Two related articles on a critical point for information governance, separated by a mere seven pages.
“Yahoo Probe Prompts Cut in CEO’s Pay,” The Wall Street Journal, March 2, 2017 B4. CEO won’t get 2016 bonus and agreed to “forego” her 2017 equity awards, as a result of management’s failure “to ‘properly comprehend or investigate’ a 2014 security breach.”
“Wells Fargo Withholds Top-Level Bonuses,” The Wall Street Journal, March 2, 2017 B11. Eight top executives lost their 2016 cash bonuses and some stock grants or options. This was to hold them accountable for the sales cramming practices where the bank opened fictitious accounts. Or the damage to the company’s reputation. Or both.
Here, companies are shown getting semi-serious over governance by penalizing senior executives for security or operational violations of policy.
As employees, the senior executives have the duty to comply with the law and the company’s policies, and to supervise the people who report to them. This also, one assumes, reduces the risk of derivative action suits against the directors individually for failing to provide the necessary oversight (read: governance). When will directors be held individually liable for failing to meet their duties?