Category Archives: Culture

Sniff test

What happens to compliance when the CEO and her boyfriend collaborate to create a culture of secrecy and fear?

“Partners in Blood,” The Wall Street Journal, May 19, 2018 C1.  Reports from the trenches at Theranos, which said it was able to run a range of tests from a few drops of blood; it couldn’t.  SEC charges company with fraud, and investors lose millions.

While the implications of a relationship of the CEO goes to Governance, are there also links to Compliance and Information?  What impact did the culture have on the company’s compliance?  How do investors know about the nature of a CEO’s personal relationships leaking into the corporate environment?

Who should have seen this and reported it to someone?  Why didn’t the directors smell a rat?

Advertisements

Leave a comment

Filed under Board, Compliance, Culture, Culture, Directors, Duty, Employees, Governance, Oversight, Oversight, Risk, Supervision, To report

Shoes of the centipede

“Wells Fargo Faces More Woe Over Client Data,” The Wall Street Journal, May 18, 2018 B1.  Another shoe drops at Wells Fargo (when will it ever end?) after disclosure that employees in the wholesale business (non-consumer) banking side changed and added customer information without approval.  Reason: to meet a compliance deadline.

Is there another organization with so many compliance failures?  It started with consumer banking and credit cards and now seems to have permeated the entire enterprise.  Is it risky to call this an enterprise?  What influenced their behavior?  Why are the directors not in the dock?  Weren’t they in charge of establishing and ensuring the culture of compliance?  This is a bank, for God’s sake.

Is it easier to find someone who was or wasn’t involved in some type of bad behavior at Wells Fargo?

Leave a comment

Filed under Accuracy, Board, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Managers, Oversight, Oversight, Supervision

Three returning contestants

And all on the same page.

  1. “U.S. Indicts VW’s Former CEO,” The Wall Street Journal, May 4, 2018 B1. Former CEO indicted in March for conspiracy and wire fraud following the emissions cheating scandal.  Do CEOs go to jail?
  2. “Facebook Has Dual Standard On Privacy,” The Wall Street Journal, May 4, 2018 B1. If you’re in a special group in Facebook, you get an alert if someone accesses your profile; if you’re a muggle, or don’t work at Facebook, you don’t.  Maybe this will change?
  3. “Theranos Hurt Big-Name Investors,” The Wall Street Journal, May 4, 2018 B1.  Company said it had the technology to do a wide range of blood tests based on a few drops of blood.  It didn’t, and a host of big-name investors lost a bundle. Is this a governance issue, an information issue, or a compliance issue?  Don’t believe everything you hear; it’s costly.  And don’t serve as a director without doing your own due diligence.

Leave a comment

Filed under Access, Accuracy, Board, Compliance, Compliance, Compliance, Controls, Corporation, Culture, Data quality, Duty, Duty of Care, Employees, Governance, Internal controls, Oversight, Oversight, Policy, Protect information assets, Supervision

When it rains, it pours

Wells Fargo, much in the news of late, make Page One, again.

“Wells Fargo Faces 401(k) Probe,” The Wall Street Journal, April 27, 2018 A1.  Investigation as to whether the bank pressured people in cheaper corporate 401(k) plans to roll their investment over into more expensive programs run by the bank.

Certainly a bank accused of similar conduct with respect to accounts, credit cards, mortgage loans, and auto insurance wouldn’t do anything so dastardly.  I mean, gosh, isn’t a bank a fiduciary?  Did they have a policy forbidding this behavior?  Are they just cheaters?  What else have they done?

I suspect they now know what a pinata feels like.

Who’s responsible for the culture at the bank that allowed all this to happen?  How much will this cost the shareholders?

Leave a comment

Filed under Board, Compliance, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Employees, Governance, Internal controls, Oversight, Oversight, Policy

Catching up

I was out of town for a bit, and am now catching up  So this will deviate from the usual one-story, one-post format.  19 squibs.

“ISS Opposes Five Equifax Directors,” The Wall Street Journal, April 17, 2018 B2.  A proxy advisor recommends against voting for members of the Board’s technology committee, who had responsibility for technology security.  Is that all that happens, they get fired?  157 millions accounts exposed and they get un-elected but not (yet) sued?  No claw-back of director’s fees?

“Facebook Data Dispute Embroils University of Cambridge,” The Wall Street Journal, April 16, 2018 B4. Cambridge says Facebook approved of the University’s use of Facebook data.  Or your data, if you wish.

“Fired FBI No.2 McCabe Misled Probe, Report Says,” The Wall Street Journal, April 14, 2018 A1.  Misleading an internal investigation into leak to the newspaper is not good.

“Volkswagen Prepares to Replace CEO, The Wall Street Journal, April 11, 2018 B1.  CEO who help VW survive the emissions scandal gets replaced. A palace coup after the company spent $25 billion+ on the scandal.  Is this more price for VW to pay?  And let’s not forget the shareholders, who foot the bill.  See also “VW Picks Chief After Boardroom Coup,” The Wall Street Journal, April 13, 2018 B1.

“Blunder Hits Samsung Securities,” The Wall Street Journal, April 11, 2018 B13. An employee’s mistake leads to mistaken issuance of $105 billion in shares, more than 30 times the company’s existing issued shares.  Do you have the right controls in place?  Is this an information governance issue?

“Facebook Hearings Put Regulation In Spotlight,” The Wall Street Journal, April 12, 2018 A1. Will the Facebook data leak/usage lead to new privacy regulation?

“Adviser Urges Shift On Board Of Equifax,” The Wall Street Journal, April 12, 2018 B10.  Does the company’s failure to avoid a cyber attack mean the board has to go?  Maybe.

“China’s Censors Zero In on Apps,” The Wall Street Journal, April 12, 2018 B4.  Chinese government extends control over a smartphone app that had crude jokes.  Now there’s enforcement of a policy, and a demonstration of what “governance” means.

“Zuckerberg Says Sorry for Harm Done,” The Wall Street Journal, April 10, 2018 B4.  Classic crisis management strategy:  admit you’re wrong?

“Sensing Urgency, Facebook Bolsters User Protections,” The Wall Street Journal, April 10, 2018 B5.  Locking the door after the horse bolted.

“Facebook Sets ‘Issue’ Ads Rule,” The Wall Street Journal, April 7, 2018 A1.  Does a background check on advertisers protect your privacy?

“YouTube Policies Stir Bitterness,” The Wall Street Journal, April 6, 2018 B1.  Following attack at YouTube HQ, taking a closer look at YouTube’s policies on filtering/restricting content.

“Facebook CEO: Lax Privacy a ‘Huge Mistake,'” The Wall Street Journal, April 5, 2018 A1.  Not focusing on privacy protections a “huge mistake.”  Really?

“Police Want to Send AI Into the Street,” The Wall Street Journal, April 4, 2018 A3.  Can body cams be used to collect “Person of Interest”-level information, real time?

“WPP’s Sorrell Faces Probe,” The Wall Street Journal, April 4, 2018 B1.  CEO of advertising company under internal investigation for misusing company assets.  It’s really just a question of duty.

“GM Scraps a Standard in Sales Reporting,” The Wall Street Journal, April 3, 2018 B1.  You manage what you measure.  So, no longer reporting this statistic will reportedly make it easier to measure performance.  Huh?

“Oracle Defeats Google In Court,” The Wall Street Journal, March 28, 2018 B1. Appeals court revives copyright infringement suit against Google.  $9 billion+ in damages alleged.

“Wedbush Accused Of Flawed Oversight,” The Wall Street Journal, March 28, 2018 B12.  SEC charges company with failure to properly supervise an employee involved in “long-running ‘pump-and-dump’ scheme.”

 

Leave a comment

Filed under Accuracy, Board, Communications, Compliance, Compliance, Compliance (General), Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Investor relations, Oversight, Oversight, Ownership, Ownership, Policy, Privacy, Protect information assets, Security, Third parties, Value

Don’t forget who your audience is

“Angry Users Are Threat to Facebook,” The Wall Street Journal, March 23, 2018 B1.  User reaction to the use of user data may imperil FB; users lose trust.

For a company recently valued at $500 billion, the loss of a customer base and momentum may be terminal.  Or at least painful.  Just because they didn’t take care of its users’ information.

Again, is this an information governance blog or a crisis management and response blog?  The issues seem to overlap a good deal of late.  Is this just a risk of the business, or does it say something about the company’s culture or governance?  What exactly is FB selling, and to whom?  What was their reputation?

Leave a comment

Filed under Board, Controls, Corporation, Culture, Culture, Duty, Governance, Internal controls, Oversight, Oversight, Protect assets, Protect information assets, Risk Assessment, Third parties, Vendors

Secondary compliance

“More Firings at BofA Amid Misconduct Claim,” The Wall Street Journal, March 1, 2018 B1.  Two employees fired for interfering in investigation into allegations of sexual misconduct by another employee.  They may have gotten together to get their stories straight.

What does this say about culture at BofA?  Not just that there’s another instance of alleged sexual misconduct, but also that people would think they could influence the process?

Again, how do you protect against this type of behavior?  Is it enough to just publicly fire the violators?  Do you teach on the perils of interfering with an internal investigation?  This is, in all likelihood, solely a violation of policy (assuming you can find a policy that governs).  Maybe bad ethics?

 

Leave a comment

Filed under Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Duty, Employees, Governance, Internal controls, Oversight, Supervision, To report