Matt Kalmick, JD

Writing

Third-Party Risk Management: The Compliance Gap Many Organizations Overlook
March 9, 2026

Third-Party Risk Management: The Compliance Gap Many Organizations Overlook

Third-party risk management is one of the most foundational elements of a mature compliance program and one of the most commonly underdeveloped. Organizations spend significant resources building internal policies, training employees, and preparing for audits, then extend access, data, and operational dependencies to third-party vendors without applying anything close to the same rigor. Regulators have noticed.

Read Post
The EU AI Act Is Here: What U.S. Compliance Professionals Should Know
January 21, 2026

The EU AI Act Is Here: What U.S. Compliance Professionals Should Know

The EU's landmark AI regulation carries broad extraterritorial reach that can pull American businesses into scope. With August 2026 bringing the most significant compliance obligations for high-risk AI systems, here's what U.S. compliance professionals need to know now.

Read Post
AI Governance Preparedness: Practical First Steps for any Organization
September 16, 2025

AI Governance Preparedness: Practical First Steps for any Organization

As artificial intelligence continues to reshape the workplace, organizations across industries face a new frontier of risk management. And unlike some other compliance areas that evolved over decades, AI regulation is developing at breakneck speed.

Read Post
State AI Laws Take Center Stage
July 29, 2025

State AI Laws Take Center Stage

An update on the evolving AI regulatory landscape following Congress's rejection of the federal moratorium on state AI regulation. With federal preemption now off the table, states can continue in their role as laboratories of AI governance.

Read Post
AI Regulation: A Federal Moratorium on State Laws Is a Misguided Approach
June 10, 2025

AI Regulation: A Federal Moratorium on State Laws Is a Misguided Approach

As someone who has spent over a decade navigating complex regulatory landscapes, I've seen firsthand how effective regulation requires a delicate balance. It must protect consumers while facilitating innovation.

Read Post
AI Automation in Compliance: Elevating the Regulatory Affairs Function
March 28, 2025

AI Automation in Compliance: Elevating the Regulatory Affairs Function

Automation is increasingly prevalent across industries today, particularly with the rapid advancement of AI tools. While this trend naturally raises concerns about the future of human roles, I see a valuable opportunity.

Read Post
The ROI of Proactive Compliance: Why Early Investment Pays Off
January 14, 2025

The ROI of Proactive Compliance: Why Early Investment Pays Off

In today's complex regulatory landscape, many organizations view compliance as a necessary evil – a cost that drains resources and slows down business operations. However, my experience building compliance programs suggests the opposite.

Read Post
Hot Topics in Privacy Compliance: Navigating 2024's Shifting Landscape
November 1, 2024

Hot Topics in Privacy Compliance: Navigating 2024's Shifting Landscape

As a compliance professional who has navigated everything from traditional financial services to the emerging cannabis industry, I have observed first-hand how privacy concerns transcend sectors.

Read Post