Monthly Archives: August 2018

Penalties

A key element of either Compliance or Governance (or both) is penalizing violations.  Otherwise, the rule is on paper only, and isn’t real.

“U.S. Steps Up Grid Defense,” The Wall Street Journal, August 6, 2018 A1. Government devising new penalties for foreign (and domestic) agents who hack into critical infrastructure.

Sounds good.  But might we be better off with a few more ounces of prevention (education, technology controls, testing, etc.)?  The “internal” controls.  By the time you’re penalizing folks, you’ve been hacked.

Leave a comment

Filed under Access, Compliance (General), Controls, Duty, Governance, Government, Interconnections, Internal controls, IT, Security, Technology, Third parties

Shoot for the stars

Nailing a high-visibility target demonstrates that you’re serious about compliance.  Especially if he or she is a big money maker.  And especially if it is over violations of your company’s procedures.

“GAM Says Fund Manager Breached Policies on Gifts,” The Wall Street Journal, August 7, 2018 B10.  “[T]he star fund manager” also used his personal email to transact business for the company, and failed to follow other company procedures.

The company’s shares have dropped 44%.

Would you be surprised if your company did this?  What does that say about your culture?

Leave a comment

Filed under Compliance, Compliance (General), Controls, Corporation, Duty, Employees, Governance, Internal controls, Oversight, Policy

Gee, what could go wrong?

“Facebook Asks Banks for Customer Data,” The Wall Street Journal, August 7, 2018 A1. “[T]o offer new services to users,” Facebook asks banks for “detailed financial information about their customers.”

I can see what’s in it for Facebook, and maybe for the banks.  But isn’t this your information?  Shouldn’t you have some control what the banks do with it?  Are you comfortable with the controls the banks and Facebook will place on this information?  It might be convenient for you, but at what risk?

Do we remember Cambridge Analytica?  Will Facebook try to do this in Europe?

To whom do you complain?  Your elected representative?  Your bank?  The state or federal regulators?

1 Comment

Filed under Access, Controls, Corporation, Duty, Duty of Care, Governance, Information, Internal controls, Investor relations, IT, Oversight, Ownership, Privacy, Protect assets, Security, Third parties, Uncategorized, Who is in charge?

How much due process is due?

“CBS to Weigh CEO’s Fate,” The Wall Street Journal, July 30, 2018 A1.  Discussion over whether CEO accused of sexual harassment should stand down while the investigation continues.

Curious that Urban Meyer has to stand aside while an investigation into whether he should have reported domestic abuse by an assistant coach 9 years earlier at a different school, but Leslie Moonves remains on board as the CEO of CBS.  See https://infogovnuggets.com/2018/08/07/caesars-wife/

What does it say about a company’s culture when, in the current environment, the CEO can remain in his job during such an investigation?  How convinced are the rank-and-file employees that the sexual harassment policy is real, or just a piece of paper?  Are the directors serious about this policy?  What about other policies?

Leave a comment

Filed under Board, Compliance, Compliance, Compliance (General), Corporation, Culture, Culture, Directors, Duty, Employees, Governance, Oversight, Oversight, Policy

We didn’t know

Knowledge, or lack thereof, is often a good defense.

“Fiat Says It Didn’t Know CEO was Ill,” The Wall Street Journal, July 27, 2018 B1.  Company says privacy of health care information meant they didn’t know that their CEO had been sick for a year.

Who knew or should have known?  Was this insider information that would affect the value of investments?

Should the Board have known?  Did the CEO have a duty to disclose?  For more than a year!

Governance, Compliance, and Information.  All in one.  Add a dash of privacy.

Leave a comment

Filed under Access, Accuracy, Board, Communications, Compliance, Compliance (General), Compliance Verification, Controls, Corporation, Directors, Duty, Employees, Governance, Inform market, Inform shareholders, Internal controls, Investor relations, Oversight, Privacy, To report, Uncategorized

Churn ’em, Burn ’em, and Learn ’em

More of the same old stuff.

“Advisers Blew Whistle on Wells Fargo Wealth Unit,” The Wall Street Journal, July 28 2018 B1.  Sales incentives drive improper behavior at Wells Fargo.  Again.

The good news is that four Wells Fargo financial advisers tipped off the DOJ and the SEC to what was happening.  High-wealth investors were steered to investments that would result in higher fees paid to Wells Fargo.

So the culture wasn’t entirely corrupt.  There’s hope.

Leave a comment

Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Duty, Employees, Governance, Internal controls, Investor relations, Policy, To report

Clarity

“Read This Extremely Important, Totally Incomprehensible, Completely Convoluted Information About Your Broker!” The Wall Street Journal, July 28, 2018 B1. Confusion over required SEC disclosures.

A four-page summary.  But will people read it?  Will most people read more than 4 bullet points?  Unless, of course, there’s a prize.

What value is disclosure if it is in language that the average person won’t read or won’t understand if he/she does?

Governance or Information?  And a pinch of Compliance?

Leave a comment

Filed under Accuracy, Communications, Controls, Corporation, Data quality, Duty, Governance, Information, Internal controls, Investor relations, Third parties, Value

Oops.

“Vanguard Messes Up Messages To Clients,” The Wall Street Journal, July 26, 2018 B10.  Money manager with over $5 trillion in assets under management sends text messages to clients that the money manager had processed loans against their 401(k) accounts.  But the customers hadn’t requested the loans.

Imagine the customer reaction.

How important is it to get your client communications right the first time?  Are you in the trust business?  Is claiming a “systems issue” enough?

Leave a comment

Filed under Accuracy, Communications, Controls, Corporation, Data quality, Duty, Duty of Care, Governance, Information, Internal controls, Investor relations

Higher learning

Sometimes, I select stories just for the headline I can write over it.

“Temple Is Probed Over Online MBA Marketing,” The Wall Street Journal, July 26, 2018 B5. University accused of deceptive marketing to prospective MBA students.

What is the lesson here?  School may have tweaked some test data to improve the school’s ranking.  Did non-students learn more than students?

Dean lost his job.  The school’s reputation takes a hit.  US News & World Report it told the school can’t verify its information.  Maybe the ex-Dean can be the subject of a case study in the Ethics curriculum.  Or a Compliance course, if the school has one.

Leave a comment

Filed under Accuracy, Compliance, Compliance (General), Controls, Culture, Data quality, Duty, Employees, Governance, Information, Internal controls, To report

If it’s not free

How much is it worth to you to have access to the Internet on a plane trip?  Apparently, less than they are charging for it.

“Airline Wi-Fi Isn’t Connecting to Profits,” The Wall Street Journal, July 26, 2018 B1.  Is it because the service is too slow, or too expensive?

I adjusted years ago to the lack of quality Internet service while in the air.  I actually like the peace.

But if an airline chose to compete by including this in the ticket price, would it drive traffic?  How many people actually pay for this out of their own pockets, rather than charging it off to their employers?  Do employers notice or care?  What’s your policy?

Is this Governance or Information?  Both?

 

 

Leave a comment

Filed under Access, Controls, Information, Interconnections, Internal controls, IT, Value