The biggest event of the year, how to beat the cheats and an issue that affects us all
Your monthly round-up of the best (and sometimes worst) of human risk.
What happens in Vegas is supposed to stay in Vegas, but (surprise, surprise) I'm breaking that rule here — because the ethics and compliance insights I gained when giving a keynote earlier this month are too good not to share.
There's also a lively mix of other insights: a podcast with an inspiring social entrepreneur, a tale of weaponized compliance, the power of cognitive speed bumps, and much more.
1. How scammers work and how to stay one step ahead
When I was in Vegas, Sal Piacente — a Casino Game Protection Expert—gave a masterclass on how cheaters think.
He exposed the latest scams — revealing not just how they work, but how casinos can stay one step ahead.
During his talk, he explained his approach:
🎤 When I see a move, I study it, I learn it, I improve it, and then I show it”
It's his fourth step — '𝘐 𝘪𝘮𝘱𝘳𝘰𝘷𝘦 𝘪𝘵' — that particularly struck me.
Because it captures something we too often forget: human ingenuity.
People — and now machines — are relentless in finding new ways to bend the rules.
If we want to stop or deter them, our job in Risk & Compliance isn’t just to shut down the loopholes and control weaknesses they're already exploiting.
It’s to understand them, and then anticipate where they’ll go next.
Sal doesn’t just share the scams he’s seen. He studies them. Improves them. And then he shares them so others can learn and get ahead of the game.
Our job? Stop tomorrow’s breaches, not just patch up yesterday’s mess.
And that means beating the rulebreakers at their own game.
2. How can we prevent violence against women?
And what role do men who don't engage in violence have to play?
On this episode, I sit down with Amy Watson, the founder of HASSL, an organization dedicated to tackling the root causes of female harassment and violence against women.
We explore the traditional responses to these issues, why they fall short, and what needs to change.
3. How to weaponize compliance
You’ve probably seen the email US federal employees were sent last week. It’s a perfect illustration of how compliance can be used not to help people follow rules, but to create pressure, fear, and control.
If that’s your goal, here are your Musk-do’s:
Make it sound simple - but strip away real choice
Make it specific - but only in the mechanics, not the purpose
Sow confusion - conscript line managers to the cause
Use external pressure to create fear
Set them up to fail by choosing the worst possible time
Gaslight by making it seem reasonable
Get help
For a very small minority of you, this will come naturally. I can’t help you.
But if it seems alien, then get in touch and I’ll help you to do it properly in your organisation.
Or — here’s a radical idea — we could try something a little more human…
4. Christian 1-0 Cybersquatters
Want people to remember something? Try making it harder to say.
We assume that making things easy to say, read, or understand is the best approach. But sometimes, the opposite is true.
I realised this after choosing a website address for my company.
The obvious choice — humanrisk.com — was (and is) taken by a cybersquatter, so I had to choose human-risk.com instead.
But how did I use this bump in the road to my advantage and stick it to them?
5. Why compliance is about translation, not making people experts
The average employee isn't interested in compliance. That doesn't mean they're not interested in being compliant.
It means they're not interested in reading or understanding the details in regulations.
Now the challenge is: how can we make the boring stuff sound interesting so that people actually remember?
*Blatant plug warning*
This is a good place to start.
Don’t miss the Compliance Fckup Festival!
An online event for Compliance professionals who’ve learned the hard way.
Join me and Dr. Bettina Palazzo on April 1st, 2025 for a light-hearted and informative online event where compliance professionals can share their biggest mistakes — and what they learned.
We'll kick things off by sharing our own compliance Fckups to set the tone.
Trust us, we've made plenty.
Because nobody gets it right every time.
⏰ When?
13:00 - 14:00 CET (Central Europe)
12:00 - 13:00 GMT (UK/Ireland)
08:00 - 09:00 Eastern (Canada/US)
20:00 - 21:00 HKT / SGT (Hong Kong / Singapore)
Don’t forget Compliance in the Wild never stops! Why not send me a baffling or brilliant example of something done well or (more likely) dreadfully badly? Drop me an email at christian@human-risk.com and you might get a shout out on the CITW LinkedIn feed.
PS Want to learn more about how I can help you to mitigate human risk in your organisation? Then visit the Human Risk website.
PPS Subscribed in a previous life and no longer want to receive this? No hard feelings; you can unsubscribe using the link at the bottom.