Category Archives: Managers

January 4, 2019 · 3:47 am

Catching up, again

I was otherwise engaged in December, what with the holidays and travel and our first grandchild, born in Hong Kong, and haven’t been posting.  Here’s the month in review, in chronological order, in multiple parts:

  1. How to monetize your information

    “Paywall for HuffPost? Verizon Hunt for Web Revenue Goes Beyond Ads,” The Wall Street Journal, December 3, 2018.  Do you let people see content (plus ads) for “free,” or do you charge for access?  Which one places the “correct” value on the information you are providing?  What if you did both?

  2. Who’s in charge?

    “Disney Raises the Bar Robert Iger Has to Clear to Win Bonus,” The Wall Street Journal, December 4, 2018.  Shareholders push back on bonus compensation plan, demonstrating an unusual level of control (i.e., Governance) over their investment.  See also, “Shell to Link Carbon Emissions Targets to Executive Pay,” The Wall Street Journal, December 4, 2018.

  3. How much is your view worth?

    “Who’s Reading That News Story? Startup Will Help Marketers Find Out,” The Wall Street Journal, December 4, 2018.  Linking the desire of publishers and advertisers to monitor what news stories you look at and for how long, a start-up fills the gap.  The answer to the question,”Whose data is that?” is taking on multiple dimensions.

  4. It takes a village to prevent someone from getting top-secret information

    China Maneuvers to Snag Top-Secret Boeing Satellite Technology,” The Wall Street Journal, December 5, 2018.  Boeing seemed unconcerned when a customer for one of its satellites told Boeing that the customer was being financed by Chinese interests, to whom sale of the top-secret technology involved was restricted.  But after an alleged payment default, Boeing cancels order. “Boeing Backs Out of Global IP Satellite Order Financed by China, The Wall Street Journal, December 7, 2018.  Did the press coverage have an impact?

  5. Law firms leak, too

    “U.S. Prosecutors Charge Four People in Panama Papers Probe,” The Wall Street Journal, December 5, 2018.  Action follow leak of law firm documents showing how wealthy people hid money from tax.

  6. Who owns (or controls) the Cloud?

    “China’s Alibaba Takes On Amazon in European Cloud,” The Wall Street Journal, December 5, 2018.  Chinese Cloud company challenges Amazon for control of the Cloud in Europe.  Which (the US or China) will better protect the privacy of the users?

  7. Does your information governance program cover the content of the training provided to your customers?

    “Boeing Omitted Safety-System Details, Minimized Training for Crashed Lion Air 737 Model,” The Wall Street Journal, December 6, 2018.  Questions arise after 189 people killed in a crash and the crews hadn’t been trained on the new flight-control system.

  8. Facebook tried to monetize “your” data?  Gadzooks!

    “Facebook’s Zuckerberg at Center of Emails Released by U.K. Parliament,” The Wall Street Journal, December 6, 2018.  Newly released emails show that Facebook apparently considered charging app developers for accessing “your” data held by Facebook, and suggest Facebook discounted the chance of developers sharing that data with others.

  9. Not “just-in-time” discipline

    “Wells Fargo Firing Dozens of Regional Managers in Retail-Bank Cleanup,” The Wall Street Journal, December 6, 2018.  More than two years after the account-cramming scandal, Wells Fargo starts to fire some regional managers for failure of oversight responsibilities.  Sort of like punishing your full-grown dog for an accident she had as a puppy.  And what about the executives who were overseeing those fired managers?

  10.  Biometrics is/are information, too

    “Microsoft Pushes Urgency of Regulating Facial-Recognition Technology,” The Wall Street Journal, December 7, 2018.  Lack of worldwide restrictions on surveillance without a warrant leads Microsoft to urge restrictions on the technology.  Is privacy when in public a basic human right?

  11. It’s not the crime, it’s the coverup?

    “U.S. Alleges Huawei CFO Hid Ties to Telecom With Iran Business,” The Wall Street Journal, December 8, 2018. Did the CFO lie to hide from banks connections Huawei had with company that did business with Iran?  What is the impact to the current state of trade relations with China?

4 Comments

Filed under Accuracy, Board, Compliance, Compliance, Compliance (General), Compliance Verification, Controls, Corporation, Definition, Directors, Duty, Governance, Information, Internal controls, Managers, Oversight, Oversight, Ownership, Privacy, Protect assets, Protect information assets, Technology, Third parties, To report, Value, Vendors, Who is in charge?

August 11, 2018 · 12:25 pm

Value

The value of information can be calculated in multiple ways, from multiple viewpoints.

“My Boss Makes What? (Employees Work Harder If They Know),” The Wall Street Journal, August 6, 2018 R1. Salary transparency makes people work harder.

Is what you make “private”?  Should it be?  Whose interests are served by keeping this information private?  Who owns it, you or your employer?  Do anyone have a duty to keep this private?  Why would your employer want this kept quiet?  To avoid Sally complaining that she works harder/better/faster/quieter than Sue, and should be paid more? Or to keep a competitor enticing Sally away?

Ask yourself why you want to keep your salary private.  Sure, you don’t want marketing agencies targeting you because you’re wealthy, but they probably can approximate your salary anyway.

Leave a comment

Filed under Access, Accuracy, Communications, Controls, Corporation, Culture, Duty, Employees, Governance, Information, Internal controls, Managers, Ownership, Privacy, Third parties, Value

June 15, 2018 · 11:27 am

Poster boy for Information Governance

Years ago, while teaching a course to MBA students at Rice University, I used the Target credit card breach as a case study.  It touched a lot of bases.  Now we have a better one.

While there have been a lot of information governance-related stories in the news over the past two years, including Equifax and Facebook and VW and Wells Fargo, my nominee for the one name associated with the most significant teaching example in information governance and compliance is the former FBI Director, James Comey.

First, he gave us The Day That Information Governance Died, with his July 5, 2016 pronouncement that, notwithstanding her clear violations of several applicable legal laws dealing with the handling of confidential or secret information (and the destruction of information subject to a subpoena), Secretary Hillary Clinton’s use (and wiping) of a private server to store government email was not going to be prosecuted.  Such a pronouncement deviated “‘from well-established Department policies'” that the FBI does not comment about  ongoing criminal investigations.

Then he wrote a memo ostensibly commemorating a meeting he had with his boss on government business on a government computer (while in a government vehicle) during the work day, and declared that that was his personal correspondence that he could (and did) distribute as he pleased.

And now we learn that he conducted government business over his own private gmail account {that information does not appear in the WSJ article – Ed.}, and actively avoid his boss’ oversight (and his bosses failed to adequately supervise him).  “Report Blasts FBI Agents, Comey Over Clinton Probe,” The Wall Street Journal, June 15, 2018 A1. Inspector General releases his report on the Clinton Investigation.

Recap:

  • Violations of law are not enforced
  • Evidence is destroyed notwithstanding a subpoena
  • Senior employees ignore long-standing policy
  • Senior employees treat documents prepared by them in the course of business as their personal information
  • Senior employees use private email accounts to transact government business
  • Employees hide things from their bosses
  • Bosses failed to adequately supervise their reports

And this is at the FBI, by a lawyer.

Does anyone wonder why we have a hard time getting traction on information governance initiatives?  Certainly an argument for an Information Governance case study of just the Clinton email investigation and its aftermath.  Not sure you could cover it all in one semester, at both law schools and business schools.

 

Leave a comment

Filed under Communications, Compliance, Compliance (General), Controls, Culture, Discovery, Duty, Duty of Care, Employees, Governance, Government, Information, Internal controls, Lawyers, Managers, Oversight, Ownership, Ownership, Policy, Requirements, Supervision, Who is in charge?

May 18, 2018 · 12:30 pm

Shoes of the centipede

“Wells Fargo Faces More Woe Over Client Data,” The Wall Street Journal, May 18, 2018 B1.  Another shoe drops at Wells Fargo (when will it ever end?) after disclosure that employees in the wholesale business (non-consumer) banking side changed and added customer information without approval.  Reason: to meet a compliance deadline.

Is there another organization with so many compliance failures?  It started with consumer banking and credit cards and now seems to have permeated the entire enterprise.  Is it risky to call this an enterprise?  What influenced their behavior?  Why are the directors not in the dock?  Weren’t they in charge of establishing and ensuring the culture of compliance?  This is a bank, for God’s sake.

Is it easier to find someone who was or wasn’t involved in some type of bad behavior at Wells Fargo?

Leave a comment

Filed under Accuracy, Board, Compliance (General), Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Managers, Oversight, Oversight, Supervision

March 8, 2018 · 8:45 pm

Are you responsible for your brother? Your cousin?

It’s bad enough trying to control your own employees, and those of your agents (and vendors).  But how do you control the employees, agents, and vendors of your various affiliates and ventures?  Do you all have the same Code of Conduct?  The same policies on a whole host of sensitive matters?

“KPMG Scandals Stay Local,” The Wall Street Journal, March 8, 2018 B10.  KPMG deals with alleged non-compliance at three international affiliates involved in auditing.

Does a client know the difference?  Do you ask prospective consultants about the compliance history of the larger firm?  Do you exercise enough control to also get liability?

Leave a comment

Filed under Board, Compliance, Compliance, Compliance Verification, Controls, Duty, Governance, Internal controls, Managers, Oversight, Third parties

February 22, 2018 · 11:23 am

Masks

“‘Success Theater’ Masked Rot at GE,” The Wall Street Journal, February 22, 2018 A1. GE’s CEO may have been too optimistic.  “This culture of confidence trickled down the ranks ….”

If the top boss has rose colored glasses, that view apparently permeates the organization. If he or she reacts badly to bad news, do people stop bring bad news?

One principle of compliance is that the tone at the top matters.  Does the CEO’s tone build filters that prevents him/her getting the facts?  Are the resulting wounds self-inflicted?  Where was the Board?

Leave a comment

Filed under Access, Accuracy, Board, Communications, Controls, Culture, Data quality, Duty, Employees, Governance, Internal controls, Managers, Oversight, Oversight

November 28, 2017 · 5:19 pm

The hits just keep on coming

“Faked Data at Issue Again in Japan,” The Wall Street Journal, November 25, 2017 B1.  Mitsubishi Materials continued to ship car, plane, and power-plant parts to 200 customers (including in the US) while factory workers were fudging quality data on rubber gaskets and copper products.  As is common, they sat on the news for a while.

This follows similar stories about Kobe Steel and Nissan Motors.  So much for the much-vaunted quality initiatives in Japan.  These types of problems “have deep roots in Japan Inc.’s governance problems,” which rely on decentralized and largely independent operations.

If there’s a problem somewhere else in your industry, you probably have it, too;  you just haven’t found it yet.

Leave a comment

Filed under Accuracy, Board, Compliance, Controls, Corporation, Culture, Data quality, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Managers, Oversight, Protect assets, Supervision, To report, Vendors

October 17, 2017 · 3:45 pm

A top goal?

“CEOs Make Protecting Data a Top Goal,” The Wall Street Journal, October 13, 2017 B4.  Unfortunately, the focus is on cyber-security rather than the broader information risk profile.  While this affect CEOs’ email habits, as they are phishing targets?

While this is a start, do CEOs really understand how much their company’s proprietary information is worth?  Or their duty to protect the company’s assets (people, physical equipment, cash, and information)?  Why not?

And where are the boards?  Don’t they have an overarching duty to oversee the major risks the company is facing and to make sure there’s an effective program in place to address?

I hear the violin.  Is Rome burning?

Leave a comment

Filed under Access, Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, IT, Managers, Oversight, Oversight, Ownership, Policy, Protect assets, Protect information assets, Security, Value

October 17, 2017 · 3:15 pm

A failure of controls

What does it say about a company’s culture that allows a sexual predator to continue to run the company for years?  What other non-compliance with ethics and law will we find?  Not only there, but at every other company in the industry?  Nobody reported this?  Where were the policies and the audits?  Where were the lawyers?  Where was the press?

“Weinstein Co. Board Fires Harvey Weinstein, Citing Sexual Misconduct Allegations.”  The Wall Street Journal on-line, October 8, 2017.

Leave a comment

Filed under Board, Compliance, Controls, Corporation, Culture, Culture, Directors, Duty, Employees, Governance, Internal controls, Managers, Oversight, To report

October 17, 2017 · 3:07 pm

Disclosure

“A Hot Startup Misled Advertisers,” The Wall Street Journal, October 13, 2017 A1.  Outcome Health apparently misled advertisers as to how many units their ads were appearing on.  The investigation continues.

How would your employees react if ask to provide inflated numbers to potential customers?  How would your investors react after a story appears on page one, above the fold?  Probably reflects in the valuation of the company.  And what about your company’s extensive political contacts?

Leave a comment

Filed under Accuracy, Board, Communicate, Compliance, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Culture, Data quality, Directors, Duty, Duty of Care, Employees, Governance, Inform market, Inform shareholders, Information, Internal controls, Investor relations, Managers, Oversight, Oversight, Policy, Protect assets, Protect information assets, Use, Value