In the Trenches – Building Compliance Programs That Work

Where real-world compliance work actually happens

For small and mid-sized businesses, compliance leadership often happens in the margins – between other responsibilities, across departments and under constant time pressure.

That reality shaped the In the Trenches session of the Fall into Compliance series, featuring Heather Hurst, Chief Compliance Officer at CDL Nuclear Technologies, and Brandon Lee, Vice President of Sales Growth and Excellence at NAVEX. Together, they explored how real-world compliance programs take shape when strategy meets practicality.

Their shared perspective was clear: progress and consistency matter more than perfection.

Building trust through leadership buy-in

When asked how to secure leadership support, both speakers agreed that the most effective approach is to connect compliance to outcomes that business leaders already care about.

“Executives listen when you speak their language,” Lee said. “Frame compliance outcomes in terms of efficiency, risk reduction or culture health.”

Hurst emphasized the importance of storytelling as a leadership tool. “Share examples, not just metrics,” she said. “Show how a stronger reporting process helped resolve an issue faster or improved morale. That’s how you make compliance real.”

For many SMBs, buy-in starts informally – through consistent updates, clear summaries and visible follow-up when employees raise concerns. Over time, those actions build trust and normalize compliance as part of business health.

Smart automation for small teams

Technology can help small compliance teams work smarter, not harder – but both speakers cautioned against rushing to deploy tools that add more maintenance than value.

“Automate the things that create drag,” Hurst advised. “Policy attestations, hotline case tracking, training reminders – start there.”

Lee agreed that automation should enhance, not replace, human oversight. “Technology can help you see patterns,” he said. “But it can’t interpret tone or context. Keep people in the loop.”

For SMBs, the key is choosing solutions that align with existing workflows. “You don’t need a full platform to start,” Hurst said. “A spreadsheet and consistency are better than a system no one uses.”

Automation, they agreed, is less about technology maturity and more about discipline – collecting and using data to demonstrate continuous improvement.

Progress through peers

One of the most engaging parts of the session was its honesty. Both speakers acknowledged that building compliance programs is rarely linear. There are setbacks, false starts and moments of doubt – but also deep rewards when employees begin to take ownership.

“Progress isn’t glamorous,” Hurst said. “It’s policy updates, quarterly training and answering the same question until it sticks. But that’s how culture changes.”

The discussion also highlighted how peer connections help leaders stay grounded. The audience Q&A surfaced common questions about automation priorities and leadership engagement – with many attendees noting how valuable it was simply to hear that others face similar challenges.

Bringing it all together

For small and mid-sized businesses, compliance success doesn’t depend on headcount or budget – it depends on clarity, credibility and consistency.

As ‘In the Trenches’ showed, meaningful progress occurs when strategy and practicality intersect – one risk assessment, one training cycle, one transparent conversation at a time.

That steady, human approach is how real compliance programs – and compliance cultures – take root.

Watch the full session on demand.