“Tips for Decoding Privacy-Policy Gibberish,” The Wall Street Journal, May 18, 2018 B4. In the run-up to implementation of the GDPR in Europe next week, companies are updating their privacy policies.
Does anyone read these, or understand them? Do your employees read and understand your policies? Who’s at risk if they don’t?
Filed under Communications, Compliance, Compliance (General), Controls, Corporation, Directors, Duty, Employees, Governance, Internal controls, Oversight, Policy
“Hundreds of Cryptocurrencies Show Hallmarks of Fraud,” The Wall Street Journal, May 18, 2018 A1. Plagiarism, promises of future returns, and fake executives found in offering materials for cryptocurrency companies.
What can investors expect if they invest in these companies?
The CEO arranged to hire one of his buddies for a senior job with the company. Someone ( employees? a shareholder?) sent a letter to a member of the Board complaining about the hiring. The CEO asked Security to find out who wrote the letter, despite being told by Compliance and the General Counsel not to. He persisted.
“Barclays CEO Hit With Penalties of $1.5 Million,” The Wall Street Journal, May 12, 2018 B1. UK regulators fined him nearly $870,000 for a ”serious error of judgment.'”
What does it say about a company when the CEO doesn’t listen to the company’s General Counsel or Compliance department? Is this a governance problem, a compliance problem, or an HR problem? Costs the shareholders about the same. And did either the General Counsel or Compliance advise the Board that the C? What happened to them?
Filed under Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Duty, Employees, Governance, Internal controls, Lawyers, Oversight, Supervision, To report
“Now Emoting in the Corner Office: The Oversharing CEO,” The Wall Street Journal, May 2, 2018 A1. Can CEOs disclose too much information about themselves in a quest for transparency?
- CFO pays the price
“MetLife Finance Chief Hele Leaves Post,” The Wall Street Journal, May 2, 2018 B12. After the company failed to try hard enough (very hard? at all?) to find pensioners to whom it owed money, and had weaknesses in its financial controls, the company reduces the incentive pay of the CFO. The CFO then leaves. Connect the dots.
- Too much sharing
“Goldman to Settle Foreign-Exchange Case,” The Wall Street Journal, May 2, 2018 B12. Goldman’s foreign exchange traders shared the market positions of Goldman’s clients with “rivals.” Goldman to pay fine of ~$110 million for failing to supervise properly.
Filed under Accuracy, Communications, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Supervision, Value
A departure from the one-story-one-post approach.
- “Israel Targets Iran Accord,” The Wall Street Journal, May 1, 2018 A1. Israel releases Iranian documents about a nuclear weapons program found in an abandoned warehouse. At least two themes: (a) What does information mean? Did Iran lie during negotiations? (b) Do you destroy documents/information that are/is no longer useful to you? What does it say when you don’t?
- “‘Fake News’ Law Snares an Offender,” The Wall Street Journal, May 1, 2018 A16. A visitor to Malaysia convicted and sentenced for publishing “fake news” about how quickly/slowly emergency services responded to a shooting. Interesting that the first conviction under the new law was of a foreigner.
- “Banks Draw Bead on Guns,” The Wall Street Journal, May 1, 2018 B1. Banks and credit card companies discuss tracking your purchases of guns. What will they do with that information? Is there other information they can deduce from your purchases that someone would like to track? Would your health insurer/doctor like to track your food and alcohol purchases? Whose information is that, anyway?
- “Guilty Verdict in Autonomy Case,” The Wall Street Journal, May 1, B2. Former CFO of Autonomy convicted of fraud in connection with the sale of Autonomy to HP for $11 billion in 2011. This was not some lower-level accountant accused of misstating aspects of a tax-motivated deal. Instead, the fraud overstated Autonomy’s revenue and generally misstating financial results. The former CEO has also been sued in the UK for damages.
- “Facebook Shares the Shared,” The Wall Street Journal, May 1, 2018 B5. Now you can download any of 25 categories of the information that Facebook keeps on you. Your search history. When you liked or didn’t like something. Which and how many advertisers have your contact information. How many categories does Facebook have? We don’t know.
Filed under Access, Accuracy, Analytics, Communications, Compliance, Compliance (General), Controls, Corporation, Data quality, Definition, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Oversight, Ownership, Ownership, Privacy, Protect assets, Protect information assets, Technology, To report, Value
“India’s Central Bank: Faux Coins? Fake News!,” The Wall Street Journal, April 27, 2018 A16. Central Bank tries to quash rumors on social media that certain coins (introduced to replace paper money) are counterfeit.
How can you respond to fake news? Normal controls don’t work, as it is “challenging” to shut down social media channels. But the government has an interest in protecting the reputation and value of its currency.
I guess I’d file this under (a) Governance (How can you control (i) rumors and/or (ii) social media?) and (b) Information (How do you deal with false information? What’s the (negative) value of false information?). Other suggestions?
Filed under Accuracy, Communications, Controls, Data quality, Duty, Governance, Government, Information, Protect assets, Third parties, To report, Value
“Successor To Yahoo Is Fined in Data Hack,” The Wall Street Journal, April 25, 2018 B4. $35 million fine for failure to properly investigate a cyber breach affecting hundreds of millions (billions?) of Yahoo accounts.
Yahoo no longer exists, with surviving pieces owned by Verizon and Alibaba Group Holding.
How to file this? Was there an obligation way back (in 2014) to notify people when the Russians had hacked their accounts? What happens to your company if there is a breach of your customers’ security? And you fail to mention it to anyone? A fine? Drawing and quartering?
Filed under Communications, Compliance, Controls, Corporation, Duty, Governance, Oversight, Privacy, Protect assets, Security, To report