Yes, the Oscars ceremony had its information mix-up, when Warren Beatty was given the wrong envelope. But who was (and “was” is probably the operative word) in charge of calculating and communicating the cost basis for stock?
“Morgan Stanley Gave Clients Wrong Data,” The Wall Street Journal, February 28, 2017 B9. Firm miscalculated the cost basis, and therefore the gain, on sales of stocks by the firm’s wealth-management clients for 5 years. Anticipated cost: $70 million.
How do you ensure that the right information is getting to the right place (person) at the right time? What controls do you have in place? Are those controls people, process, or technology? While it took PWC a few minutes to correct the error at the Oscars, it took Morgan Stanley five years. Who had the better process?
Filed under Accuracy, Collect, Communicate, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Managers, Oversight, Policy, Protect, Protect assets, Use
“Uber Engineer Fired Over Alleged Conduct at Google,” The Wall Street Journal, February 28, 2017 B5. A celebrated new hire at Uber allegedly had sexual harassment issues at his former employer. Bye bye.
Do you ask prospective employees why they left their prior position? Do they tell you the entire truth?
Filed under Accuracy, Collect, Collection, Controls, Corporation, Duty, Duty of Care, Employees, Governance, HR, Internal controls, Management
Are you in a business that provides test results of your product to your prospective customers?
“Takata Pleads Guilty in Air-Bag Case,” The Wall Street Journal, February 28, 2017 B3. Pays $25 million criminal fine and $975 million in other penalties, having plead guilty to one (1) count of providing misleading test reports on its air bags.
Having “faulty” information is bad enough. But transmitting it to others? Priceless.
Filed under Accuracy, Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Data quality, Duty, Governance, Oversight, Oversight, Protect information assets, Supervision, Vendors
“Former SunEdison Executives File Suit,” The Wall Street Journal, February 25, 23017 B3. Company allegedly told a different story to investors than it was discussing internally, and managers were instructed to make more optimistic projections. Two executives took their concerns to the Board, and were then replaced.
Employees have a duty to report concerns upwards. The company has a duty to its shareholders and to the market to disclose material information. Directors have a duty to the corporation and its shareholders to provide oversight and to handle reports of wrongdoing appropriately.
Watch this space. A chance for a Maryland court to look at Caremark, a Delaware case dealing with a director’s duty to provide oversight, and how derivative actions get decided.
Filed under Board, Compliance, Corporation, Directors, Duty, Employees, Governance, Inform market, Inform shareholders, Investor relations, Oversight, Supervision, To report
How long would it take your internet service provider to notify you that a bug on its systems was leaking your data?
“Data Leaked on Web for Months,” The Wall Street Journal, February 25, 2017 B1. Cloudfare announced it had had a bug since September 2016, affecting its webservers, and leaking data from some of its 6 million customers. Unclear what was leaked, and to whom. Cloudfare handles 10% of the world’s web traffic.
Who at Cloudfare knew what, and when, and more importantly, who should have known more, sooner, and disclosed it?
Filed under Access, Board, Compliance, Controls, Corporation, Directors, Duty, Governance, IT, Managers, Oversight, Protect assets, Protect information assets, Security, To report
As The Wall Street Journal says, “In these days of alternative facts, some companies are pushing alternative accounting.” “Watch Out for ‘Tailored’ Results,” The Wall Street Journal, February 24, 2017 B12.
When a company departs from the usual way of reporting something (watch for “non-GAAP”), it may not be to provide you deeper insight. But you knew that.
Filed under Accuracy, Analytics, Board, Communications, Compliance, Compliance, Corporation, Data quality, Directors, Duty, Governance, Inform market, Inform shareholders, Investor relations, Oversight, Oversight
“Hashing” a document has been a lynch pin of document security for most of the digital age. It uses an algorithm to create a unique identifier for a digital document. Useful for things like computer security and ediscovery. Perhaps time has moved on.
“Google Team Cracks Web Security Shield,” The Wall Street Journal, February 24, 2017 B4. The SHA-1 algorithm was cracked, allowing the creation of two different documents with the same hash value.
Alternatives in the works. Watch this space.
Filed under Access, Accuracy, Business Case, Controls, Duty of Care, Governance, Internal controls, IT, New Implications, Oversight, Protect assets, Risk, Security, Third parties