“When ‘Free Trading’ Isn’t Really Free,” The Wall Street Journal, November 10, 2018 B5. You can avoid commissions when trading stock by using an app. But if the price you pay or get paid for the stock is more or less, is the trade really free? It depends on how much price improvement is involved.
Interesting study of how the benefits and cost savings on high frequency trading are divided among the various parties. And who knows what.
Isn’t this type of “information imbalance” inherent in every transaction? Do we know how much a tomato or an iPad costs the store that sells it? Or whether the salesperson gets a commission? How do we manage that imbalance? Or do we just accept it, whatever it means?
“Wall Street Analysts Are Selling More Data,” The Wall Street Journal, November 8, 2018 B11. Analysts are searching and make available a bunch of information on your information, including “social media sentiment … and geospatial mapping.” Think of it as expanded research reports.
Well, they are in the business of reviewing data and offering opinions (for a price). Is it much of a disintermediation for them to start selling the information directly? I guess there’s money in it. Or service.
Filed under Access, Analytics, Collect, Controls, Corporation, Duty, Information, IT, Management, Operations, Ownership, Security, Third parties, Use, Use, Value
“Wells Fargo Technology Under Scrutiny,” The Wall Street Journal, November 8, 2018 B11. Questions being raised about the technology the bank uses for cybersecurity and risk management.
Do you have the right technology to effectuate the controls you have placed around information? Will your regulators agree? If you are already on the regulator’s radar screen, will your controls measure up?
Filed under Controls, Corporation, Duty, Governance, Internal controls, IT, Oversight, Protect, Protect assets, Risk assessment, Security, Technology
How do you protect information in the event of an Event? Is this part of your business continuity plan? You do have a business continuity plan, right? Do you have a process to safeguard information you will need to resume operation?
“Second Black Box Eludes Search Teams,” The Wall Street Journal, November 3, 2018 A6. Divers are still searching for the cockpit voice recorder following the crash of Lion Air flight 610 in Indonesia.
Planes carry two “black boxes,” one a flight data recorder (which captures a lot of equipment operating data) and the other a cockpit voice recorder (which captures conversation in the cockpit). The information on these two boxes (which are actually neon orange) is used to determine the cause of a crash.
What information does your company generate that you would need to run your business following an “Event,” such as a computer crash or a hurricane, or whatever? Is that part of your normal operating policies and procedures? If you can’t get to that information, can you restart or run your business?
Is this an Information point (protecting information) , or a Governance point (having processes and procedures to protect mission-critical information), or a Compliance with policies and procedures?
Filed under Access, Business Case, Collection, Controls, Corporation, Duty, Governance, Information, Internal controls, Oversight, Protect, Protect assets, Risk, Use, Value
“Technology Puts Pinch on Oil Smuggling,” The Wall Street Journal, November 2, 2018 B6. Smugglers of Iranian crude will be challenged by satellites and big data.
Smugglers had in the past “hid” their ships, but that will now be harder. Certain companies find a business opportunity in helping to track these vessels.
What controls do you need to have in place to make sure your policies are followed? How have people tried to avoid your controls? How did you/will you respond? Is there a market opportunity for others to help you enforce compliance by collecting other information?
“Alternative Data Is Valued on Wall Street,”The Wall Street Journal, November 2, 2018 B1. Companies mine different types of available information to help traders.
Is information is worth so much, won’t someone start a business to provide it? Apparently. What should you be monitoring to understand how your customers make their purchasing decisions, or what your competitors are doing?
Drones looking at parking lots and where are the iPhones coming from and going to and how many construction permits were issued? What’s your metric? How do you measure it?
At common law, an employee has a duty
- to comply with applicable laws in the performance of his/her work for the employer
- to comply with his/her employers reasonable instructions in the performance of that work, and
- to report material information to his superiors.
“Credit Union Staff Faults Safeguards Against Laundering,” The Wall Street Journal, October 31, 2018 B12. Employees raised concerns in 2017 about the anti-money laundering program at the credit union where they worked. The chief audit executive dismissed the allegations.
Were these employees rewarded for raising these concerns? No. Did the company make changes? The company says it did. Will other employees raise concerns in the future?
How seriously do you take concerns raised by your employees, who are closest to the facts? Is this a Compliance point or a Governance point? Or an Information point (in that Management received information and apparently didn’t use it)?
Filed under Compliance, Compliance (General), Controls, Culture, Duty, Employees, Governance, Information, Internal controls, Oversight, Third parties, To report, Use