Category Archives: Third parties

Silence as information?

I normally cite to The Wall Street Journal.  But occasionally I come across something elsewhere worthy of note.  One of my sources is the Business Law Prof Blog.  There was a post there today titled “Omissions Liability: Tempest in a Teapot or Gathering Storm?

At issue, can there be Rule 10b-5 liability (dealing with securities fraud) for not saying something, when you had knowledge and something akin to a duty to disclose.  There’s a Supreme Court case (Leidos, Inc. v. Indiana Public Retirement System) pending that may resolve the issue.

Is a corporation’s failure to say something in itself information, and if so, is that silence itself information that must be governed in order to be compliant?  How do you manage/govern silence?

 

Advertisements

Leave a comment

Filed under Board, Business Case, Collect, Communicate, Communications, Compliance, Compliance, Compliance, Controls, Corporation, Directors, Duty, Governance, Inform market, Inform shareholders, Investor relations, Management, Third parties, To report

Metrics

Industrial Espionage Cases Soar In U.S.,” The Wall Street Journal, September 20, 2019 A1. Theft of trade secrets at a medical technology start-up.  Chinese spies.  $180 billion a year.

The headline says it all.

Leave a comment

Filed under Access, Board, Controls, Corporation, Duty, Duty of Care, Governance, Information, Internal controls, IT, Protect assets, Protect information assets, Security, Third parties, Value

Burned by a phone

Apparently, NCAA rules prohibit coaches from using a burner phone to contact football recruits.  Or lying about it when you do.

“‘Burner Phone’ Accusation Marks New Chapter in Ole Miss Scandal,” The Wall Street Journal, September 20, 2017 A16. Coaches accused and investigated, and asked to sign certifications that they had never used pre-paid phones for recruiting or other work-related purpose.

Is this a question you normally ask your employees, or is this a form you have them sign?  Should you ask for a certification that exiting employees do not have any company information on a non-company asset or location?

Leave a comment

Filed under Access, Board, Compliance, Compliance Verification, Controls, Corporation, Discovery, Duty, Duty of Care, Employees, Governance, Internal controls, IT, Legal, Oversight, Oversight, Policy, Protect assets, Security, Third parties

Barclays culture, continued

“Compliance Officer To Leave Barclays,” The Wall Street Journal, September 16, 2017 B1. The compliance officer at Barclays responsible for the whistleblower program settled “an employment dispute” with Barclays right before a hearing in London.  The CEO had earlier tried to learn the identity of the employee who complained about his hiring of a buddy.  The UK regulatory authority is still investigating that matter.

But the CEO remains in place.  Go figure.  I guess the Board’s sense of ethics is flexible.

I wonder what the employment dispute was about?

Leave a comment

Filed under Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Governance, Internal controls, Oversight, Oversight, Policy, Privacy, Supervision, Third parties

Equifax ripple

Looking beyond your own credit profile for impacts from the Equifax hack?

“Exchanges Warn Of Hacking Risks,” The Wall Street Journal, September 16, 2017 B11.  NYSE execs, and others, warn that post-Equifax, a likely “juicy target” will be a database established to detect market manipulation.

Is your company a participant in a program that builds targets that would be especially attractive to hackers?  How well are you protecting it, and what will you do to reduce the impact of a hack?

Those who don’t learn from history …

Leave a comment

Filed under Access, Board, Controls, Corporation, Directors, Duty, Duty of Care, Governance, Information, Internal controls, IT, Oversight, Protect assets, Protect information assets, Security, Third parties, Value

Controls at the border

We all know that when we enter the US, the computers and phones we carry are subject to search without a warrant.  Don’t we?

“Lawsuit Targets Phone Seizures,” The Wall Street Journal, September 14, 2017 A5.  Customs screenings at border aren’t subject to same controls as when you are already here.  [NB:  Same rules apply when going into another country.  They can demand your password to make sure you don’t have porn on your phone.  Or whatever.]

Does this shock you?  Is this a control over your information or a limit on your autonomy?

Leave a comment

Filed under Access, Controls, Governance, Oversight, Privacy, Security, Third parties

Close that barn door!

“Banks Weigh Shift From Equifax,” The Wall Street Journal, September 13, 2017 B14.  Hack of 143 million accounts causes banks to turn to Equifax’s competitors.

Talk about closing the barn door after 143 million horses have bolted!  What are the banks doing to prevent the fraudulent use of the information obtained through the hack in their decisions to issue or deny credit?  Merely moving to a different credit bureau doesn’t begin to address the flaw in the banking system’s reliance on your Social Security Number and date of birth to uniquely identify you.

Not that I’m calling for a National ID card.  Maybe we should all have a microchip, like our pets.  Don’t we need a new solution, suitable for the digital age?

See related note at “Hack of All Hacks,” September 12, 2017.

Leave a comment

Filed under Access, Accuracy, Controls, Corporation, Duty, Duty of Care, Governance, Information, Internal controls, Operations, Oversight, Privacy, Protect assets, Third parties, Use, Value