Compliance in Focus: First Italian Edition of the Summit Discusses AI, Cybersecurity, and Corporate Governance

On the 7th of May of 2025, the Palazzo Parigi in Milan hosted the first Italian edition of the Compliance Summit, a landmark event organized by Leaders League. While this was the debut of the Summit in Italy, it marked the 5th global edition of the event, following successful previous editions in Lima, São Paulo, and Brussels.

The event brought together over 160 professionals from across Europe, including CEOs, general counsel, compliance and data protection officers, and legal experts. Attendees represented a wide range of industries, with strong participation from the technology, communications, and financial sectors.

Held over the course of an afternoon, the Leaders League Compliance Summit featured five expert panels covering the evolving landscape of compliance and its intersections with critical issues such as artificial intelligence and cybersecurity. Thanks to the practical background of the speakers, discussions went beyond theory, focusing on real-world challenges and concrete strategies that companies are implementing to ensure compliance policies in rapidly changing environments.

The opening panel “From Whistleblowing to Accountability: Building a Culture of Compliance and Transparency” moderated by Mattia Salerno (Pirola Pennuto Zei & Associati), featured Luca Campitelli (Prysmian), Elisa Antonietta Blardone (MicroPort), Paolo Marpillero Errera (Lab4Compliance), and Stijn Merks (Delivery Hero). The panel addressed the challenges companies face in implementing effective whistleblowing channels under Directive (EU) 2019/1937 on whistleblower protection. Speakers highlighted the challenges during the directive’s transposition—particularly regarding the outsourcing or sharing of reporting mechanisms—and stressed the importance of ensuring their independence. The discussion emphasized the need to foster a culture of trust where reporting is seen as a tool for organizational improvement. Confidentiality, clear internal policies, and the concrete use of reported information were identified as key elements for building credibility in compliance programs.

The second panel, titled "The Intersection of Technology and Compliance: Navigating AI, Data, and Cybersecurity Risks", explored how emerging technologies are reshaping compliance obligations across sectors. Moderated by Giovanni Maria Riccio, partner at E-Lex, the discussion examined the growing influence of the EU AI Act, the challenges of harmonizing global regulatory frameworks, and the practical implications for corporate governance. Panelists Francesca Spreafico (Visa), Luís Graça Rodrigues (Indra Group), Boris Paulin (Kering), Matteo Pedica (Fastweb), and Mafalda Mascarenhas Garcia (IBM) emphasized the urgent need for internal governance structures, cross-functional collaboration, and ongoing risk assessment. While AI offers transformative opportunities—such as real-time fraud detection and automated transactions—it also introduces complex legal risks, particularly when operating across jurisdictions with vastly different regulatory approaches.

The third panel, “From Local to Global: Best Practices for Cross-Border Compliance Harmonization”, focused on how multinational companies are navigating the growing complexity of aligning compliance programs across jurisdictions. Speakers highlighted the need for scalable frameworks that respect both global standards and local regulations, stressing the role of internal coordination and cultural awareness. Marine Assadollahi (Fives Group), Natacha Podymski Ribeiro (Saba Group), and Adriano Peloso (Lenovo), under the moderation of Carolina Cueva Vaccaro (CMS Grau), offered insights from different sectors, discussing how to build coherent compliance practices amid regulatory fragmentation.

In the fourth session, “Corporate Investigations 2.0: Leveraging Technology and Ethics to Mitigate Risk”, panelists explored how companies are integrating digital tools and data analytics to strengthen their internal investigative functions. The discussion revolved around the potential of these technologies to improve risk detection and the challenges they pose in terms of privacy and fairness. Silvio Cavallo (Pillarstone), Salvatore Lo Giudice (INWIT), Umberto Cunial (AXA Advice), and Pietro Galizzi (Plenitude), moderated by Filippo Fioretti (Pavia e Ansaldo), emphasized the importance of ethical standards and transparency in conducting modern corporate investigations.

The final session "AI Act: Balancing Innovation, Cybersecurity, and Compliance in Finance", brought together Davide Michele Chiarlo (Santander Italy), Martina Salvi (ING Bank Netherlands), and Afonso Cardoso de Menezes (Haitong Bank), under the moderation of Ernesto Belisario (E-Lex), to discuss the implications of the EU’s AI Act for the financial sector. The panel explored how institutions are working to align innovation with regulatory compliance, emphasizing the need for internal governance mechanisms such as ethical AI boards, accountability officers, and continuous risk monitoring. Speakers highlighted both the opportunities and the complexity of using AI tools in areas like fraud detection, credit scoring, and customer personalization, stressing the importance of preserving a human-centric approach.

The event concluded with a networking cocktail, allowing participants to continue conversations and exchange insights in an informal and engaging atmosphere.

The 2025 edition was made possible thanks to the support of key event partners BSP, Panetta Law Firm, E-Lex, Pavia e Ansaldo Studio Legale, Unyer Global Advisors, and Swot Legal. The Compliance Summit also benefited from the sponsorship of After Data Compliance Solutions and Kreita, and the collaboration of institutional partners Lab4Compliance and the Osservatorio Penalisti Studi Multipractice.

A new edition of the Compliance Summit in Italy is already scheduled for 2026, with the goal of continuing the dialogue around regulatory innovation and corporate governance.