Category Archives: Management

Moneyball 2

“The Mariners; Big Data Experiment,” The Wall Street Journal, March 27, 2018 A14. Data leads to moving a star player from shortstop to the outfield.

Maybe not a big Information Governance or Compliance piece.  But interesting use of information.


Leave a comment

Filed under Analytics, Collect, Data quality, Information, Management, Operations, Use, Use, Value


When you need to hide relevant information from your clients, you are often doing something that’s not ethical.

“BofA to Pay Fine Over ‘Marking’ of Trades,” The Wall Street Journal, March 24, 2018 B10.  Bank hid the fact that it was routing its clients’ trades through high-speed trading firms.  Millions of times.  Apparently, the scheme was well known by bank employees, and was to hide the bank’s practices from major clients who would have objected.  And they did it anyway.  Cost: $42 million fine, and a loss of a lot of face.

You’d think a bank would have a policy or maybe even a culture against lying, cheating, or stealing.  Who’s getting fired?


Leave a comment

Filed under Compliance, Compliance, Compliance (General), Controls, Corporation, Culture, Duty, Employees, Governance, Management, Oversight, Policy, To report

China doesn’t like

Does your employer restrict your tweets?

“Marriott Firing Tied To Tweet Over Tibet,” The Wall Street Journal, March 5, 2018 B1.  Employee in Nebraska fired from hotel group after liking a tweet from a Tibetan group.  China doesn’t like it when people refer to Tibet as a separate country.

Good thing he didn’t break a law.  Then he really would have been thrown under the bus to preserve his employer’s reputation (and business) in China.  Did he violate a policy?

As he looks for a new job, does it matter?

As an employer, how do you mitigate against this type of risk?  What policy do you put in place?  How do you train your employees (and agents) to comply?  How do you monitor compliance with the policy?

Leave a comment

Filed under Controls, Corporation, Duty, Employees, Governance, Internal controls, Management, Oversight

Willie Sutton?

Willie Sutton (a famous bank robber) was reportedly asked, “Why do you rob banks?” He reportedly said, “Because that’s where the money is.”

“Hackers Plunder Crypto Exchange,” The Wall Street Journal, January 27, 2018 B5. More than $500 million in credits hacked from the Coincheck site in Japan.  One assumes virtual banks are easier to rob than brick and mortar banks.

This is a concrete example of the cost of a cyber breach.  But it also follows on from an earlier post (Law School Exam Question) equating cash money and information, in terms of value.

If businesses (including the Board of Directors) treated information assets as cash, and managing, protecting, and controlling the organization’s information as currency, would that be “information governance”?  Why do they handle information assets differently?  Why should the Board and the officers get a pass on this?  The shareholders certainly don’t.

Leave a comment

Filed under Board, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, IT, Oversight, Oversight, Ownership, Protect, Protect assets, Protect information assets, Security, Third parties, Value

Keeping track

Your can keep track on paper, or have a machine do it.  Which is better for compliance?

“Electronic Logs to Rule the Road,” The Wall Street Journal, December 16, 2017 B3.  For many years, larger trucking companies have used electronic systems to monitor how many hours their drivers drive, and thus comply with various DOT regs.  Now smaller companies will have to follow suit.


Leave a comment

Filed under Accuracy, Collect, Compliance, Controls, Corporation, Data quality, Duty, Employees, Governance, Information, Internal controls, Management, Oversight, Requirements, Third parties, To report, Value

Who are your employees, anyway?

“Firm Settles Russia Probe,” The Wall Street Journal, December 12, 2017 A5.  Company working on US defense projects had Russian employees who lacked appropriate security clearances (and who stored some material on servers in Russia).

No fine reported; company to institute new security protocols and thereby resolve criminal complaint.

One would have thought someone would have gotten more than their hands slapped over this one.

Leave a comment

Filed under Access, Compliance, Compliance, Controls, Corporation, Duty, Governance, Government, Internal controls, Management, Oversight, Protect

Covert units

It’s a bad sign when you establish a covert unit.

“Uber Formed Covert Unit to Steal Trade Secrets, Ex-Employee Says,” The Wall Street Journal, November 29, 2017 A1. According to a former security employee, Uber “had a team dedicated to stealing [competitors’] trade secrets and helped employees dodge regulators’ scrutiny.”

This information was in a letter read to the jury in the Alphabet/Uber trade secret litigation.  Ouch.

What does it say about the company’s commitment to compliance with law (including the rights of others)?  Are RICO charges far behind?

If Uber loses the case, will shareholders sue the directors who allowed this to happen?


Leave a comment

Filed under Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Oversight, Supervision