How do you make sure that your policies are keeping pace with law and society?
“Google Changes Harassment Rule,” The Wall Street Journal, November 9, 2018 B4. Following an employee walkout over how the company handles/handled sexual harassment claims, Google will no longer require that such claims be subject to arbitration.
This ties to Governance (what rules do you have in place, and when do you update those), Compliance (how do you handle claims of policy violations), and Information (a claim is one type of information).
I’m a bit of a knowledge management wonk, having been involved in the then-nascent KM movement within the inhouse legal community in the early 2000s. But there can be too much sharing.
“Sinclair Settles With U.S. on Ad-Sales Data,” The Wall Street Journal, November 8, 2018 B2. A media group settles lawsuit over alleged sharing of information among television station owners, that may have led to higher advertising rates.
An interesting side note is that this all came to light when Sinclair proposed to buy another company and had to undergo a government investigation.
Are there restrictions on how much information can be shared between and among competitors? Yes. They are call “antitrust laws.” And is there a risk of making a deal that subjects you to government scrutiny? Yes. The may discover all manner of minor and major sins.
Filed under Access, Communications, Compliance, Compliance (General), Controls, Corporation, Discovery, Duty, Governance, Information, Internal controls, Knowledge Management, Oversight
Have you ever misused your company credit card? How about used a company asset for your personal business?
“Gulfport CEO Exits Following Review,” The Wall Street Journal, November 2, 2018 B2. CEO resigns after investigation into his use of his company credit card (he had paid the charges back, eventually, without interest) and the company plane.
On departure, he gets $400,000 and 6 months of health care coverage. I don’t know whether that’s better than nothing.
The ground troops learn from their “betters.” Seeing the CEO get canned for policy violations firms up the perception of the seriousness with which the company treats violations of policy or procedure. More so than a ground troop getting canned.
Does your company publicize these stories?
“Former Goldman Bankers Charged,” The Wall Street Journal, November 2, 2018 A1. “Two senior … bankers allegedly paid bribes and stole and laundered money … [in] one of the biggest financial frauds in history.”
What does it say when two of your 435 partners and one of your managing directors commits a fraud? Failures in systems/controls? Bad culture? Do you have a “cowboy atmosphere” in Asia? Poor training? Are these rogue employees? What’s the impact on your reputation? What was the tone at the top?
This is primarily a Governance point. How will the new CEO handle?
Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Oversight, Policy, Supervision, Who is in charge?
“Market Cheats Get Caught More Often,” The Wall Street Journal, November 1, 2018 B10. Traders manipulating prices by spoofing real futures trades are getting caught and prosecuted for criminal violations. Exchanges cooperating with enforcement authorities.
If accurate information is worth X, what is inaccurate information worth? It depends, whether you are buying or selling based on it.
So, this is both Information (information includes both accurate and inaccurate information) and Governance (manipulating market trades with false information is a crime that the CFTC and DOJ prosecute).
Filed under Accuracy, Compliance, Compliance (General), Controls, Corporation, Data quality, Definition, Duty, Duty of Care, Employees, Governance, Information, Oversight
“U.S. Charges Agents Of China Hacked Aviation Firms,” The Wall Street Journal, November 1, 2018 B4. Agents of the Chinese government indicted for trying to steal airline industry technology.
This is getting to be rather routine. One part of this is the value of Information, and the importance of information security. One part of this is Compliance, of course, as the US government is trying to protect the US information assets (although the company at issue probably had some responsibility for this as well, as well as their board of directors). And, of course, Governance, as the US government is prosecuting.
We all know the business case for cyber-security.
Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Interconnections, Internal controls, IT, Oversight, Protect assets, Security, Third parties
What does it say when you try too hard to “manage” the information that gets out? Do you have the necessary “control” of that information? When you try to “control” it, what does it say about you when the information gets out anyway?
This sounds like “the risk of selectively releasing information.”
“Turkey Slams Saudis Over Lack of Clarity About Slain Journalist’s Body,” The Wall Street Journal, November 1, 2018 A9. Changing stories on the death of Jamal Khashoggi.
Apparently, there are international norms on what you need to say and how you need to say it, even if it information concerns events within a consulate. Was disclosure legally required? Maybe not, at least legally. But when you do disclose, it’s a good idea to do so honestly. Especially if someone else gets the information.
Filed under Accuracy, Communications, Compliance, Controls, Culture, Duty, Governance, Government, Information, Internal controls, To report