January 4, 2019 · 9:20 am
Hopefully, building on the last three posts9https://infogovnuggets.com/2019/01/04/catching-up-again/ , https://infogovnuggets.com/2019/01/04/catching-up-again-part-2/, and https://infogovnuggets.com/2019/01/04/catching-up-part-3/, this will close out 2018.
- Fake news
“Journalist at Center of False-Reporting Scandal Faces New Allegations Over Donation Requests,” The Wall Street Journal, December 24, 2018. The first paragraph says it all: “German magazine Der Spiegel said it would file a criminal complaint against a former star writer who admitted falsifying reports, after discovering that he also appeared to have set up a fake charity operation for Syrian children.” One can only assume the paper had a policy about not making up stories, or not fleecing the readership.
- Morally but not legally guilty.
“JD.com Founder Faces Backlash at Home: ‘Behind the Law is Morality,’” The Wall Street Journal, December 24, 2018. Even though released and after the closure of a three-month investigation into a rape allegation, the founder of a large ecommerce business in China is still getting hammered in the Chinese press (and, one might imagine, at home). Is that Governance, or Compliance? How does Compliance deal with an accusation that is not sustained?
- Libor was information, too
“UBS to Pay $68 Million to Settle State Libor-Manipulation Claims,” The Wall Street Journal, December 24, 2018. Goes back to the 2008 charges of mucking about the the benchmark London Interbank Offered Rate, used a lot in loans and such. Two aspects here, first dealing with the use of a number derived from supposedly unbiased people to govern “your” deal, and, second, the cost of non-compliance, even if long-delayed.
- Which was it?
“Maintenance Lapse Identified as Initial Problem Leading to Lion Air Crash,” The Wall Street Journal, December 26, 2018. Maybe it was not improper or inadequate training; maybe it was improper maintenance. Investigation into crash of Lion Air continues. Highlights the difficulty of establishing the facts after the fact. So much information.
- Why do you track the numbers if you don’t use them?
“Psychiatric Hospitals With Safety Violations Still Get Accreditation,” The Wall Street Journal, December 27, 2018. What exactly does “accreditation” mean, if you can have a bunch of serious violations? The failure rate is about 1%, and nearly all the inspections are by one company. This is primarily an Information point, on the failure to make use of the available information, or the failure to make it available. And does the government exercise appropriate oversight/governance given the amount of federal funds involved?
- Resume errors
“Acting Attorney General Matthew Whitaker Incorrectly Claims Academic All-American Honors,” The Wall Street Journal, December 27, 2018. The Acting AG apparently made this error consistently on his resume for years; he wasn’t an Academic All American; instead he was a District VII All District selection. If he were genuinely confused about what he was awarded, this makes some sense. But one would have thought that somewhere along the way this would have been discovered. Is that Information or Governance? If it were an employee at your company, what would be the sanction?
- Information vacuum
“Commerce Department Won’t Publish Data During Shutdown,” The Wall Street Journal, December 27, 2018. One wonders what the consequences will be of the absence of this data. The article says, “Investors often depend on these reports to make trades, which affect stock values, bond yields and the value of the dollar. Businesses use them to make investment planning decisions. Federal Reserve officials depend on them to make interest-rate decisions that ripple through the economy.” If you rely on a third party for key information, what do you do when you can’t get it? What’s Plan B?
- Who owns the artwork?
“‘Absolute Control’: Cuba Steps Up Artistic Censorship,” The Wall Street Journal, December 27, 2018. Cuba severely restricts an artist’s ability to make money from his or her art. Sure, this is Governance, but is art also Information?
- How does your doctor make referrals? I want to know.
“The Hidden System That Explains How Your Doctor Makes Referrals,” The Wall Street Journal, December 28, 2018. Apparently, there are processes in place that might influence your doctor’s judgment. Would you want to know that? Is there an ethical issue (Governance/Compliance) that surround this information and how it is used? Is this conflict disclosed to you? Adequately? Do the insurers (who have money in the game) push back on this enough?
- Statements on Twitter aren’t facts?
“Elon Musk Says Pedophile Accusation Against British Man Was Protected Speech,” The Wall Street Journal, December 28, 2018. Calling a cave diver rescuing boys in Thailand a pedophile is at the heart of the suit against Elon Musk. Does Twitter have no rules with which one must comply, and no one to enforce those (non-)rules? Or do we have systems of Compliance and Governance that punish libelous statements, broadly published, regardless of the media/medium?
“Wells Fargo to Pay States About $575 Million to Settle Customer Harm Claims,” The Wall Street Journal, December 29, 2018. More fallout from the account cramming and related scandals. Total payments so far: ~$4 billion. Cost of compliance, or cost of poor governance.
Filed under Access, Accuracy, Analytics, Collect, Compliance, Compliance (General), Controls, Corporation, Data quality, Definition, Directors, Duty, Employees, Governance, Information, Internal controls, Lawyers, Management, Ownership, Use, Value
January 4, 2019 · 7:19 am
Continuing from https://infogovnuggets.com/2019/01/04/catching-up-again/ and https://infogovnuggets.com/2019/01/04/catching-up-again-part-2/, and https://infogovnuggets.com/2019/01/04/catching-up-part-3/
- Conflicts with conflicts
“Justice Department Chides McKinsey in Another Bankruptcy Case,” The Wall Street Journal, December 17, 2018. McKinsey continues to fail to make what are viewed as adequate disclosures of conflicts when advising bankruptcy estates, and may not get paid for its work as a result.
- Voter data
“Fight Over Voter Data Roils Democrats Ahead of Election,” The Wall Street Journal, December 17, 2018. Have Republicans been better than the Democrats at collecting and storing information? What’s this worth?
- Your business partner wants you to call a shareholders’ meeting
“Renault Urges Nissan to Call for Shareholder Meeting Following Nissan Indictment,” The Wall Street Journal, December 17, 2018. Is this interfering with “your” governance? Is this a compliance matter, or a partnership matter, where your partner is concerned that you are keeping your CEO as CEO while he sits in jail?
- Is a dance move “information”?
“The ‘Fortnite’ Dance Move That Spawned a Lawsuit,” The Wall Street Journal, December 17, 2018. While longer dance routine can be protected by copyright law (which was a bit surprising to me), not so (so far) for “snippets.”
- Hiding risk information may be a problem
“Glencore-Controlled Miner to Be Fined by Canadian Authorities Over Congo Ops,” The Wall Street Journal, December 17, 2018. Fine of $22 million for company and some of its former directors and executives for hiding the risks of doing business with someone connected to Congolese president. Is a risk analysis information? Can you hide that from the shareholders?
- Warning signs
“Goldman Sachs Ignored 1MDB Warning Signs in Pursuit of Asian Business,.” The Wall Street Journal, December 18, 2018. Can chasing business too hard lead one to ignore important information and sidestep important controls? What controls can you put in place to avoid having this happen to you? Is this an oversight issue? Do criminal charges and huge fines lay ahead?
- VW vendor pleads
“Volkswagen Supplier to Plead Guilty to Conspiracy, Pay $35 Million Fine in Emissions-Cheating Probe,” The Wall Street Journal, December 19, 2018. Company that designed the software used to fool or, as some say, cheat, the emission test pleads guilty to crime and pays a fine to US. VW has paid more than $20 billion. Is this just compliance-related, or is there also an information hook here? Design a software to work around a government test.
- Looking for a whistleblower
“Barclays Fined $15 Million by New York Over CEO’s Anti-Whistleblower Push,” The Wall Street Journal, December 19, 2018. The CEO had tried to use the company’s security department to locate the writer of a letter critical of a recent hire. He pressecd on, despite advice from the head lawyer and the chief compliance officer (costing him £642,000 in fines and £500,000 of his bonus). So the shareholders pay more than the CEO did. Go figure.
- Hiding the names of the guilty
“Illinois Dioceses Withheld Names of Accused Priests, Report Says,” The Wall Street Journal, December 20, 2018. Can you legally not disclose the name of an employee or a contractor who was accused of sexual abuse? Is this a governance issue or a compliance issue or an information issue? Or a reputation problem?
Ethics and policies
“Is It Really Five Stars? How to Spot Fake Amazon Reviews,” The Wall Street Journal, December 21, 2018. How Amazon goes about trying to separate the wheat from the chaff. How does your company determine what’s a fake review and what’s the real deal?
- Information/price linkage
“Room for Improvement? New Hotelier Tests an Algorithmic Pricing System,” The Wall Street Journal, December 22, 2018. Using information about a customer and from a customer to establish the price for future sales to that customer. Interesting linkages at a new hotel chain.
Filed under Collect, Communications, Compliance, Compliance (General), Controls, Corporation, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Investor relations, Management, Oversight, Ownership, Privacy, Records Management, Risk assessment, Supervision, Third parties, To report, Use, Value, Vendors
January 4, 2019 · 5:22 am
Continuing from https://infogovnuggets.com/2019/01/04/catching-up-again/
- Pot calling the kettle black
“Comey Tells House Panel He Suspected Giuliani Was Leaking FBI Information to Media,” The Wall Street Journal, December 10, 2018. Former FBI Director Comey, who admitted to leaking information to a reporter through a law school professor, complains that someone else did it, too.
- Yes, we have no privacy
“Thieves Can Now Nab Your Data in a Few Minutes for a Few Bucks,” The Wall Street Journal, December 10, 2018. Following the series of major hacks of privacy data (e.g., Marriott, LinkedIn, Equifax, and Yahoo), “Every American person should assume all of their data is out there,” said one FBI agent. Comforting.
- Duty to report
“New Report Shows Olympics Executives Concealed Knowledge of Nassar Allegations,” The Wall Street Journal, December 11, 2018. Executives knew information about sexual abuse allegations, and failed to report. To whom did they breach a duty?
- Interesting intersection of the right to petition the government and your right to privacy
“U.S. Investigating Fake Comments on ‘Net Neutrality,’” The Wall Street Journal, December 11, 2018. “Earlier this year, the FCC said it would upgrade its website to try to prevent fakery. … Several federal agencies warn that it is a felony to send falsified comments to the federal government when posting on websites soliciting opinions on federal rulemaking.” What if the comments were anonymous?
- Lying or overspending on your expense account can get you canned
“Under Armour Ousts Two Executives After Review of Expenses,” The Wall Street Journal, December 11, 2018. Complying with company policy and procedures is sort of kind of like a job requirement. Even if you signed Jordan Spieth. But how were they to know how much was too much?
- Weakest link?
“Amazon, Amid Crackdown on Seller Scams, Fires Employees Over Data Leak,” The Wall Street Journal, December 11, 2018. Employees bribed for access to inside information. What’s your information worth to you? To the briber? To the (former) employee? Do you have a policy against taking bribes?
- Collateral impact
“Nissan-Renault Scandal Shows It’s Hard to Keep Car Alliances On Track,” The Wall Street Journal, December 12, 2018. A scandal at your business partner can affect your company’s relationships. Is that Governance?
- How do you deal with rumors? Are they “information,” too?
“Super Micro Finds No Malicious Hardware in Motherboards,” The Wall Street Journal, December 12, 2018. This contradicts a prior report from Bloomberg. How do you govern other sources of information? Is using a trusted third party to investigate just standard crisis management planning?
- Should Compliance be more congenial?
“Banks Get Kinder, Gentler Treatment Under Trump,” The Wall Street Journal, December 13, 2018. Regulators are urged to be more collegial with the banks they regulate. Is that better “Governance,” in the short term or in the long term?
- What does it say?
“Renault Sticks With Carlos Ghosn as Internal Probe Finds No Illegality,” The Wall Street Journal, December 13, 2018. What does it say to the rank-and-file when the Chairman gets arrested? And when he’s thereafter kept in place? The Board may have some explaining to do.
- What can your employer do with your information?
“U.S. Companies Asked to Disclose More About Their Workers,” The Wall Street Journal, December 14, 2018. Pension funds ask employers to disclose more information than the SEC currently requires. Whose decision is that? When and how can you object?
- Watch your contractors
“Chinese Hackers Breach U.S. Navy Contractors,” The Wall Street Journal, December 15, 2018. What’s this information worth, both to the US and to China? How much do you look at the security at your vendors who process or create information for you? Are they a weaker link than your employees? (See item 6, above.)
- Information and Governance and Compliance
“PG&E Falsified Gas Safety Records, California Claims,” The Wall Street Journal, December 15, 2018. From the explosion in San Bruno in 2010 (after which PG&E couldn’t find a bunch of inspection records relating to hundreds of miles of its pipelines) to more recent claims about fudging the records on pipeline locations, PG&E has had this problem for awhile. For now, these are just allegations. But what impact on every claim made against the company, and every claim made by it? If they falsify safety records, do they falsify bills, too? “The [state regulator] last month expanded a continuing probe of PG&E’s safety practices and said it would explore the way the company is structured and managed.” There seems to be a link between record-keeping and management and compliance and culture.
- Facebook, again
“Facebook Bug Potentially Exposed Unshared Photos of Up 6.8 Million Users,” The Wall Street Journal, December 15, 2018. One almost gets the idea that protecting your privacy is not a high priority for them.
Filed under Board, Collect, Communicate, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Data quality, Directors, Duty, Employees, Governance, Information, Internal controls, Investor relations, IT, Management, Oversight, Oversight, Ownership, Privacy, Protect, Protect assets, Records Management, Security, Supervision, Technology, Third parties, To report, Use, Value, Vendors
December 3, 2018 · 6:35 am
You may not be old enough or nerdy enough to remember the Romulan cloaking device from the original Star Trek. But I do/am.
“Fake Signals and Illegal Flags: How North Korea Uses Clandestine Shipping to Fund Regime,” The Wall Street Journal, November 29, 2018 (online). How do shipments still arrive in and leave from North Korea, notwithstanding the various sanctions on the regime there? Apparently, it’s blue smoke and mirrors.
I raise this here for two reasons. First, in the North Korean story this is a bunch of information being generated that is deliberately false, and the compliance types struggle to deal with it in order to enforce the applicable rules. The enforcers use satellites and data analytics; the shippers use deception and semi-legal and illegal stratagems.
Second, what extremes might your employees go to to avoid being detected when they are doing something they know is wrong, and how well prepared are you to deal with it? Do you have the proper controls and investigative procedures? What should you look at to confirm that what you’re being told is true?
Filed under Collect, Compliance, Compliance, Compliance (General), Controls, Corporation, Data quality, Directors, Duty, Employees, Governance, Information, Internal controls, Management, Oversight, Policy, Supervision, Third parties, To report, Use
November 19, 2018 · 9:50 am
“Rebuke at Wells Shows Clash,” The Wall Street Journal, November 15, 2018 B1. Chief administrative officer (and former head of HR) at Wells placed on leave after the Office of the Comptroller of the Currency criticizes the oversight that she and the bank’s chief auditor provided.
If your company interacts with government regulators (and whose doesn’t?), is the government effectively a part of your governance structure? Or is government a separate component of Governance, whether that is Compliance Governance or Information Governance? Or just “Governance”?
And what does it say about communications when the government holds up a senior official for poor oversight? What about the board? Highly visible to the worker bees.
Filed under Board, Communications, Compliance, Compliance, Compliance (General), Controls, Corporation, Duty, Employees, Governance, Government, Internal controls, Management, Oversight, Oversight, Third parties, To report
November 13, 2018 · 11:00 am
A Tesla employee is indicted for creating fake documents to cover up a fake-payment scheme. “Former Tesla Employee Is Indicted,” The Wall Street Journal, November 12, 2018 B5.
Companies have a lot of controls to prevent fraud by employees, and often these controls work. Why are there more such controls to prevent financial fraud than to prevent violations of other company procedures, such as those related to document creation, retention, and storage?
One wonders whether, in the aggregate, companies lose more money through poor document management and control than they lose through financial fraud. How would one conduct such a study?
Filed under Accuracy, Compliance, Compliance (General), Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Protect assets, Records Management, Security, Third parties, Value, Vendors
November 7, 2018 · 2:10 pm
Have you ever misused your company credit card? How about used a company asset for your personal business?
“Gulfport CEO Exits Following Review,” The Wall Street Journal, November 2, 2018 B2. CEO resigns after investigation into his use of his company credit card (he had paid the charges back, eventually, without interest) and the company plane.
On departure, he gets $400,000 and 6 months of health care coverage. I don’t know whether that’s better than nothing.
The ground troops learn from their “betters.” Seeing the CEO get canned for policy violations firms up the perception of the seriousness with which the company treats violations of policy or procedure. More so than a ground troop getting canned.
Does your company publicize these stories?
November 7, 2018 · 1:43 pm
“Former Goldman Bankers Charged,” The Wall Street Journal, November 2, 2018 A1. “Two senior … bankers allegedly paid bribes and stole and laundered money … [in] one of the biggest financial frauds in history.”
What does it say when two of your 435 partners and one of your managing directors commits a fraud? Failures in systems/controls? Bad culture? Do you have a “cowboy atmosphere” in Asia? Poor training? Are these rogue employees? What’s the impact on your reputation? What was the tone at the top?
This is primarily a Governance point. How will the new CEO handle?
Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Oversight, Policy, Supervision, Who is in charge?
November 7, 2018 · 1:30 pm
“Market Cheats Get Caught More Often,” The Wall Street Journal, November 1, 2018 B10. Traders manipulating prices by spoofing real futures trades are getting caught and prosecuted for criminal violations. Exchanges cooperating with enforcement authorities.
If accurate information is worth X, what is inaccurate information worth? It depends, whether you are buying or selling based on it.
So, this is both Information (information includes both accurate and inaccurate information) and Governance (manipulating market trades with false information is a crime that the CFTC and DOJ prosecute).
Filed under Accuracy, Compliance, Compliance (General), Controls, Corporation, Data quality, Definition, Duty, Duty of Care, Employees, Governance, Information, Oversight
November 7, 2018 · 12:25 pm
At common law, an employee has a duty
- to comply with applicable laws in the performance of his/her work for the employer
- to comply with his/her employers reasonable instructions in the performance of that work, and
- to report material information to his superiors.
“Credit Union Staff Faults Safeguards Against Laundering,” The Wall Street Journal, October 31, 2018 B12. Employees raised concerns in 2017 about the anti-money laundering program at the credit union where they worked. The chief audit executive dismissed the allegations.
Were these employees rewarded for raising these concerns? No. Did the company make changes? The company says it did. Will other employees raise concerns in the future?
How seriously do you take concerns raised by your employees, who are closest to the facts? Is this a Compliance point or a Governance point? Or an Information point (in that Management received information and apparently didn’t use it)?
Filed under Compliance, Compliance (General), Controls, Culture, Duty, Employees, Governance, Information, Internal controls, Oversight, Third parties, To report, Use