Category Archives: Supervision

The cobbler’s children

The cobbler’s children have no shoes.  Experts tend not to tend to things at home.

“Errant Charges at Coinbase,” The Wall Street Journal, February 17, 2018 B9.  A bitcoin firm ended up charging its customers multiple times (as many as 50!) for the same transactions. Blames its vendors.

Let me see.  You can’t work out your own electronic invoicing and you want to store our digital currency?  We should trust you why, exactly?

Wouldn’t you think you’d keep a close eye on the processes by which customers are charged and you are paid?

Advertisements

Leave a comment

Filed under Accuracy, Board, Controls, Corporation, Directors, Duty, Governance, Interconnections, Internal controls, IT, Oversight, Supervision, Third parties, Vendors

Stop digging

What’s the first step to get out of a hole?  Stop digging.

“Wells Errs in Bid to Make Amends,” The Wall Street Journal, February 12, 2018 B1.  Wells Fargo, a frequent star in this blog, was trying to reach out to the 600,000 – 800,000 customers it screwed over by forcing them to buy auto collision insurance.  It couldn’t even do that.

First, it reportedly sent refunds to some non-customers.  Second, it told some customers that they would be paid the wrong amount. Third, it said it was going to pay refunds to people who hadn’t even bought the insurance. Affected: 38,000 folks.  Cause: a vendor’s coding error.

Fourth, Wells Fargo still hasn’t contacted the 110,000 people it overcharged for mortgage insurance rate locks.

And they are in charge of your bank deposits?

Leave a comment

Filed under Accuracy, Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, Oversight, Supervision, Vendors

Uber settles

“Uber Settles Trade-Secrets Case,” The Wall Street Journal, February 10, 2018 B1.  Uber pays more than $240 million to settle case, and agrees not to use certain technology on self-driving cars, allegedly belonging to Waymo.  The agreement not to use was worth perhaps $250 million.

How does your company make sure it isn’t using a third party’s intellectual property without permission?  Is this an important part of your compliance program?  How does your company manage its acquisitions of new companies, some of whom (or their employees) may not have been as diligent in avoiding trade secret theft?

How can you prevent people from bringing information that you do not want into your company?  What are your processes?

Leave a comment

Filed under Board, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Ownership, Ownership, Policy, Protect assets, Protect information assets, Supervision, Third parties, Value, Vendors

Lessons learned?

I am not sure what to say about the Nunes memo about the DOJ and the FBI and the FISA court, and classified information and governance and compliance.  Too political to be educational.

So, the right-hand news item instead.  “Fed Limits Wells Fargo Growth, Replaces Directors,” The Wall Street Journal, February 3, 2018 A1.  Following a pretty bad year or two, following the customer cramming schedule or the auto insurance.  A former CEO. Lower bonuses.  Now the government takes control of a large bank and replaces the directors.  Restricts the bank’s future growth.  A 6% stock value drop, before this week’s really bad sell-off.  Cost: $300-400 million. Government says, “We cannot tolerate pervasive and persistent misconduct at any bank ….”

What’s the value of compliance?  Is it the possible loss of your ability to control your company?  Is this a lesson for directors, in that they may lose their positions (but they don’t have to refund their fees)(yet- the derivative suits are coming soon).  They didn’t even do that to BP!  The Chief Risk Officer is also retiring later this year.

Business case for compliance or better risk management?  For knowing what’s going on in your company?  Not sure what the lesson is for the shareholders.

Leave a comment

Filed under Board, Business Case, Compliance, Compliance, Compliance Verification, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Inform market, Inform shareholders, Internal controls, Oversight, Oversight, Protect assets, Risk, Risk Assessment, Risk assessment, Supervision, To report

Breach at PayPal

“PayPal Discloses Breach At Its TIO Unit,” The Wall Street Journal, December 2, 2017 B11.  Upwards of 1.6 million users affected at newly acquired company that has kiosks in retail stores.

When you acquire a company, make sure their cybersecurity is up to snuff.  From Day One.

Leave a comment

Filed under Board, Compliance, Compliance Verification, Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, IT, Oversight, Oversight, Protect assets, Protect information assets, Security, Supervision

Covert units

It’s a bad sign when you establish a covert unit.

“Uber Formed Covert Unit to Steal Trade Secrets, Ex-Employee Says,” The Wall Street Journal, November 29, 2017 A1. According to a former security employee, Uber “had a team dedicated to stealing [competitors’] trade secrets and helped employees dodge regulators’ scrutiny.”

This information was in a letter read to the jury in the Alphabet/Uber trade secret litigation.  Ouch.

What does it say about the company’s commitment to compliance with law (including the rights of others)?  Are RICO charges far behind?

If Uber loses the case, will shareholders sue the directors who allowed this to happen?

 

Leave a comment

Filed under Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Oversight, Supervision

Was your ride late?

“Chicago Sues Uber For Lag in Reporting Data Hack,” The Wall Street Journal, November 28, 2017 B4.  Following the disclosure of the year-old breach of 57 million accounts, Uber is sued for consumer fraud and deceptive business practices, among other things.

There is the breach.  And then your response to the breach.  And then the regulators’ and the customers’ and the shareholders’ response to the breach.

Leave a comment

Filed under Communications, Compliance, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Investor relations, IT, Oversight, Protect assets, Security, Supervision, To report, Value