More of the same old stuff.
“Advisers Blew Whistle on Wells Fargo Wealth Unit,” The Wall Street Journal, July 28 2018 B1. Sales incentives drive improper behavior at Wells Fargo. Again.
The good news is that four Wells Fargo financial advisers tipped off the DOJ and the SEC to what was happening. High-wealth investors were steered to investments that would result in higher fees paid to Wells Fargo.
So the culture wasn’t entirely corrupt. There’s hope.
“Hacker Allegedly Tried to Sell Drone Data,” The Wall Street Journal, July 12, 2018 A3. Hacker tries to sell maintenance documents for a drone, documents stolen from a Air Force officer’s computer.
How well does the government protect sensitive information? Apparently, the hack exploited the failure to properly configure a router.
What happened to the Air Force officer, who apparently failed to adequately protect classified information? The IT guy who configured the router?
Filed under Access, Compliance, Compliance (General), Controls, Duty, Duty of Care, Governance, Government, Information, Internal controls, IT, Policy, Protect assets, Security
“Ex-CEO at Oil Driller Settles SEC Inquiry On Undisclosed Loans,” The Wall Street Journal, July 17, 2018. CEO had taken more than $10 million in loans from vendors in return for awarding contracts.
He used the money to cover margin calls and to maintain an extravagant lifestyle. Also caught up in the scandal was a former portfolio manager who got a seat on the company’s board.
CEOs get hammered, too, for conflicts and poor ethics.
“Chips CEO Resigns Over Conduct,” The Wall Street Journal, July 18, 2018 B1. CEO of Texas Instruments fired/forced-to-resign after two months for violating company’s Code of Conduct. Probably no package, either. No details on the nature of the violation.
It’s nice when a company enforces its policies against the CEO. Sends a message to the worker bees.
“Paramount TV’s Head Fired Over Remarks,” The Wall Street Journal, July 20, 2018 B3. Amy Powell fired over remarks of a racial nature. Probably got a cinder block parachute, although the article doesn’t say.
Good news is that someone reported the remarks to HR, as the policy probably required.
I’d file under
(a) Governance (maintaining the culture you want, by applying standards to the top of the shop as well),
(b) Compliance (enforcing your firm’s ethics)(and the policy worked when an employee followed it and reported the remarks), and
(c) Information (what you say in the course of your job is also “information” that is subject to company control.
Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Duty, Employees, Governance, Information, Internal controls, Policy, To report
“Alphabet, Apple Prodded On Privacy,” The Wall Street Journal, July 10, 2018 A3. Congress asks how Google and Apple use “your” information, such as what you say and write and where you are.
Which is more interesting, the questions or the answers?
Filed under Access, Controls, Corporation, Definition, Duty, Duty of Care, Governance, Information, Internal controls, Ownership, Policy, Privacy, Security, Technology, Third parties
This blog looks at the intersection of Information, Governance, and Compliance. Normally, when one hears “Compliance,” one assumes it means compliance with law. But Compliance also extends to compliance with policy.
“Barnes & Noble Cites Policy In Firing,” The Wall Street Journal, July 5, 2016 B1. B&N CEO and a member of the board fired after a little more than a year for violation of a so-far-undisclosed company policy.. No severance package. Ouch.
What sort of message does that send to the rank and file when the CEO gets punished for violating company policy? Does that extend beyond the policy the CEO is accused of violating? Is that why the specific policy wasn’t mentioned?
I assume this was for a violation more serious than failing to follow the company’s Records Retention Policy. But aren’t all violations of company policy by the CEO equally serious? Aren’t all violations of policy equal, or are there capital “P” policies, and small “p” policies? How does an employee tell the difference?
And the company chose to publicize at least the basic reason for the firing; does it do that in all firings for policy non-compliance? Does the CEO have more or less privacy rights than the lowest-paid employee?
Filed under Board, Communications, Compliance, Compliance, Compliance (General), Controls, Corporation, Directors, Duty, Employees, Governance, Internal controls, Policy, Privacy
“Amazon Delves Into Health Data,” The Wall Street Journal, July 2, 2018 B3. Amazon buys a company with a bunch of personal health information.
It’s not like Amazon doesn’t have to deal with a whole host of privacy regulations, including the EU and, more recently, California. But personal medical information is different, and subject to different controls.
How does a company that lives on finding relationships in large bodies of information deal with information that can’t be used freely?
We’ll see.
“Facebook Details Data Sharing,” The Wall Street Journal, July 2, 2018 A1. Facebook “expands” its answer to the question, “Who else saw our data?” Apparently, a lot more people than Facebook said originally. A bunch of special deals and exemptions from Facebook’s “policy.”
So, apparently Facebook does not have a personal relationship with the truth, but they sure have your information.
One expects further revelations in the months ahead.
Takeaways:
Filed under Accuracy, Communications, Compliance, Controls, Corporation, Culture, Duty, Governance, Internal controls, Investor relations, Oversight, Policy, Privacy, To report
“Former Equifax Manager Is Charged,” The Wall Street Journal, June 29, 2018 B3. To respond to the huge privacy breach at Equifax last year, the company set up a website to help some of those affected. The former software manager setting up that website bought some options, betting that Equifax’s stock would go down once the breach was discovered. He faces criminal and civil charges.
Who would have thought a software engineer needed insider trading education?
Filed under Access, Compliance, Compliance (General), Controls, Culture, Duty, Duty of Care, Employees, Governance, Internal controls, Legal, Oversight, Policy, Protect assets, Requirements
infogovnuggets 