Category Archives: Duty of Care

Too much information?

“Boeing Withheld Data On Potential Hazards,” The Wall Street Journal, November 13, 2018 A1.  Did Boeing fail to disclose potential problems with its new flight-control feature?  Was that a factor in the Lion Air crash in Indonesia, killing 189 people?

Maybe this feature didn’t factor into the crash; we’ll have to wait for the cockpit voice recorder and the flight data recorder.  But if you know something and don’t tell other people who would like to know — well, that’s bad.  Even if you didn’t want to confuse them by providing them too much information.  Was it better “marketing” to tell their customers that they wouldn’t need as much training?

How do you decide how much information to provide your customers?  Are there problems you don’t mention?  Why?

Advertisements

Leave a comment

Filed under Access, Accuracy, Communicate, Communications, Controls, Corporation, Data quality, Duty, Duty of Care, Governance, Information, Internal controls, Management, Risk assessment, Third parties

The government does it better

In the macro sense, one of the bits of information that we own, manage, and hopefully control is who we are. How does the government control and manage this?

“Banks Find Solutions for ID Fraud at DMV,” The Wall Street Journal, November 13, 2018 B10.  Banks may use DMV databases to verify your online identity, because how you have to establish your identity to get a driver’s license normally involves you appearing in person and providing supporting documents.

Key to the process at the DMV is the trained person who checks your supporting documents.  The banks want to leverage that person’s knowledge and experience, rather than relying on a bank manager to do it.

Where else in our lives do we rely on government employees rather than ourselves as a critical control?

Leave a comment

Filed under Access, Accuracy, Controls, Data quality, Definition, Duty of Care, Governance, Information, Internal controls, Knowledge Management, Operations, Oversight, Privacy, Protect assets, Third parties, Use

Indicted

A Tesla employee is indicted for creating fake documents to cover up a fake-payment scheme.  “Former Tesla Employee Is Indicted,” The Wall Street Journal, November 12, 2018 B5.

Companies have a lot of controls to prevent fraud by employees, and often these controls work.  Why are there more such controls to prevent financial fraud than to prevent violations of other company procedures, such as those related to document creation, retention, and storage?

One wonders whether, in the aggregate, companies lose more money through poor document management and control than they lose through financial fraud.  How would one conduct such a study?

Leave a comment

Filed under Accuracy, Compliance, Compliance (General), Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Protect assets, Records Management, Security, Third parties, Value, Vendors

Fraud at the top

“Former Goldman Bankers Charged,” The Wall Street Journal, November 2, 2018 A1. “Two senior … bankers allegedly paid bribes and stole and laundered money … [in] one of the biggest financial frauds in history.”

What does it say when two of your 435 partners and one of your managing directors commits a fraud?  Failures in systems/controls?  Bad culture?  Do you have a “cowboy atmosphere” in Asia?  Poor training?  Are these rogue employees?  What’s the impact on your reputation?  What was the tone at the top?

This is primarily a Governance point.  How will the new CEO handle?

Leave a comment

Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Oversight, Policy, Supervision, Who is in charge?

Cheaters

“Market Cheats Get Caught More Often,” The Wall Street Journal, November 1, 2018 B10.  Traders manipulating prices by spoofing real futures trades are getting caught and prosecuted for criminal violations.  Exchanges cooperating with enforcement authorities.

If accurate information is worth X, what is inaccurate information worth?  It depends, whether you are buying or selling based on it.

So, this is both Information (information includes both accurate and inaccurate information) and Governance (manipulating market trades with false information is a crime that the CFTC and DOJ prosecute).

Leave a comment

Filed under Accuracy, Compliance, Compliance (General), Controls, Corporation, Data quality, Definition, Duty, Duty of Care, Employees, Governance, Information, Oversight

Chinese hacking alleged

“U.S. Charges Agents Of China Hacked Aviation Firms,” The Wall Street Journal, November 1, 2018 B4. Agents of the Chinese government indicted for trying to steal airline industry technology.

This is getting to be rather routine.  One part of this is the value of Information, and the importance of information security.  One part of this is Compliance, of course, as the US government is trying to protect the US information assets (although the company at issue probably had some responsibility for this as well, as well as their board of directors).  And, of course, Governance, as the US government is prosecuting.

We all know the business case for cyber-security.

Leave a comment

Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Interconnections, Internal controls, IT, Oversight, Protect assets, Security, Third parties

What’s worse than a tweet?

“FBI Probes Tesla Over Production Figures,” The Wall Street Journal, October 27, 2018 A1.  FBI conducts a criminal investigation into whether Tesla knowingly overstated anticipated production figures and thereby misled investors.

What if Tesla knew at the time that it couldn’t and wouldn’t meet the production targets it was then continuously providing the market?  When does mere puffery become criminal?  What controls would you need to have to prevent this at your company?

Do you have them?  Are they enforced?

Leave a comment

Filed under Accuracy, Collect, Communicate, Communications, Compliance, Compliance, Compliance (General), Controls, Corporation, Culture, Data quality, Duty, Duty of Care, Governance, Internal controls, Investor relations, Management, Oversight, To report