InfoSec People Profile: LexisNexis Risk Solutions’ Vincent Gaudel

By Roy Urrico

Finopotamus presents InfoSec People Profiles, a series spotlighting individuals working in information security (infosec), cybersecurity, fraud prevention, and/or information governance to protect data and transactions at credit unions, other financial institutions, and fintechs serving the financial services industry.

“I did not begin my career thinking in terms of information governance. However, working in financial crime compliance, it quickly became clear that information sits at the core of everything,” Vincent Gaudel, financial crime compliance expert at Atlanta-based LexisNexis Risk Solutions, told Finopotamus. The company specializes in helping organizations, including financial institutions, evolve technologically while protecting critical and personal information.

 Gaudel was born in Nice, France, and grew up in that nation’s southeast before moving to Bordeaux, hub of the wine-growing region, for business school. “It is also where I ultimately returned and now call home,” he said.

Along the way, he had the opportunity to live and work in several international environments, including Sweden, China, Switzerland and Paris. “That experience shaped my interest in the intersection of geopolitics, business, finance and regulation, which continues to influence my work today.”

His involvement in information governance — the strategic framework of policies, procedures, and technologies used by organizations to manage, secure, and maximize the value of their data assets — developed naturally from that perspective. Gaudel described his focus “on how organizations collect, structure, enrich, screen and use data in a way that is accurate, proportionate and operationally effective.”

Information Governance Not Theoretical

“My current role sits at the intersection of regulatory expectations, financial crime risk, data and technology,” noted Gaudel. He explained a significant part of his work involves translating policy objectives and regulatory requirements into practical controls that organizations can realistically implement.

“Organizations rely on reliable data, strong controls and effective monitoring to understand who they are dealing with, detect suspicious activity and comply with AML (anti-money laundering), CFT (combating the financing of terrorism) and sanctions obligations, ultimately protecting the integrity of the financial system,” said Gaudel.

Speaking in the context of sanctions and AML/CFT compliance, information governance is not theoretical, he maintained. “It directly determines whether an institution can properly identify customers, understand beneficial ownership, detect politically exposed persons (PEPs), screen against sanctions lists and monitor and escalate risks in a timely manner.”

A persistent challenge is that institutions often hold large volumes of sometimes fragmented, incomplete or outdated data, Gaudel observed. “My work focuses on improving how that data is structured and used — strengthening screening capabilities, data quality and operational design to deliver more effective compliance outcomes.”

This has implications beyond individual firms, he suggested. “It connects directly to broader priorities such as financial integrity, national security and the prevention of organized crime and terrorist financing, while also ensuring legitimate customers can access financial services without unnecessary friction.”

Defining Information Governance's Role

LexisNexis Risk Solutions supports organizations in making better risk-informed decisions through data, analytics and technology, according to Gaudel. “In the financial crime compliance space, this means helping institutions identify and assess risk-relevant information about customers, counterparties and transactions. Regulatory expectations require firms to know who they are doing business with, detect sanctioned entities, identify PEPs, assess adverse media and understand ownership and control structures.”

Meeting those obligations depends on access to high-quality data and technology capable of applying that data at scale, expressed Gaudel. “This includes screening tools, sanctions and watchlist data, PEP and adverse media intelligence, and workflow solutions that support efficient review and escalation processes.”

Gaudel made clear the responsibilities of LexisNexis Risk Solutions: “Our role is not to make compliance decisions on behalf of institutions, but to provide the data, analytics and risk intelligence that enable timely, informed and defensible decisions.”

Threats Causing Sleepless Nights

“What concerns me most is the gap between the sophistication of illicit actors and the ability of institutions to detect them in time,” said Gaudel. Financial crime risks are constantly evolving, he cautioned.

“Bad actors adapt quickly, using complex ownership structures, intermediaries, front companies, trade networks and jurisdictional gaps to obscure their activity,” said Gaudel. At the same time, institutions must navigate rapid regulatory change, expand sanctions regimes and increase supervisory expectations.”

There is a real risk that organizations become overly focused on process rather than outcomes, Gaudel suggested. “Effective compliance cannot be reduced to completing checklists. It requires generating timely, actionable and risk-relevant information, identifying the right red flags and ensuring meaningful escalation.”

Another major concern centers on data quality, Gaudel said. “Even well-designed policies fail when the underlying data is incomplete, inconsistent or not properly connected. In this environment, poor data is not just an operational issue — it can result in missed sanctions exposure, weak due diligence and delayed detection of serious risks.”

Top Information Governance Dangers

Gaudel detailed other top information governance dangers to credit unions and other financial institutions today. “One of the most significant risks facing financial institutions is not having sufficient visibility into the parties behind a transaction or relationship.”

He continued, “Customer due diligence is increasingly complex. Understanding who ultimately owns or controls an entity, identifying links to PEPs, assessing adverse media and determining whether activity aligns with a customer’s profile all rely on accurate and current information.”

The challenge becomes even greater when looking beyond the direct customer, said Gaudel. “Exposure can arise through counterparties, intermediaries, beneficiaries, vessels, trade flows, geographic risk and ownership chains. In sanctions compliance, risk is often indirect — involving entities owned or controlled by sanctioned parties, front companies or patterns that suggest evasion.”

The core issue is twofold, he added. “In some cases, institutions lack sufficient reliable data, and in others, the data exists but is not effectively integrated into screening, monitoring and escalation processes.”

Given that sanctions compliance allows very little margin for error, regulators require institutions to demonstrate a risk-based, well-governed and adaptable approach, suggested Gaudel. “This depends on strong data governance, effective screening and clear accountability, supported by continuous testing and the ability to respond to evolving risks.”