Monthly Archives: December 2017

December 20, 2017 · 9:37 pm

Who owns your email?

“Lawyer Presses Mueller on Emails,” The Wall Street Journal, December 18, 2017 A4.  Questions arise after a government agency (later identified as the GSA) turns over Presidential transition team emails to Mr. Mueller.

Who owns the emails of non-governmental employees who use storage provided by a government agency?  And must the Special Counsel file a subpoena before getting information from a third party?

Where is your company’s email stored? Who owns it?

If there’s anything in those emails, are they “fruit of the poisonous tree” as the Special Counsel did not get a warrant?

Leave a comment

Filed under Access, Controls, Corporation, Duty, Employees, Government, Information, Internal controls, Lawyers, Ownership, Third parties

December 20, 2017 · 9:29 pm

Net Neutrality

Which is better?  Government regulation or market regulation?  I guess we’ll find out.

“FCC Reverses Rules on Net Access,” The Wall Street Journal, December 15, 2017 A1.  The move reverses the utility-based rules that were previously in place.

Were the rules neutral before, or are they neutral now?  Does the government control how we get our information, or do market forces?  How much does it matter?

Leave a comment

Filed under Access, Communications, Controls, Governance, Interconnections, IT, Oversight, Third parties

December 20, 2017 · 9:19 pm

Keeping track

Your can keep track on paper, or have a machine do it.  Which is better for compliance?

“Electronic Logs to Rule the Road,” The Wall Street Journal, December 16, 2017 B3.  For many years, larger trucking companies have used electronic systems to monitor how many hours their drivers drive, and thus comply with various DOT regs.  Now smaller companies will have to follow suit.

 

Leave a comment

Filed under Accuracy, Collect, Compliance, Controls, Corporation, Data quality, Duty, Employees, Governance, Information, Internal controls, Management, Oversight, Requirements, Third parties, To report, Value

December 20, 2017 · 9:09 pm

Prosecution deferral

HSBC Set Free of Deferred-Prosecution Pact,” The Wall Street Journal, December 12, 2017 B10.  Five years later, HSBC has apparently cleaned up its act enough, and its independent monitor can now go home.

Independent monitors are an intrusive and expensive mechanism by which to avoid criminal conviction.  You pay a third party to watch to make sure you don’t do anything wrong going forward.  But they’re better than a criminal conviction.

Leave a comment

Filed under Compliance, Controls, Governance, Oversight, Third parties

December 20, 2017 · 9:00 pm

Who are your employees, anyway?

“Firm Settles Russia Probe,” The Wall Street Journal, December 12, 2017 A5.  Company working on US defense projects had Russian employees who lacked appropriate security clearances (and who stored some material on servers in Russia).

No fine reported; company to institute new security protocols and thereby resolve criminal complaint.

One would have thought someone would have gotten more than their hands slapped over this one.

Leave a comment

Filed under Access, Compliance, Compliance, Controls, Corporation, Duty, Governance, Government, Internal controls, Management, Oversight, Protect

December 20, 2017 · 8:49 pm

Sending a message?

“Bank Fires Adviser on Conduct,” The Wall Street Journal, December 8, 2017 B10. Morgan Stanley fires a former Congressman (Harold Ford, Jr.) who worked as a “senior adviser” after allegations of inappropriate conduct involving a woman.

The fired Congressman still works as a political analyst for MSNBC.

Does that send a message to the bank’s employees that you’re serious about your policies? What about MSNBC?

Leave a comment

Filed under Compliance, Controls, Corporation, Duty, Employees, Governance, Internal controls, Oversight, Policy

December 20, 2017 · 8:34 pm

Dig deeper

The Chairman uses not one jet, but two (at once).  Who governs this?

“GE Digs Deeper Into Use of Jets,” The Wall Street Journal, December 13, 2017 B1.  The CEO and some senior execs were aware, as was one board member.

How did this practice go on?  It cost millions.  What else slipped through some very large cracks?

Who should pay back the shareholders for this waste of assets?

Leave a comment

Filed under Board, Controls, Directors, Duty, Governance, Internal controls, Oversight, Oversight, Protect assets

December 8, 2017 · 10:18 am

Wells Fargo, again

“Wells Fargo Gets New Warning,” The Wall Street Journal, November 30, 2017 B1.  Feds may take enforcement action over the company’s auto-insurance and mortgage operations.

Will the shoes ever stop dropping at Wells Fargo?  Once you are shown to be non-compliant, do you get stuck under the regulatory microscope?

How’s that suit against the directors going?

Leave a comment

Filed under Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Oversight, Oversight

December 8, 2017 · 10:12 am

Breach at PayPal

“PayPal Discloses Breach At Its TIO Unit,” The Wall Street Journal, December 2, 2017 B11.  Upwards of 1.6 million users affected at newly acquired company that has kiosks in retail stores.

When you acquire a company, make sure their cybersecurity is up to snuff.  From Day One.

Leave a comment

Filed under Board, Compliance, Compliance Verification, Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, IT, Oversight, Oversight, Protect assets, Protect information assets, Security, Supervision

December 8, 2017 · 10:06 am

Reparations

What do you do when your website goes down for two hours, preventing customers from accessing their accounts?

“Fidelity Seeks to Make Amends for Website Glitch,” The Wall Street Journal, December 2, 2017 B11.  Company offers commission waivers and to discuss pricing adjustments.

Does your business continuity plan have a chapter on how to serve your customers?

Leave a comment

Filed under Access, Business Continuity, Duty of Care, Governance, Operations, Oversight