Category Archives: Duty of Care

Wells Fargo, again

“Wells Fargo Gets New Warning,” The Wall Street Journal, November 30, 2017 B1.  Feds may take enforcement action over the company’s auto-insurance and mortgage operations.

Will the shoes ever stop dropping at Wells Fargo?  Once you are shown to be non-compliant, do you get stuck under the regulatory microscope?

How’s that suit against the directors going?

Advertisements

Leave a comment

Filed under Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Oversight, Oversight

Breach at PayPal

“PayPal Discloses Breach At Its TIO Unit,” The Wall Street Journal, December 2, 2017 B11.  Upwards of 1.6 million users affected at newly acquired company that has kiosks in retail stores.

When you acquire a company, make sure their cybersecurity is up to snuff.  From Day One.

Leave a comment

Filed under Board, Compliance, Compliance Verification, Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, IT, Oversight, Oversight, Protect assets, Protect information assets, Security, Supervision

Reparations

What do you do when your website goes down for two hours, preventing customers from accessing their accounts?

“Fidelity Seeks to Make Amends for Website Glitch,” The Wall Street Journal, December 2, 2017 B11.  Company offers commission waivers and to discuss pricing adjustments.

Does your business continuity plan have a chapter on how to serve your customers?

Leave a comment

Filed under Access, Business Continuity, Duty of Care, Governance, Operations, Oversight

Covert units

It’s a bad sign when you establish a covert unit.

“Uber Formed Covert Unit to Steal Trade Secrets, Ex-Employee Says,” The Wall Street Journal, November 29, 2017 A1. According to a former security employee, Uber “had a team dedicated to stealing [competitors’] trade secrets and helped employees dodge regulators’ scrutiny.”

This information was in a letter read to the jury in the Alphabet/Uber trade secret litigation.  Ouch.

What does it say about the company’s commitment to compliance with law (including the rights of others)?  Are RICO charges far behind?

If Uber loses the case, will shareholders sue the directors who allowed this to happen?

 

Leave a comment

Filed under Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Oversight, Supervision

Cyberattacks

“Three From China Indicted in Cyberattacks,” The Wall Street Journal, November 28, 2017 B4.  Allegedly hacked into the email account of an economist at Moody’s and gained access to gigabytes of confidential data of Siemens beginning in 2011.

Who has access to your data?  Is the email account of a third-party vendor a potential source of a major leak?  Even an economist?

Leave a comment

Filed under Access, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, IT, Oversight, Protect assets, Security, Third parties, Value

Was your ride late?

“Chicago Sues Uber For Lag in Reporting Data Hack,” The Wall Street Journal, November 28, 2017 B4.  Following the disclosure of the year-old breach of 57 million accounts, Uber is sued for consumer fraud and deceptive business practices, among other things.

There is the breach.  And then your response to the breach.  And then the regulators’ and the customers’ and the shareholders’ response to the breach.

Leave a comment

Filed under Communications, Compliance, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Investor relations, IT, Oversight, Protect assets, Security, Supervision, To report, Value

Wells Fargo, continued, again

“Wells Fargo Bankers, Chasing Bonuses, Overcharged Clients,” The Wall Street Journal, November 28, 2017 A1.  Only 35 of 300 companies had been charged only what they had agreed to.  Four foreign-exchange bankers fired.

Who is surprised?  The culture at the company was potentially fatally defective.

Why hasn’t the Board been held liable?  The directors utterly failed in their fiduciary duties.

Leave a comment

Filed under Board, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Oversight, Oversight, Protect assets, To report