An employer wants to know that the employee is fit for duty. The employee doesn’t want the employer to know he’s being treated for an illness that may or may not affect his or her ability to perform on the job. The employer pays for the medical tests. The risks are huge.
Who’s rights are paramount?
“Co-Pilot Hid His Depression,” Wall Street Journal, March 28, 2015 A1. The co-pilot at the helm when a plant full of people crashed into the French Alps hid his treatment for depression from his employer.
It’s a slippery slope when you intrude into the doctor-patient relationship. Is this a case where the doctor should have notified the airline? Would that information have affected the airline’s staffing decision?
Filed under Business Case, Collect, Compliance, Controls, Duty of Care, Governance, Internal controls, Management, Privacy, Protect, Risk, Third parties, Use
Following episodes where traders at large banks were sharing information about their clients’ positions in various currency trades, resulting in fines of more than $4 billion, the Federal Reserve Bank of New York and several other central banks agreed not to do that anymore.
“Bankers Agree on Client-Data Protections,” Wall Street Journal, March 26, 2015 C4. An eight-page agreement says foreign exchange traders should not share more information than necessary to effectuate the trade, and they should not pass along information they know or suspect is misleading.
What does it say about an industry culture where such an agreement is necessary? And who is going to establish regulations and who is going to enforce this in multiple countries? I guess it’s better than the banks using their clients’ information to trade on the bank’s account. Or can they do that? Whose information is it, anyway?
Is one of the information governance risks your company monitors the risk of being delisted from the stock exchange for submitting filings late?
“Hertz Is Out of NYSE Compliance,” Wall Street Journal, March 25, 2015 B6. Unable to file its annual report on time because of an investigation into prior financial reports, Hertz was notified by NYSE that it was out of compliance. If they can’t file within six months, delisting proceedings would begin.
Talk about a death sentence.
How likely is it that your company will have to file reports to the government or to its stock exchange after the deadline? What’s the impact if that happens? Thus, the calculus of risk.
Why do organizations have policies that require internal review of presentations to outsiders? What about review of internal presentations?
“Merrill Lynch Fined Over Presentation,” Wall Street Journal, March 24, 2015 C2. Failure to comply with company policy requiring compliance department pre-publication review of presentations leads to $2.5 million fine. For an internal presentation by the brokerage division that did not disadvantage any clients.
That’s why we have policies and procedures, I guess.
Filed under Business Case, Communications, Compliance, Compliance, Controls, Governance, Internal controls, Management, Oversight, Policy, Risk, Use
Would the agency in charge of gathering data on the budget deficit “massage” the numbers to make the deficit look worse?
“Greeks Investigate Statistics Chief Over Deficit Figure,” Wall Street Journal, March 23, 2015 A8. A prosecutor filed criminal charges alleging falsification of data (they don’t have 18 USC §1519 in Greece) against the head of the statistics agency. Was the deficit 4% of GDP in 2009 or 15%? More than a rounding error.
What happens if government numbers are a political football? Who’s watching this?
Filed under Business Case, Collect, Compliance, Compliance, Compliance, Compliance Verification, Data quality, Duty of Care, Governance, Management, Oversight, Oversight, Reliance, Risk, Use
Do you rely on a document management system to store your documents? What if the system misfiles a document, or several? What if the misplaced documents arguably affected a defendant’s defense?
“Glitch May Have Tainted Criminal Cases,” Wall Street Journal, March 18, 2015 A3. Misfiling by a court’s document management system raises potential objections from defendants.
This goes to access and care. What duties do you have to file things correctly? What if you don’t, and as a result someone doesn’t get to see what they’re entitled to see? What’s that worth?
How do you protect against this risk?
Filed under Access, Business Case, Collect, Compliance, Controls, Duty of Care, Governance, Information, Interconnections, Internal controls, IT, Management, Protect, Risk, Value
All the buzz is creating your bracket for the office pool for March Madness. What if, like me, you don’t follow college hoops that closely?
“Let Our Machine Build Your Bracket,” Wall Street Journal, March 17, 2015 D6. The Journal has a machine that will pick your teams based on your preferences. Even if you don’t know much.
You weren’t going to win the pool anyway.
Any other use for a machine that will make decisions for you based on your preferences and a bunch of stuff you don’t know??