Advertisement, Adult, Female

Compliance training is the first thing most employees experience in your LMS. If it’s boring, confusing or irrelevant, you’ve already lost them and not just for that course. At the latest Docebo mix webinar, OpenSesame Enterprise Curator Amanda Sessions and Fanatics L&D Lead Erin Soles made the case for treating compliance as the foundation of a workforce readiness strategy all while making chocolate candy. 

Here’s what they said, and what a better process looks like. 

Key takeaways

Compliance is your first impression. For most employees, it’s the first thing they do in your LMS. A bad experience sets a negative tone for the entire learning culture. 

The old model doesn’t work. One-size-fits-all courses, manual tracking and static content can’t keep up with rapidly changing global regulations, AI-driven risk, and modern learner expectations. 

You don’t have to build everything yourself. Curated content for regulatory requirements and custom content for policy specifics is more scalable and effective. 

Compliance done well builds trust. As AI reshapes how people work, that trust is a business-critical asset, not a nice-to-have. 

Compliance training sets the tone

For most employees, compliance training is the first interaction they have with your learning and development function. Before any skills course, leadership program or onboarding academy, there’s compliance. It signals what your organization actually values.

“If you’re serving up a sub-par experience, people are going to be less excited about your L&D program and less excited to go into your LMS. And let’s be honest, compliance already has a reputation. So that first impression really matters.” 
Amanda Sessions
Enterprise Curator, OpenSesame

Amanda shared a personal example that resonated with the audience: her first compliance training experience at OpenSesame was a choose-your-own-adventure, story-driven experience that left her more excited about her new role. Not because the course was entertaining (it was), but because it signaled that her employer took employee safety and well-being seriously. They didn’t just check the box. That changes how people feel as employees. 

As AI reshapes how people work, trust is more critical than ever. Employees are using new tools, making decisions with AI assistance, and handling sensitive data. There needs to be confidence and trust on both sides of that relationship. Compliance is part of building it. 

Why the old model is failing

The compliance training playbook that most organizations inherited was predictable: long courses, uniform assignments, and manual tracking. The model produced low engagement, a just-get-it-done mentality, high administrative overhead and training that felt disconnected from how people actually worked. 

The pressure to change has intensified for a few reasons: 

Regulations are moving faster than content cycles: Global requirements are layering state, federal and industry-specific mandates on top of each other. You can’t wait 12 months to update a course when guidance changes in 3. 

The administrative burden has become unsustainable: Chasing vendors for updates, re-uploading SCORM files, and manually reconciling completions across regions. 

AI has introduced a new class of compliance requirements: Questions about AI governance and accountability, responsible AI use, preventing bias, and documenting AI-assisted decisions are now compliance questions. Take the EU AI Act as an example, it came into scope faster than most organizations anticipated. 

The threat landscape is more sophisticated: AI-powered phishing, deepfakes, and advanced social engineering require employees to make better judgement calls under more pressure. Generic awareness content isn’t built for that. 

3 qualities that make compliance training work

In between tempering chocolate, Amanda Sessions outlined 3 qualities that define compliance training built for today’s workforce: 

Personalized
Not everyone has the same compliance requirements, and treating them as if they do creates problems in every direction. A frontline chocolate-making employee in California has different training requirements than an office associate in Texas. A single course that adjusts duration, content and context based on learner selections is a better model that reduces administrative overhead. 

Engaging 
Today’s workforce expects content to be fast, visual, and interactive. Handing them a static narrated slide deck and expecting behavior change is optimistic at best. The most effective compliance content is scenario-based and character-driven. The best signal it’s working? Learners compare it to a TV show or describe it as “not cringe.” 

Embedded 
Compliance already carries a stigma and every friction point reinforces it. A way to remove friction is having content integrated into platforms teams already use, automated tracking and reporting, and dynamic updates when regulations change. When compliance is easy to access and clearly relevant, participation follows. 

How to build a compliance training process

Step 1: Start with a compliance inventory, not a content shopping list 
Before selecting a single course, map your requirements. What regulations apply to your workforce, by role, region, and function? What’s currently covered? Where are the gaps? This diagnostic step separates reactive programs from strategic ones that get ahead of risk.

Step 2: Decide what to curate vs. what to build
Not everything needs to be custom. Legally required training like anti-harassment, AI compliance, OSHA safety and data privacy is often best served from trusted publishers who stay current with regulatory changes. Custom content earns its investment when the topic is specific to your organization: internal policies, unique operational environments, culture-specific scenarios. This hybrid model is the norm for mature compliance programs. 

Step 3: Choose content built for behavior change, not just completion
When evaluating curated content, ask if the course is designed to change how employees act, not just to confirm they watched it. Scenario-based learning, meaningful choices, and realistic workplace situations are the indicators. Storytelling and role-play shift behavior more effectively than narrated information delivery. 

Step 4: Use adaptive courses wherever regulations differ by role or region
Any topic where legal requirements vary (e.g. anti-harassment training) is ideal for adaptive content. One self-selecting course can serve an entire enterprise workforce while delivering legally compliant experiences by role and region. This eliminates duplicate assignments, simplifies reporting, and improves the learner experience. 

Step 5: Automate assignment, tracking, and reporting
Assignment logic should be built on learner attributes like role, location, and business unit. This ensures the right training reaches the right people without manual effort. Reporting should surface completion rates, gaps, and program health in real time, so compliance leaders act on what they see rather than chase completions before an audit.  

Step 6: Plan for regulatory change, not just initial rollout
Compliance training has a shelf life. Because of this, choose partners whose libraries are actively maintained for curated content. For custom content, establish a review cycle and flag which modules will need updates when regulations shift. 

Fanatics’ compliance transformation

Erin Soles, L&D Lead at Fanatics, brought this step-by-step process to life with a candid look at how one of the world’s largest sports companies changed their approach to compliance training. 

With 22,000+ employees across 80+ locations worldwide, Fanatics operates across multiple business units: Commerce, Collectibles, Betting and Gaming, and Events. Each with its own regulatory requirements. 

Before partnering with OpenSesame and Docebo, Fanatics’ compliance approach was reactive with no centralization. Training was assigned when a new regulation appeared or when legal flagged a gap. 

Anti-harassment training was a clear example. Because states like New York, California, and Illinois have distinct requirements that vary by role, Fanatics ended up deploying about 12 different versions of similar training in year one. Managers supervising employees across multiple states had completed redundant courses. Reporting was fragmented and learners were confused. 

By partnering with the Docebo content curation team to identify OpenSesame content that aligned to regulatory requirements, Fanatics moved to a hybrid model: curated content where speed, accuracy and regulatory alignment were critical; custom content where the topic was specific enough to Fanatics’ policies or operations that outside content wouldn’t serve. 

“We don’t have to build everything ourselves to build something effective. Strategic partnerships with Docebo and OpenSesame combined with internal development allowed us to stay compliant, move quickly, reduce administrative complexity and improve learner experience.“

Erin Soles, Learning & Development Lead 
Fanatics, Inc.

The anti-harassment course was the clearest win: one comprehensive self-select course replaced all 12 versions, adapting to each learner’s role and region from the start. That same logic extended to OSHA safety training, where curated OpenSesame content was blended with 3 internally developed modules covering Fanatics-specific protocols to deliver regulatory alignment and operational relevance in a single learning plan. When the EU AI Act came into scope faster than expected, the team didn’t scramble. They were able to deploy OpenSesame’s responsible AI content through Docebo quickly. 

Explore OpenSesame content inside Docebo

The bottom line

Making chocolate candy while talking about compliance training partly worked because it surfaced the best metaphor: tempering chocolate isn’t the most glamorous step, but it determines whether everything else holds together. Compliance works the same way. When it’s rushed or treated as an afterthought, things crack: learners disengage, risk accumulates, and trust erodes. When it’s done well, everything sets. 

The organizations building future-ready workforces aren’t treating compliance as a check box. They’re using it as the foundation for a broader workforce readiness strategy: the one that sets the tone, builds the trust, and creates the foundation for everything that comes after.