Recognized Software Compliance Leaders 2025

I’m a lifesciences compliance strategist with a passion for building real-world, right-sized programs in fast-moving environments. With deep experience in pharma and medtech, I specialize in translating regulatory complexity into practical, actionable frameworks. I’ve spent 7+ years navigating the gray areas of compliance—from training physicians on industry expectations to building startup programs from the ground up. I believe compliance should be ethical, functional, and human-centered—and that culture is built through clarity, storytelling, and respect, not fear. Outside of policy and audits, I speak regularly on startup compliance and love turning “boring” topics into memorable moments. I'm here to connect, create, and contribute.

I have 24 years of experience in the credit counseling industry, specializing in operations, compliance, debt management, and consumer financial education. As Senior Manager of Compliance and Media at Money Fit, I ensure our programs meet strict standards for integrity, accuracy, and regulatory compliance. I am a HUD Certified Housing Counselor and serve on the Board of Directors for the Financial Counseling Association of America (FCAA). My work focuses entirely on nonprofit credit counseling. I help consumers understand the clear mechanics of regulated debt management versus the risks tied to for-profit debt settlement. Consumers deserve straightforward financial guidance that is realistic, responsible, and built for actual progress.

I’m Eric Garcia, the CEO of SentrIQ Labs. I have over 15 years of experience in cybersecurity, working across federal, defense, and cloud environments to help organizations design, implement, and defend security programs in highly regulated spaces. My background includes hands-on involvement with authorization processes, security control assessments, policy development, and executive-level risk advisory, with a strong focus on cybersecurity frameworks. Before founding SentrIQ Labs, I worked with organizations ranging from early-stage SaaS companies to large defense contractors, helping them navigate compliance demands without losing sight of operational reality. I have spent years inside the authorization process, working directly with engineers, compliance teams, and leadership to translate dense regulatory requirements into security controls that can actually be implemented and sustained. At SentrIQ Labs, my focus is on applying AI to reduce friction in cybersecurity compliance and audit readiness. That includes automating evidence collection, control mapping, and documentation workflows while preserving human judgment where it matters most. I am particularly interested in how AI changes the future of GRC, the risks introduced by poorly governed AI systems, and how companies can adopt automation without increasing their attack surface. I regularly share insights on cybersecurity compliance, AI development, and the evolving threat landscape, with an emphasis on practical, defensible security programs that align with real business risk rather than checkbox compliance.

ERP Implementer and Consultant with 15+ years of experience delivering cloud-based ERP solutions for manufacturing, construction, and service industries. Provides insights on ERP implementation, AI in enterprise systems, and business process optimisation.

I am a healthcare compliance executive and the originator of Stark Watch, a generative AI platform built to monitor physician contracts for strict adherence to the Stark Law and the Anti-Kickback Statute (AKS). As a Compliance Vice President at a $4B health system, I navigate the complexities of healthcare regulations, hospital-physician financial relationships, and corporate ethics on a daily basis. Ensuring physician compensation compliance is one of the most resource-intensive challenges for modern hospitals. Historically, auditing these agreements for Fair Market Value (FMV) and commercial reasonableness required hundreds of hours of manual review. Recognizing this bottleneck, I architected Stark Watch to transform healthcare regulatory technology (RegTech). Our compliance software leverages generative AI to automate contract analysis, detect potential AKS violations, and track compensation tied to Designated Health Services (DHS). By turning a reactive auditing process into a proactive, technology-driven workflow, Stark Watch empowers health systems to protect their bottom line, avoid severe regulatory penalties, and maintain the highest ethical standards in their physician partnerships. With a deep commitment to safeguarding healthcare integrity, I hold triple certifications: Certified in Healthcare Compliance (CHC), Certified Compliance & Ethics Professional (CCEP), and Certified in Healthcare Privacy Compliance (CHPC). My current focus is bridging the gap between stringent regulatory frameworks and cutting-edge technology. I actively use artificial intelligence to streamline compliance operations, ensure alignment with OIG safe harbors, and mitigate AKS and Stark Law risks in complex contracting environments. My professional focus centers on providing actionable insights into the practical application of AI in healthcare administration, the evolving landscape of the Stark Law and Anti-Kickback Statute, and the future of healthcare compliance software. Whether analyzing recent Department of Justice enforcement trends or designing algorithms to parse complex medical directorship agreements, my goal is to make healthcare compliance more efficient, accurate, and accessible.

RERA360 is a specialized real estate compliance and advisory firm focused exclusively on the Real Estate (Regulation and Development) Act, 2016 (RERA). The organization supports builders, developers, real estate agents, and homebuyers by simplifying complex regulatory requirements and ensuring end-to-end compliance across real estate projects. With a strong understanding of RERA frameworks, state authority processes, and evolving regulatory guidelines, RERA360 delivers structured, accurate, and timely compliance solutions. Its services cover project registration, quarterly and annual filings, documentation management, authority coordination, and advisory support—helping stakeholders operate with transparency, accountability, and legal certainty. RERA360’s approach is built on clarity, process discipline, and practical execution. By reducing compliance risks and administrative burdens, the firm enables real estate professionals to focus on project delivery, credibility, and long-term growth while remaining fully aligned with regulatory obligations. The mission of RERA360 is to strengthen trust in the real estate ecosystem by making compliance simple, accessible, and reliable—transforming regulatory requirements from obstacles into operational advantages.

With 20+ years' of experience in risk management and IT security, I excel at crafting secure, compliant, and efficient frameworks for businesses navigating complex regulatory landscapes. My expertise lies in developing Information Security Management Systems (ISMS) that achieve ISO 27001 certification, achieving up to 80% cost reduction in security implementations compared to traditional approaches. As an EC-Council subject matter expert for the CEH certification, my knowledge in ethical hacking and cybersecurity is both deep and broad. I take pride in the iO-GRCF , my proprietary framework designed to streamline and simplify cross-compliance. My goal is to foster partnerships within the industry to address governance, risk, and compliance challenges, while offering IT companies lucrative compliance, gap assessment, and penetration testing solutions.Professional Goals:* Forge partnerships with industry leaders to collaboratively tackle governance, risk, and compliance challenges.* Generate leads with IT companies to offer streamlined compliance, gap assessment, and penetration testing solutions, providing them with new revenue streams.Interests:Follow and engage with industry leaders and organizations that are at the forefront of cybersecurity, compliance standards, and IT innovations.

William Berg is a securities expert at DayTrading.com with more than 20 years of experience reviewing brokers, trading platforms and the rules that sit behind them. With a legal and financial background, he has audited countless brokers and investigated thousands of trading scams and clone firms, giving him a sharp eye for what separates a trustworthy platform from a costly mistake. William holds an LL.M. from the Gothenburg School of Business, Economics and Law, where he focused on securities law and international trade. He later studied at Moscow State University, adding to a background that blends law, business administration and cross border finance. That mix gives him a solid grip on both the legal fine print and the real world mechanics of online trading. Before and alongside his editorial work, William consulted on IPOs in the Nordic market, worked with fintech startups in payments and point of sale systems, and provided localization for leading forex trading software. He has also spent years as a writer and fact checker for financial publications, using that experience to test brokers, compare trading tools and explain complicated topics without turning them into legal soup. As an active market participant, William has placed thousands of private and test trades across forex, CFDs, options and stocks, while testing different trading platforms and apps. His practical experience, paired with a deep knowledge of securities law and broker regulation, makes him well placed to comment on broker safety, platform quality, trading risks and the standards traders should expect before putting money on the line.

Stepan Kazaryan is a Business Management Consultant focused on digital presence, professional evaluation, and how public information shapes decision-making in modern business environments. His work centers on helping organizations and professionals understand how they are perceived before direct interaction occurs. In search-driven systems, evaluation often happens silently and quickly. Stepan advises clients on building structured digital foundations that support credibility over time. His approach emphasizes clarity, consistency, and responsible positioning rather than short-term visibility tactics. He works with executives, founders, and professional service providers who recognize that digital footprints influence trust, partnerships, and opportunity flow. By aligning websites, public profiles, and third-party references, Stepan helps create stable professional narratives that reduce uncertainty during evaluation. Rather than focusing on reactive measures, his advisory framework prioritizes preparation. This includes analyzing how search results present a name, how information connects across platforms, and how inconsistencies affect perception. The goal is to strengthen long-term positioning in a way that feels natural and sustainable. Stepan frequently writes and speaks about digital identity, credibility signals, and the structural factors that influence professional trust in online environments. His perspective reflects a broader shift in how professionals are assessed in the age of search and public information accessibility. Through disciplined strategy and steady execution, Stepan Kazaryan helps clients maintain clarity in environments where perception often forms before conversation begins.

Josh Fleming is the Risk Advisory & GRC practice lead at Echelon Risk + Cyber, where he helps organizations strengthen resilience against today’s most complex cyber and physical threats. He brings a unique ability to bridge technical expertise with executive strategy, enabling leaders to make confident, informed decisions during both preparation and crisis. With extensive experience across industries such as healthcare, manufacturing, financial services, and energy, Josh has partnered with organizations to identify risks, fortify defenses, and implement effective governance strategies. His work spans from building incident prevention programs to leading executive tabletop exercises, risk assessments, and crisis response planning. Josh regularly advises executive teams, C-suites, and boards on incident response readiness and strategic risk management. He is known for developing actionable frameworks and clear decision-making playbooks that reduce risk exposure, accelerate response, and build stakeholder trust. As an industry thought leader, Josh is committed to advancing the conversation around governance, risk, and compliance. He stays at the forefront of emerging trends and regulations, particularly in areas such as AI governance and cybersecurity resilience, to ensure his clients and partners are not only compliant, but future-ready. Above all, Josh is recognized as a trusted advisor who combines technical depth, business acumen, and a client-centric approach to deliver lasting value. His mission is to help organizations move beyond compliance to achieve true resilience and competitive advantage in an evolving risk landscape.

Vijay Amin is the Founder & CEO of VertiComply, an AI-powered no-code platform that generates owned, exportable, production-ready healthcare app code with 15+ compliance frameworks enforced at the code level — including HIPAA, GDPR, SOC 2, FDA 21 CFR Part 11, EU AI Act, ISO 27001, HITRUST, ABDM, and DPDP. With 21 years of enterprise IT experience across healthcare, cloud infrastructure, and AI, Vijay has spent his career at the intersection of highly regulated industries and emerging technology. He founded VertiComply after seeing the same pattern repeat across digital health teams: AI-generated code that looked compliant but failed the moment a real audit, security review, or partner onboarding arrived. The platform is built for healthcare startups, digital health teams, and non-technical founders who need to ship fast without compromising on ownership, security, or regulatory rigor. Vijay's areas of expertise include: 1. Healthcare data privacy and HIPAA compliance 2. AI-generated code risk in regulated industries 3. The EU AI Act and its impact on US healthcare and digital health companies 4. Multi-framework compliance overlap (HIPAA + GDPR + FDA 21 CFR Part 11 + SOC 2) 5. No-code and low-code platforms for healthcare app development 6. Cloud security and infrastructure for HIPAA-regulated workloads 7. Compliance challenges for early-stage healthcare and digital health startups 8. India's digital health stack (ABDM, DPDP Act) and cross-border compliance He is available for expert quotes, background commentary, and contributed articles on healthcare IT, AI compliance, cybersecurity, digital health, and the evolving regulatory landscape for AI in regulated industries. Vijay can also connect journalists with healthcare CTOs, compliance officers, and digital health founders within VertiComply's network for additional sourcing. Based in Ahmedabad, India, Vijay leads VertiComply alongside co-founder and CTO Garvita Solanki, who brings 15 years of engineering experience.

WHSuites is a fully integrated lead management software designed to help businesses capture, track, and nurture leads efficiently. By automating follow-ups, improving response time, and centralizing customer data, our CRM is capable of making multiple automated reports at same time. Businesses like Pharma companies, solar, IT firms, and real estate use our products to grow their businesses and automate tasks to save time.

Collin Hogue-Spears is the Senior Director, DTE, at Black Duck Software, leading FedRAMP authorization and federal cybersecurity compliance. He has 20+ years in technology, including Senior Program Manager for AWS GovCloud, where he protected $3B in public-sector revenue. Quoted in Politico, Dark Reading, CSO Online, and CPO Magazine on nation-state cyber operations, agentic AI security risks, and software supply chain compromise. His analysis focuses on state-sponsored supply chain campaigns and the governance gaps created by autonomous AI agents with enterprise access. He speaks intermediate Mandarin Chinese and tracks PRC cyber and AI strategy through primary-source government documents. CISSP | CISM | MBA, UMass Amherst

Prity Khastgir is a prominent figure in the fields of intellectual property law, technology strategy, and business innovation. Her extensive career spans over 18 years, during which she has achieved significant milestones and contributed to various sectors, particularly in intellectual property rights (IPR) and technology. Education and Training: - Selected for the Goldman Sachs 10,000 Women Executive Business Education Program, receiving a full scholarship from the Indian School of Business. This program is designed to empower women entrepreneurs with business education and leadership skills. - Founder and CEO of Tech Corp International Strategist (TCIS): Prity established TCIS to provide consultancy in intellectual property and technology strategy, catering to clients globally. - Patent Trainer at WIPO (World Intellectual Property Organization): She has been actively involved in training sessions that enhance understanding of patent laws and processes internationally. - Contributor and Journalist: Previously contributed to the China Economic Information Service, where she shares insights on technology and patents. Speaking Engagements - Recognized as an international speaker, Prity frequently addresses global conferences on the intersection of technology, law, and business within the context of Industry 4.0. She participates in ITU Regulatory Workshops focusing on Sustainable Development Goals (SDGs) and cybersecurity initiatives. Legal Expertise A registered patent attorney in India, Prity specializes in various aspects of intellectual property law, including patent drafting, prosecution, and managing complex IP portfolios for multinational corporations. Her expertise extends to sectors like pharmaceuticals, biotechnology, and telecommunications. Publications and Media Presence Featured in reputable publications such as BBC World, Nature Reviews Drug Discovery, and BioSpectrum Asia, highlighting her contributions to discussions on patents and technology. Prity Khastgir's career reflects a blend of legal acumen, technological insight, and a commitment to empowering others through education and strategic guidance in the rapidly evolving landscape of intellectual property rights.

Nikita Patil Brennan is a senior program leader recognized in Marquis Who's Who 2026 for professional achievement and leadership. She brings experience leading complex cross-functional initiatives within both Fortune 500 and Global 500 organizations, with a background spanning program management, operations, enterprise systems, and large-scale transformation. Her expertise includes leadership, stakeholder alignment, organizational effectiveness, change management, process improvement, and driving execution across teams with competing priorities. Nikita offers practical insights shaped by real-world experience operating in large, fast-paced corporate environments where clarity, influence, and results matter. She is available to comment on program management, leadership, career growth, workplace trends, women in leadership, productivity, cross-functional collaboration, and business operations.

Meet Dhriti Mukherjee Pipil – Trade Economist, Consultant, Speaker & Educator Dhriti Mukherjee Pipil is a Delhi NCR–based international trade economist, consultant, researcher, and speaker, specialising in trade finance, foreign trade policy, and agricultural trade. She is the Founder of Global Trade Institute (GTI), an institution focused on building export-ready professionals and businesses through practical trade education. She currently serves as a Senior Research Fellow at Indian Institute of Foreign Trade (IIFT), where her work examines India’s agricultural trade policy, export restrictions, price volatility, and supply chain dynamics. She is also an empanelled faculty with Federation of Indian Export Organisations (FIEO), delivering specialised sessions on export finance and international payment systems. Dhriti is a Leadership Member at the Women in International Trade Business Council (WIITBC) under the International Trade Council (ITC), and serves on the Economic Advisory Board of the Economic Transformation Council, contributing to trade-led policy discourse. With over a decade of experience in banking and trade finance, her expertise spans export finance, cross-border payments, foreign exchange markets, trade risk management, WTO frameworks, and emerging digital trade finance systems. She holds professional certifications from the Indian Institute of Banking & Finance (IIBF) and the International Chamber of Commerce (ICC). Her work bridges policy, practice, and pedagogy—offering consultancy in export strategy, trade finance structuring, compliance, and market entry. She actively mentors MSMEs and startups, enabling them to navigate global markets with operational clarity. Dhriti has authored peer-reviewed research in journals such as Economic & Political Weekly and The Indian Economic Journal, alongside policy contributions to The Hindu BusinessLine, Down To Earth, Policy Circle, AgroSpectrum, and global platforms including the World Trade Centre. She is a regular speaker at national and international forums, including the Economist Intelligence Unit (2025), International Trade Council (2025), WTO Chairs Programme, and Indian Economic Association. Through her work, she seeks to reduce information asymmetry in global trade and build a more inclusive, resilient, and knowledge-driven export ecosystem.

I am an award winning highly quantitative Product Development Engineer who specializes in transforming raw silicon characterization data into predictable, high-yield products ready for mass production, with direct experience on cutting-edge 3nm and 2nm processes crucial for next-generation AI and ML hardware. My expertise is rooted in applying Statistical Design of Experiments (DOE) and advanced methodologies like Six Sigma directly to post-silicon issues. I leverage deep data analysis to quickly pinpoint and eliminate root causes of complex parametric and functional failures within System-on-Chip (SoC) architectures. Notably, I personally conceptualized and implemented the entire Yield Management System for ARM, a multi-billion dollar entity, delivering a mission-critical infrastructure solution at virtually zero dollar cost. This rigorous, data-driven approach is key to achieving robust product quality and accelerating the time-to-market for every new silicon generation. I was also as named a Thinkers360 Top 25 Global Thought Leader and Influencer in the "Engineering" category and a Top 50 Global Thought Leader and Influencer in the "Future of Work" category for 2025.

Excellent SAP Security & GRC Lead having 15+ yrs of experience. CISSP certified. Specialties: GRC,SAP Security(S4HANA,ECC,FMS,Simple Finance,IBPf/BPC,Fiori/GW,HANA,BW4HANA/BI/BOBJ/IS/DS,CRM,SRM,SCM,SNC,HR,SolMan, PO/PI,Portal,TM,EM),SSO(SAP Single Sign On 3.0),SAML, Kerberos,Spnego ,SAP Cyber Security,Identity & Access Management(SAP IDM,MIM etc.), RAL,Oracle,AIX,SAP Basis

Naga Santhosh Reddy Vootukuri, a seasoned professional with over 17+ years working at Microsoft, reflects on his journey from India to the USA. Graduating from Sreenidhi Institute of Science and Technology in 2008, he now serves as a Principal Software Engineering Manager for Azure SQL. His role involves leading his team through software development cycles, ensuring successful product launches. Currently, Naga focuses on a significant initiative in Azure SQL Deployment, emphasizing high availability for SQL customers during feature rollouts. Previously, he managed Master Data Services (MDS) within SQL Server, gaining community connections and contributing actively to Microsoft forums. Currently his focus is mainly on AI LLM's and he shares his knowledge through detailed articles. Aside from technical responsibilities, Naga engages in Microsoft hackathons as judge and mentors junior engineers, finding fulfillment in guiding their career paths. He also champions diversity and inclusion, advocating for equality within the tech industry. Naga sees himself not only as a technical leader but also as a catalyst for positive change at Microsoft. He was featured on several media articles including yahoo, Aol, MSN, Business insider, jotforms, informationweek to name a few.

Founder & CEO of Genbounty - AI safety & compliance testing. Genbounty is a an AI safety testing hub and provider of EU AI Act compliance and certification. About me AppSec SME, AI Engineer, Developer | BSc, MBA, PRINCE2, CompTIA+, CISSP