Continuing from https://infogovnuggets.com/2019/01/04/catching-up-again/
- Pot calling the kettle black
“Comey Tells House Panel He Suspected Giuliani Was Leaking FBI Information to Media,” The Wall Street Journal, December 10, 2018. Former FBI Director Comey, who admitted to leaking information to a reporter through a law school professor, complains that someone else did it, too.
- Yes, we have no privacy
“Thieves Can Now Nab Your Data in a Few Minutes for a Few Bucks,” The Wall Street Journal, December 10, 2018. Following the series of major hacks of privacy data (e.g., Marriott, LinkedIn, Equifax, and Yahoo), “Every American person should assume all of their data is out there,” said one FBI agent. Comforting.
- Duty to report
“New Report Shows Olympics Executives Concealed Knowledge of Nassar Allegations,” The Wall Street Journal, December 11, 2018. Executives knew information about sexual abuse allegations, and failed to report. To whom did they breach a duty?
- Interesting intersection of the right to petition the government and your right to privacy
“U.S. Investigating Fake Comments on ‘Net Neutrality,’” The Wall Street Journal, December 11, 2018. “Earlier this year, the FCC said it would upgrade its website to try to prevent fakery. … Several federal agencies warn that it is a felony to send falsified comments to the federal government when posting on websites soliciting opinions on federal rulemaking.” What if the comments were anonymous?
- Lying or overspending on your expense account can get you canned
“Under Armour Ousts Two Executives After Review of Expenses,” The Wall Street Journal, December 11, 2018. Complying with company policy and procedures is sort of kind of like a job requirement. Even if you signed Jordan Spieth. But how were they to know how much was too much?
- Weakest link?
“Amazon, Amid Crackdown on Seller Scams, Fires Employees Over Data Leak,” The Wall Street Journal, December 11, 2018. Employees bribed for access to inside information. What’s your information worth to you? To the briber? To the (former) employee? Do you have a policy against taking bribes?
- Collateral impact
“Nissan-Renault Scandal Shows It’s Hard to Keep Car Alliances On Track,” The Wall Street Journal, December 12, 2018. A scandal at your business partner can affect your company’s relationships. Is that Governance?
- How do you deal with rumors? Are they “information,” too?
“Super Micro Finds No Malicious Hardware in Motherboards,” The Wall Street Journal, December 12, 2018. This contradicts a prior report from Bloomberg. How do you govern other sources of information? Is using a trusted third party to investigate just standard crisis management planning?
- Should Compliance be more congenial?
“Banks Get Kinder, Gentler Treatment Under Trump,” The Wall Street Journal, December 13, 2018. Regulators are urged to be more collegial with the banks they regulate. Is that better “Governance,” in the short term or in the long term?
- What does it say?
“Renault Sticks With Carlos Ghosn as Internal Probe Finds No Illegality,” The Wall Street Journal, December 13, 2018. What does it say to the rank-and-file when the Chairman gets arrested? And when he’s thereafter kept in place? The Board may have some explaining to do.
- What can your employer do with your information?
“U.S. Companies Asked to Disclose More About Their Workers,” The Wall Street Journal, December 14, 2018. Pension funds ask employers to disclose more information than the SEC currently requires. Whose decision is that? When and how can you object?
- Watch your contractors
“Chinese Hackers Breach U.S. Navy Contractors,” The Wall Street Journal, December 15, 2018. What’s this information worth, both to the US and to China? How much do you look at the security at your vendors who process or create information for you? Are they a weaker link than your employees? (See item 6, above.)
- Information and Governance and Compliance
“PG&E Falsified Gas Safety Records, California Claims,” The Wall Street Journal, December 15, 2018. From the explosion in San Bruno in 2010 (after which PG&E couldn’t find a bunch of inspection records relating to hundreds of miles of its pipelines) to more recent claims about fudging the records on pipeline locations, PG&E has had this problem for awhile. For now, these are just allegations. But what impact on every claim made against the company, and every claim made by it? If they falsify safety records, do they falsify bills, too? “The [state regulator] last month expanded a continuing probe of PG&E’s safety practices and said it would explore the way the company is structured and managed.” There seems to be a link between record-keeping and management and compliance and culture.
- Facebook, again
“Facebook Bug Potentially Exposed Unshared Photos of Up 6.8 Million Users,” The Wall Street Journal, December 15, 2018. One almost gets the idea that protecting your privacy is not a high priority for them.
Filed under Board, Collect, Communicate, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Data quality, Directors, Duty, Employees, Governance, Information, Internal controls, Investor relations, IT, Management, Oversight, Oversight, Ownership, Privacy, Protect, Protect assets, Records Management, Security, Supervision, Technology, Third parties, To report, Use, Value, Vendors
This blog tends to mention cases where senior executives get (or don’t get) punished for their alleged misdeeds. The spin is often that the seniors don’t get punished as hard as the worker bees.
But what happens when the CEO gets put in jail for his or her alleged misdeeds, which may have led to under-reporting in the company’s financials for the past five years?
“Carlos Ghosn’s Arrest Rocks Auto Empire,” The Wall Street Journal, November 21, 2018 (online). Nissan’s CEO jailed for allegedly under-reporting his earnings by several tens of millions of dollars.
How do you explain this to the worker bees? What’s the culture at the top? How did the Board not catch this? Were there not controls in place? Might the shareholders be a bit upset?
More a Governance and a Compliance issue, perhaps, although if one looks, one could find some information-related failures.
Filed under Board, Compliance, Compliance (General), Compliance Verification, Controls, Corporation, Culture, Culture, Data quality, Directors, Duty, Duty of Care, Governance, Internal controls, Oversight, Oversight
“CBS to Weigh CEO’s Fate,” The Wall Street Journal, July 30, 2018 A1. Discussion over whether CEO accused of sexual harassment should stand down while the investigation continues.
Curious that Urban Meyer has to stand aside while an investigation into whether he should have reported domestic abuse by an assistant coach 9 years earlier at a different school, but Leslie Moonves remains on board as the CEO of CBS. See https://infogovnuggets.com/2018/08/07/caesars-wife/
What does it say about a company’s culture when, in the current environment, the CEO can remain in his job during such an investigation? How convinced are the rank-and-file employees that the sexual harassment policy is real, or just a piece of paper? Are the directors serious about this policy? What about other policies?
Filed under Board, Compliance, Compliance, Compliance (General), Corporation, Culture, Culture, Directors, Duty, Employees, Governance, Oversight, Oversight, Policy
Eventually, you’re talking real money.
“Volkswagen Fined $1 Billion in Germany,” The Wall Street Journal, June 14, 2018 B4. Fine for “dereliction of management oversight” following the diesel emissions-testing scandal. Somewhat broader than a Caremark claim.
Will the directors have to pay anything out of their pockets? Or just their shareholders’ pockets?
Filed under Board, Compliance, Compliance, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Governance, Internal controls, Oversight, Oversight
Gosh, it happened again!
“Facebook Gave Out User Data Despite Pledge,” The Wall Street Journal, June 9, 2018 A1. Notwithstanding a commitment not to do so, Facebook continued to give some companies access to user information.
How many times can you lie before people call you a liar? Or take judicial notice? What is the culture at Facebook? Who’s responsible? Accountable?
Filed under Access, Board, Compliance, Compliance (General), Controls, Corporation, Culture, Culture, Duty, Duty of Care, Governance, Information, Internal controls, Oversight, Ownership, Privacy, Protect assets
“Starbucks Takes as Break For Its Antibias Training,” The Wall Street Journal, May 30, 2018 B2. Starbuck’s shuts down for several hours to train its employees on what “bias” means. Response to incident when two men were arrested for refusing to either buy something or leave the store. Cost: $10 million and counting.
While some may view this as a large publicity stunt, or post-crisis communication/image repair, others may see it as a strong statement of what Starbuck’s culture is or will be. Starbuck’s also changed its policy of not allowing non-customers to sit in its stores and use its restrooms.
What happens when you have one policy (no bias) that conflicts with another policy (restrooms for customers only)? How are employees supposed to know which policy to follow?
Does your company have policies that conflict with one another?
Filed under Board, Communications, Compliance, Compliance (General), Controls, Culture, Culture, Duty, Employees, Governance, Internal controls, Oversight, Policy
What happens to compliance when the CEO and her boyfriend collaborate to create a culture of secrecy and fear?
“Partners in Blood,” The Wall Street Journal, May 19, 2018 C1. Reports from the trenches at Theranos, which said it was able to run a range of tests from a few drops of blood; it couldn’t. SEC charges company with fraud, and investors lose millions.
While the implications of a relationship of the CEO goes to Governance, are there also links to Compliance and Information? What impact did the culture have on the company’s compliance? How do investors know about the nature of a CEO’s personal relationships leaking into the corporate environment?
Who should have seen this and reported it to someone? Why didn’t the directors smell a rat?
Filed under Board, Compliance, Culture, Culture, Directors, Duty, Employees, Governance, Oversight, Oversight, Risk, Supervision, To report
“Wells Fargo Faces More Woe Over Client Data,” The Wall Street Journal, May 18, 2018 B1. Another shoe drops at Wells Fargo (when will it ever end?) after disclosure that employees in the wholesale business (non-consumer) banking side changed and added customer information without approval. Reason: to meet a compliance deadline.
Is there another organization with so many compliance failures? It started with consumer banking and credit cards and now seems to have permeated the entire enterprise. Is it risky to call this an enterprise? What influenced their behavior? Why are the directors not in the dock? Weren’t they in charge of establishing and ensuring the culture of compliance? This is a bank, for God’s sake.
Is it easier to find someone who was or wasn’t involved in some type of bad behavior at Wells Fargo?
Filed under Accuracy, Board, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Managers, Oversight, Oversight, Supervision
And all on the same page.
- “U.S. Indicts VW’s Former CEO,” The Wall Street Journal, May 4, 2018 B1. Former CEO indicted in March for conspiracy and wire fraud following the emissions cheating scandal. Do CEOs go to jail?
- “Facebook Has Dual Standard On Privacy,” The Wall Street Journal, May 4, 2018 B1. If you’re in a special group in Facebook, you get an alert if someone accesses your profile; if you’re a muggle, or don’t work at Facebook, you don’t. Maybe this will change?
- “Theranos Hurt Big-Name Investors,” The Wall Street Journal, May 4, 2018 B1. Company said it had the technology to do a wide range of blood tests based on a few drops of blood. It didn’t, and a host of big-name investors lost a bundle. Is this a governance issue, an information issue, or a compliance issue? Don’t believe everything you hear; it’s costly. And don’t serve as a director without doing your own due diligence.
Filed under Access, Accuracy, Board, Compliance, Compliance, Compliance, Controls, Corporation, Culture, Data quality, Duty, Duty of Care, Employees, Governance, Internal controls, Oversight, Oversight, Policy, Protect information assets, Supervision
Wells Fargo, much in the news of late, make Page One, again.
“Wells Fargo Faces 401(k) Probe,” The Wall Street Journal, April 27, 2018 A1. Investigation as to whether the bank pressured people in cheaper corporate 401(k) plans to roll their investment over into more expensive programs run by the bank.
Certainly a bank accused of similar conduct with respect to accounts, credit cards, mortgage loans, and auto insurance wouldn’t do anything so dastardly. I mean, gosh, isn’t a bank a fiduciary? Did they have a policy forbidding this behavior? Are they just cheaters? What else have they done?
I suspect they now know what a pinata feels like.
Who’s responsible for the culture at the bank that allowed all this to happen? How much will this cost the shareholders?
Filed under Board, Compliance, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Employees, Governance, Internal controls, Oversight, Oversight, Policy