So, you have a baby coming. You establish a baby registry online, and list the items/gifts you want to receive. And then the host of the registry accepts payments from vendors of baby products to add certain items to “your” list.
Is nothing sacred?
“New Parents Complain Amazon Baby-Registry Ads Are Deceptive,” The Wall Street Journal, November 29, 2018 (online). Amazon accepts money from major companies to put “sponsored ads” on your list; there’s a small gray box saying “Sponsored.” Nothing descriptive like, “Similar to things the mother-to-be actually wants.”
I guess you have to check to make sure that you check “your” list at least twice, to make sure that Amazon hasn’t made it theirs. No bait, just switch.
Where’s the FTC on this? Would you buy from a company that paid to advertise on someone else’s gift registry, without asking? Are they a bit scummy? These aren’t small-time companies; advertisers buying the ads include Kimberly-Clark and Johnson & Johnson. To sell baby products!
Next thing, they’ll be posting billboards on your roof and on your car. Without so much as a by-your-leave.
Filed under Accuracy, Compliance, Controls, Corporation, Culture, Data quality, Duty, Duty of Care, Governance, Information, Internal controls, Oversight, Ownership, Third parties, Value
One profit model that seems to be working well is selling stuff that doesn’t belong to you. Cuts your cost-of-goods-sold dramatically.
“Facebook Considered Charging for Access to User Data,” The Wall Street Journal, November 29, 2018 (online). Facebook considered charging people to access user data.
Now, I guess that’s marginally different than letting third parties see the “Facebook” user data (i.e., the data of the users of Facebook) for free, in order to develop apps or whatever. But isn’t it still the users’ information? Oh, and it might be somewhat contrary to what the CEO said to Congress about Facebook’s policy of never selling user data.
Filed under Access, Collect, Compliance, Controls, Corporation, Culture, Duty, Duty of Care, Governance, Information, Internal controls, Management, Oversight, Ownership, Ownership, Third parties, To report, Use, Value
This blog tends to mention cases where senior executives get (or don’t get) punished for their alleged misdeeds. The spin is often that the seniors don’t get punished as hard as the worker bees.
But what happens when the CEO gets put in jail for his or her alleged misdeeds, which may have led to under-reporting in the company’s financials for the past five years?
“Carlos Ghosn’s Arrest Rocks Auto Empire,” The Wall Street Journal, November 21, 2018 (online). Nissan’s CEO jailed for allegedly under-reporting his earnings by several tens of millions of dollars.
How do you explain this to the worker bees? What’s the culture at the top? How did the Board not catch this? Were there not controls in place? Might the shareholders be a bit upset?
More a Governance and a Compliance issue, perhaps, although if one looks, one could find some information-related failures.
Filed under Board, Compliance, Compliance (General), Compliance Verification, Controls, Corporation, Culture, Culture, Data quality, Directors, Duty, Duty of Care, Governance, Internal controls, Oversight, Oversight
Who governs access to the White House? The Executive or the Judiciary?
“Judge Grants CNN’s Press-Pass Motion,” The Wall Street Journal, November 17, 2018 A3. Reporter’s due process rights “appear to have been violated” when his access to the White House itself is restricted.
Who controls access to your building? To your floor? To your office? To your desk? To your computer? To your company’s information?
How do they do it?
In the absence of a written rule, who governs what behavior is permitted in a press briefing within the White House? The White House? The “press corps”? The courts? The Secret Service?
“CNN Sues the White House, Seeks Return of Press Pass,” The Wall Street Journal, November 14, 2018 A3. Can the White House refuse to let in a member of the press into the White House for being rude?
Avoid for now the political implications of this, and what the First Amendment and the Fifth Amendment provide. Think instead about who can deny a single individual access to information, while providing access to 190 other people.
Who is entitled to access information in your company? What controls are in place to make sure that people who shouldn’t have access don’t get access? Who determines what those controls are? Who enforces them? Is part of this culture?
Filed under Access, Compliance (General), Controls, Culture, Duty, Governance, Government, Internal controls, Policy, Third parties, Uncategorized
What’s the most effective way to let management know there’s a sexual harassment problem in your workplace? Who owns the culture at your company?
“Google Workers Walk Out In Protest,” The Wall Street Journal, November 2, 2018 B1. Thousands walked out in protest.
Certainly, a different vector for applying pressure; perhaps better than coming from the investors. If there’s something wrong with your company’s culture, can you take action? Is this limited to sexual harassment? Is this evidence of harassment in any of the pending actions?
“Former Goldman Bankers Charged,” The Wall Street Journal, November 2, 2018 A1. “Two senior … bankers allegedly paid bribes and stole and laundered money … [in] one of the biggest financial frauds in history.”
What does it say when two of your 435 partners and one of your managing directors commits a fraud? Failures in systems/controls? Bad culture? Do you have a “cowboy atmosphere” in Asia? Poor training? Are these rogue employees? What’s the impact on your reputation? What was the tone at the top?
This is primarily a Governance point. How will the new CEO handle?
Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Oversight, Policy, Supervision, Who is in charge?
What does it say when you try too hard to “manage” the information that gets out? Do you have the necessary “control” of that information? When you try to “control” it, what does it say about you when the information gets out anyway?
This sounds like “the risk of selectively releasing information.”
“Turkey Slams Saudis Over Lack of Clarity About Slain Journalist’s Body,” The Wall Street Journal, November 1, 2018 A9. Changing stories on the death of Jamal Khashoggi.
Apparently, there are international norms on what you need to say and how you need to say it, even if it information concerns events within a consulate. Was disclosure legally required? Maybe not, at least legally. But when you do disclose, it’s a good idea to do so honestly. Especially if someone else gets the information.
Filed under Accuracy, Communications, Compliance, Controls, Culture, Duty, Governance, Government, Information, Internal controls, To report
“School Assault Policy Shifts,” The Wall Street Journal, November 1, 2018 A3. New regulations to require students accused of sexual assault to have the right to cross-examine the accuser.
This involves Governance, Compliance, and Information.
Governance: the government would require schools to investigate sexual assault claims in a certain way. The government has the power of the purse, due to the amount of federal funding.
Information: an accusation of assault is only a part of the story; only through cross-examination and other investigation can the decision maker decide whether the accusation and the (assumed) denial are sufficiently “believable” and “believed.”
Compliance: determining whether someone complied with the law or your policy requires some level of rigor. How much evidence of a violation is required?
At common law, an employee has a duty
- to comply with applicable laws in the performance of his/her work for the employer
- to comply with his/her employers reasonable instructions in the performance of that work, and
- to report material information to his superiors.
“Credit Union Staff Faults Safeguards Against Laundering,” The Wall Street Journal, October 31, 2018 B12. Employees raised concerns in 2017 about the anti-money laundering program at the credit union where they worked. The chief audit executive dismissed the allegations.
Were these employees rewarded for raising these concerns? No. Did the company make changes? The company says it did. Will other employees raise concerns in the future?
How seriously do you take concerns raised by your employees, who are closest to the facts? Is this a Compliance point or a Governance point? Or an Information point (in that Management received information and apparently didn’t use it)?
Filed under Compliance, Compliance (General), Controls, Culture, Duty, Employees, Governance, Information, Internal controls, Oversight, Third parties, To report, Use