Category Archives: Content

December 6, 2013 · 10:27 am

Code words

Looking for “hot words” is a document has long been one path to discovering relevant documents.  Scanning for “hot words” in phone calls is a more recent phenomenon.  Especially important when monitoring traders.  But how do you know what today’s “hot words” are?  And do you measure tone and stress?  Content matters.

“Bank Scan Trader Talk for Trouble,” Wall Street Journal, December 6, 2013 C1 http://on.wsj.com/1iGOC85

Certainly, one red flag is the fact that people use code words to avoid saying the bad words.  Another is someone who never takes vacation.  Technology beats having teams of people listening to all those tapes.

Leave a comment

Filed under Business Case, Content, Controls, Information, IT, Legal, Risk

November 20, 2013 · 12:46 pm

Ethics are situational

“Attorney on Stand in Chevron Trial,” November 20, 2103 B9 http://on.wsj.com/1cGJysU

Well, at least, he says, he didn’t bribe the judge.  But ex parte contact with the independent, court-appointed expert and ghost-writing portions of that expert’s opinion – which would have been unethical in the US – was okay by him, although they refused to explain it.

I seem to recall an old legal principle, in the Hazel Atlas case as memory serves, that fraud in the application process – in essence fraud on the governing authority – vitiates a patent.  So what about the $19 billion judgment against Chevron (later cut in half)?

Okay, so where’s the information slant? Ghost-writing has risks? Entries in his diary, emails he sent, and outtakes from a documentary film that some say are “evidence of a conspiracy to defraud Chevron” or, arguably, the court.

Would your information governance/management policies and procedures have prevented “this,” whatever “this” is?  If not, why not?

Leave a comment

Filed under Business Case, Content, Controls, Definition, Discovery, Governance, Information, Legal, Policy, Requirements, Risk

November 19, 2013 · 11:02 am

Is a final draft one or the other?

In negotiations, it is common to work through several drafts before you get to the final draft, which is submitted to the higher-ups for final approval.

So the question came up whether you can have 6 weeks of paid family leave. One party’s higher-ups approved a final draft that included a provision including the leave.  The other party’s negotiators says the provision was left in due to clerical error.

Is this an information governance/management problem? If so, what practices and procedures do you follow to prevent it in your dealings? Is it enough to have a provision that says “no deal on anything until there’s approval by the higher-ups of a deal on everything”?  How do you deal with the issue if the negotiations continue?

“Fresh Dispute Mars Bay Area Transit Deal,” Wall Street Journal, November 19, 2013 A6 http://on.wsj.com/1bNgjGL

Leave a comment

Filed under Business Case, Content, Controls, Governance, Legal, Operations, Policy, Protect assets, Risk

November 14, 2013 · 11:41 am

Timing is everything

A regression analysis of announcement of expected above-expected revenue and subsequent downward revisions, when matched to executive stock sales.  Shareholders, excluded from the inside information track, sue for insider trading and fraud.  Go figure.

“Executives Hit Stock-Sales Sweet Spot, Wall Street Journal, November 14, 2013 A1 http://on.wsj.com/HVe2yv

Internal communications warn about negative impact from loss of one customer’s business.  Four months later, company announces sales will exceed expectations, and then executive sells $3.3 million in stock.  Then analyst reports problems with orders by customer.  Months later, company announces declining customer demand and decreased sales.

Questions: (1) How do you handle internal communication of bad news? (2) How do you handle external communication of good/bad news? (3) How do you control and monitor executive sales and purchases of company stock? (4) As an employee, how would you describe the culture of compliance at this company?

Leave a comment

Filed under Business Case, Compliance, Content, Controls, Culture, Definition, Governance, Information, Internal controls, Investor relations, Legal, Ownership, Requirements, Risk, Value

November 10, 2013 · 11:04 am

Follow-up

Yesterday I posted on whether communications in response to a crisis were within the ambit of “information governance.”  I referred to the BP response to the explosion at their Texas City refinery as an example of doing it well.  There, then-CEO John Browne said, in response to a question from the press on liability, something along the lines of “We are responsible for everything that happens within our fence lines.”  Without equivocation.  One can hear the lawyers cringe.

But BP’s response following the Texas City explosion was not uniformly good.  John Manzoni, then head of refining at BP, complained that the explosion, that left several dead, caused him to have to leave his skiing vacation, at a cost of a precious day of his vacation [well, he said “leave”].

How do you prevent the big sneezes in your company from saying or writing something really bad at a time of crisis?  Can you? Is that content control or just dealing with humans, caught up in the heat of the moment? Is it a culture issue, where senior people think they can write that way?  See also Tony Hayward’s “I want my life back” comment in the aftermath of the Gulf spill.  If the seniors think and write that way, what do the rank and file do?

How much did Manzoni’s comment cost BP’s shareholders?

Leave a comment

Filed under Business Case, Communications, Content, Controls, Culture, Definition, Governance, Information, Internal controls, Legal, Risk, Value

November 9, 2013 · 10:06 pm

A different side of information

Recent news events have led me to consider an information governance issue that isn’t normally seen as an information governance issue.

What about crisis communications in the middle of a crisis?  Is that an information issue within the purview of information governance?

Post- Exxon Valdez, where the big cheese at Exxon botched the news interviews and Exxon got slammed.  Shortly thereafter, BP had the American Trader spill off the coast of California.  Big news splash to start with, but two weeks later it was a non-event.  The reason, I and others think, was the fact that BP and the owner of the vessel stepped up and took responsibility for the event and described how they were going to fix it.  No waffling, no lawyer’s weasel words. [Disclaimer: I was a lawyer with Amoco at the time, and Amoco subsequently merged with BP.  I wasn’t employed by BP at the time of the Gulf spill.]

I used this story in the training I did over the years for lawyers involved in crisis management and crisis response, both within Amoco and then BP, and externally.  Others, like Richard Levick and Rick Corvillo, preach the same message: you can’t let the lawyer’s concern for liability trump the necessity of managing the brand impact of restoring trust in the marketplace.  BP did, in my opinion, a great job with the press aspects after the Texas City explosion.

This hasn’t been viewed as an information governance issue.  But it should be.

Where you have news clips of the President repeatedly saying one thing, and the marketplace reality being different, is it enough to say you’re sorry that others have been hurt by relying on what you said?  Wouldn’t an information governance view require a statement that “I was wrong when I told you that,” followed by “and here’s what I’m going to do about it”?  With anything short of that, can you restore the necessary trust?

Is this an information risk?

Leave a comment

Filed under Business Case, Business Continuity, Communications, Content, Definition, Governance, Information, Investor relations, Legal, Operations, Protect assets, Risk

November 5, 2013 · 12:43 pm

J&J $2.2 billion settlement

Today’s theme is compliance.

Compliance has been a bigger topic since Enron, WorldCom, Tyco and Sarbanes Oxley.  Sometimes the compliance issue is directly related to information flow; sometimes less directly.

“J&J Pays $2.2 Billion to Settle Probe,” Wall Street Journal, November 5, 2013 B3 http://on.wsj.com/16Dnkb2  J&J pled guilty to a misdemeanor in connecting with allegations of promoting off-label uses for two of its drugs.  J&J agreed to upgrade its compliance programs and to accept monitoring for five years from the HHS Inspector General.  This follows settlements with GlaxoSmithKline ($3 billion) and Pfizer ($2.3 billion).  Over 150 civil lawsuits are pending.

Is this “directly” or “less directly” connected to information?  Sales reps saying something that the regulations prohibit them from saying.  Was this a failure in compliance governance or information governance, or both?

Leave a comment

Filed under Business Case, Compliance, Content, Controls, Definition, Governance, Information, Internal controls, Legal, Requirements, Risk, Use

November 1, 2013 · 11:13 am

Remember: it’s a two-fer

Given the subject matter, many of my posts could easily be on a compliance with law site.  But there are nuances.

Take, for example, the Foreign Corrupt Practice Act. You’d think that if you don’t operate in foreign environments or don’t pay bribes, you don’t need to worry.

Wrong.

The point I want to make here is that there are two substantive parts of the law.  The first deals with the offer or payment of anything of value to a foreign official to obtain or retain business.  The second is the books and records provision.  A bribe or offer thereof is a separate and distinct offense from the offense of recording the bribe in your books as “entertainment,” or similar.

“SEC Warning Sinks Avon,”” Wall Street Journal, November 1, 2013 B3 http://on.wsj.com/1cupvlX.  Avon’s stock price drops 20% after company announces Feds are seeking bigger penalties for bribery allegations.

Not mentioned in the article is how Avon accounted for the alleged bribes.  But they have paid more than $340 million in legal “and related costs.”

So, information includes how you chose to characterize an expense in your books.

Leave a comment

Filed under Business Case, Compliance, Content, Controls, Definition, Governance, Information, Internal controls, Legal, Requirements, Risk, Value

October 31, 2013 · 11:34 am

Visa by fraud

As a general rule, it’s a felony to lie in a government submission, if that lie was to influence the government’s action.  See 18 USC 1519.

Now, assume you want to get a visa for a foreign worker to come to the US.  If you do it one way, it costs $5,000 and takes months.  If you can fit it under another provision, it costs $160 and takes days. If fitting it under the second provision, requires playing a bit fast and loose with the truth,  there’s a price premium for that: $34 million.

“In Visa Case, U.S. Accuses Infosys of ‘Fraud and Abuse’,” Wall Street Journal, October 31, 2013 B1 http://on.wsj.com/1bGn6zw

The US originally pursued criminal charges (a conviction apparently affects your business reputation and your ability to get visas, which, if you’re an outsourcing company, is a big deal).

Lesson learned? What culture and internal pressures led to this? What controls would have prevented it?

Leave a comment

Filed under Business Case, Business Continuity, Compliance, Content, Controls, Culture, Governance, Information, Internal controls, Operations, Requirements, Risk, Value

October 23, 2013 · 2:16 pm

Insiders, and controlling what they write

Not a Wall Street Journal piece;  The Daily Beast, which is not my normal source of business use. http://thebea.st/1icqEMt

White House staffer fired for posting a string of tweets unflattering to the White House and some of its people and positions.

Holy Smokes – the guy worked for the National Security Committee, and didn’t suspect this would cause heartburn. Or that it would come out.

Are your controls on an employee’s personal posts/tweets in his/her off-hours sufficient to stop this? Is it content controls? Free speech restriction?

Leave a comment

Filed under Content, Controls, Internal controls, Privacy, Risk, Value