Streamline Compliance Work with AI-Powered Prompts

We have a [regulator name] audit/examination scheduled in [timeframe]. The audit will focus on [areas, e.g., data privacy compliance, AML program, workplace safety, financial controls]. This is a [routine / triggered by incident / first-ever] examination. Our compliance program maturity in this area is [assessment]. Create a comprehensive audit readiness checklist organized into phases: 60 days before (document gathering, self-assessment, gap remediation), 30 days before (mock audit, team preparation, logistics), 1 week before (final review, room setup, document organization), during the audit (daily management, issue tracking, response protocols), and post-audit (findings response, remediation tracking). For each phase, list specific tasks, responsible parties, and common pitfalls. Include a document request anticipation list: the specific documents and data this type of regulator typically asks for.

Design an internal compliance audit plan for [audit area, e.g., anti-bribery program, vendor management, employee data handling, gifts and entertainment]. The scope covers [business units/geographies/processes]. Last audit of this area was [date] and found [previous findings]. Current risk level is [assessment]. Create an audit plan that includes: audit objectives and scope statement, risk-based sampling methodology (how to select transactions, processes, or locations to test), specific audit procedures for each area within scope, interview guide for key personnel (specific questions to ask and why), document and data analysis procedures, criteria for rating findings (critical, major, minor, observation), a timeline and resource estimate, and a template for the audit report. Include red flags that should trigger expanded audit scope.

We received the following findings from a [internal/external/regulatory] audit: [Finding 1: description, severity] [Finding 2: description, severity] [Finding 3: description, severity] [continue as needed]. For each finding, draft a formal response that: acknowledges the finding appropriately (agree, partially agree, or disagree with reasoning), explains the root cause (not just the symptom), describes the specific remediation actions with responsible owners, provides realistic completion dates, identifies interim risk mitigation measures if full remediation takes time, and defines how we will verify and sustain the fix. Create a consolidated remediation tracker and a reporting cadence for providing updates to [the auditor/regulator/audit committee]. Flag any findings where we should consider pushing back with supporting evidence.

I need to prepare a compliance report for our Audit Committee meeting. The committee meets [quarterly/semi-annually] and includes [describe members]. Topics to cover: compliance program activity summary for [period], key risk developments, audit findings status (open, in progress, closed), regulatory examination updates, hotline/reporting statistics, training completion rates, policy updates, and emerging issues requiring committee attention. Design a report template that: fits within a [X-minute] committee agenda slot, leads with items requiring committee action or decision, uses red/yellow/green status indicators effectively, includes trend data (not just point-in-time snapshots), and provides enough detail for oversight without overwhelming non-specialists. Include executive summary talking points I can use to present the report verbally.

I want to move from periodic auditing to continuous compliance monitoring in [area, e.g., financial transactions, employee trading, data access, vendor payments, expense reports]. Current approach: [describe periodic review process]. Volume of transactions/activities to monitor: [amount per period]. Design a continuous monitoring program that covers: which data sources to connect and how, specific monitoring rules and alert triggers (be precise about thresholds and patterns), alert triage and investigation workflow, false positive management (how to tune rules over time), escalation criteria for different alert types, staffing and technology requirements, metrics to measure the monitoring program's effectiveness, and a phased implementation plan starting with highest-risk areas. Distinguish between what can be automated vs. what requires human judgment.

Design our annual compliance training program for [company size, industry]. Our employee population includes: [describe roles, levels, locations]. Compliance areas to cover: [list, e.g., code of conduct, anti-corruption, data privacy, harassment, insider trading, sanctions]. Current training approach: [describe, e.g., annual e-learning only]. Employee feedback on current training: [describe]. Design a training program that includes: a curriculum map showing which topics apply to which employee populations, delivery format recommendations for each topic (e-learning, live workshop, microlearning, scenario-based, etc.), content outlines for each module with specific scenarios relevant to our industry, assessment methodology that tests application not just knowledge, a schedule that spreads training across the year rather than dumping it all in one month, metrics to measure training effectiveness beyond completion rates, and a budget estimate. Make it engaging enough that employees do not just click through.

Create a library of [10] realistic compliance scenarios for our [industry] company that can be used in training sessions, team meetings, and the company intranet. Topics to cover: [list compliance areas]. Each scenario should: describe a realistic workplace situation that an employee in our industry would actually face, present a genuine ethical gray area (not an obvious right/wrong answer), involve realistic pressure or incentives that make the wrong choice tempting, include multiple decision points where different employees might reasonably disagree, and end with discussion questions and a recommended analysis framework. Make half the scenarios from the employee perspective and half from the manager perspective. Include at least two scenarios involving AI or technology ethics issues.

Create a one-page compliance quick reference card for [role: sales team / procurement / HR / finance / IT / field operations]. This role's specific compliance risks include: [list the risks this role faces]. The quick reference should cover: the top 5 compliance rules that matter most for this role (in plain language, not policy citations), common scenarios they will encounter with clear guidance, red flags to watch for in their daily work, exactly who to call or where to report if they see something concerning, and a decision framework for gray areas specific to their function. Format it as a printable card or digital reference that can be taped to a monitor or saved on a phone. No jargon. No legal citations. Just clear, actionable guidance.

Design a compliance culture assessment survey for our organization of [size]. We want to measure: employee awareness of compliance resources, comfort level with reporting concerns, perception of management commitment to ethics, understanding of key compliance requirements for their role, perceived consequences for ethical vs. unethical behavior, and trust in the investigation process. Create [20-25] survey questions using a mix of Likert scale, multiple choice, and 2-3 open-ended questions. Include reverse-coded questions to detect response bias. Segment the survey by [department, level, tenure, location] so we can identify hotspots. Provide benchmarks for interpreting results (what constitutes a good score vs. a concerning one) and recommended actions based on different outcome scenarios.

Develop a compliance coaching toolkit for people managers at our [company type]. Managers are often the first line of defense for compliance issues but receive little guidance on how to handle them. The toolkit should include: a guide on recognizing when a team member's question has compliance implications, conversation scripts for 5 common compliance situations managers face (e.g., employee reports a concern, employee asks about a gray area policy, manager observes potential misconduct, team member is being pressured by a client, new hire needs compliance orientation), clear boundaries on what managers should handle vs. escalate to compliance, documentation guidelines for compliance-related conversations, tips for creating a speak-up culture within their team, and a quick reference for key compliance contacts and resources. Write it for managers who are not compliance experts and have limited time.

Draft a compliance investigation report for the following matter: allegation/concern received via [source, e.g., hotline, manager report, audit finding]. The allegation: [describe]. Investigation steps taken: [list interviews conducted, documents reviewed, data analyzed]. Key findings of fact: [summarize what the investigation found]. The investigation covered the period [dates] and involved [number] interviews and [number] documents reviewed. Structure the report as: executive summary (one paragraph), background and scope of investigation, methodology, factual findings (organized chronologically or by issue), analysis of findings against applicable policies and regulations, conclusion on whether a violation occurred, root cause analysis, and recommendations for remediation and prevention. Maintain an objective, fact-based tone throughout. Flag any areas where evidence was inconclusive.

Design a compliance metrics dashboard that demonstrates program effectiveness to leadership and the board. Our compliance program covers: [list areas]. Current reporting is [describe: manual, ad hoc, metric-light]. Create a metrics framework organized into: program activity metrics (what the compliance team is doing), program effectiveness metrics (whether the program is working), culture metrics (how the organization perceives compliance), and risk metrics (how our risk profile is changing). For each metric, specify: the exact calculation, data source, reporting frequency, benchmark or target, and what action to take if the metric goes red. Include both leading indicators (predictive) and lagging indicators (outcome). Recommend a visualization approach for each metric. Limit to [15-20] total metrics that tell the complete story without data overload.

Write a board-level compliance risk report for the [period]. The board needs to understand our compliance posture and any issues requiring their attention. Key data points: hotline reports received [number], investigations opened [number], investigations closed [number], substantiated findings [number], regulatory examinations [status], training completion rate [percentage], open audit findings [number], and key regulatory developments. Draft the report with: an executive summary that a board member can scan in 2 minutes, risk heat map narrative explaining any rating changes, material compliance events or near-misses with lessons learned, regulatory environment update focused on implications for us, compliance program enhancements completed and planned, and a forward-looking section on emerging risks. Include a specific board ask (approval needed, awareness item, or discussion requested) for each agenda item.

I need to prepare/review compliance-related disclosures for [filing type, e.g., annual report risk factors, proxy statement compliance disclosures, regulatory annual filing]. The disclosures need to cover: [list required disclosure topics, e.g., material legal proceedings, risk factors, compliance program description, ethics code, clawback policy]. Current draft: [paste or describe existing disclosure language]. Review the language for: accuracy and completeness against current requirements, any material omissions given recent events or regulatory changes, consistency with our other public statements and filings, appropriate level of specificity (detailed enough to be informative but not creating unnecessary exposure), and alignment with peer company disclosures in our industry. Suggest specific edits with explanations for why each change reduces risk or improves compliance.

Write the annual compliance program report summarizing activities and achievements for [year]. This report serves multiple audiences: the board, senior leadership, regulators (if requested), and the compliance team itself. Program data: [provide key statistics across all compliance activities]. Significant events: [list notable incidents, regulatory interactions, program milestones]. Create a report that includes: program overview and governance structure, key accomplishments organized by compliance area, risk assessment summary and how it drove program priorities, training and awareness activities with effectiveness data, monitoring and auditing results, investigation statistics and trends (without identifying details), regulatory engagement summary, technology and process improvements, resource allocation summary, and strategic priorities for the coming year. The tone should demonstrate a mature, proactive program while honestly acknowledging areas for improvement.