Obligation

The compliance officer who cannot evaluate the effectiveness of their own programme is not managing it — they are maintaining it. Four questions that generate the analytical content governance needs.

Read article → The Compliance Officer's Role

The Next Ten Years of the Compliance Function: What the Role Is Becoming and How to Prepare for It

The compliance function is under transformation — in scope, in tools, and in what it will be expected to deliver. What changes, and what will remain irreducibly human at the core.

Read article →

Podcast

Bilmediklerim

A long-form conversation series exploring the things we thought we understood. In Turkish.

In Turkish

TO BE REPLACED — Episode title

TO BE REPLACED — Episode description.

In Turkish

TO BE REPLACED — Episode title

TO BE REPLACED — Episode description.

YouTube

Video series

Five series covering ethics, governance, sustainability, and the questions that matter.

Ask the Ethicist

Real ethical dilemmas explored honestly.

Episodes coming soon

The Board Insight

Compliance and governance through the lens of board responsibility.

Episodes coming soon

The Sustainability Talk

Sustainability as a business and ethical obligation.

Episodes coming soon

The ESG Talk

ESG frameworks explored with rigour and honesty.

Episodes coming soon

The Eco Dialogue

Environmental responsibility beyond reporting requirements.

Episodes coming soon

Resources