It’s a bad sign when you establish a covert unit.
“Uber Formed Covert Unit to Steal Trade Secrets, Ex-Employee Says,” The Wall Street Journal, November 29, 2017 A1. According to a former security employee, Uber “had a team dedicated to stealing [competitors’] trade secrets and helped employees dodge regulators’ scrutiny.”
This information was in a letter read to the jury in the Alphabet/Uber trade secret litigation. Ouch.
What does it say about the company’s commitment to compliance with law (including the rights of others)? Are RICO charges far behind?
If Uber loses the case, will shareholders sue the directors who allowed this to happen?
Filed under Board, Compliance, Compliance, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Oversight, Supervision
Who gets fired for violating company policy? How often is it a senior executive?
“Visa Cites Behavior In Firing Executive,” The Wall Street Journal, December 4, 2017 B3. We don’t know what the violation was. Yet. But he was a high-flyer, handling the Apple and PayPal partnerships.
Does this send a message to the rest of the organization? Does it depend on the policy he violated?
Does your company publish information on how many people have been disciplined for violations? If not, why not?
Filed under Compliance, Compliance, Controls, Corporation, Duty, Employees, Governance, Internal controls, Management, Oversight, Policy
“Wells Fargo Fires A Top Official, The Wall Street Journal, November 18, 2017 B1. Head of commercial lending canned because he said bad things to a fellow employee about regulators (and how they were affecting golden parachute payments) .
Think about that. He didn’t write it down; he just said it. Not outside the company, even.
True, his firing may have been expedited by all the other legal issues Wells Fargo has been having. But he may not have gotten much of a parachute.
Information controls apply to unwritten information, too.
Filed under Communicate, Communications, Compliance, Controls, Culture, Definition, Duty, Employees, Governance, Information, Internal controls, Management
“Nissan Report Faults Management,” The Wall Street Journal, November 18, 2017 B3. Factory workers falsified inspection data. Nissan recalls 1.2 million vehicles. Did management press too hard when setting targets?
Everyone on the manufacturing floor knew the inspections were being done by under-qualified workers, and hid it from the inspectors. Management was clueless. Practice was the norm for nearly 30 years.
Would your culture allow this to happen in your company?
Filed under Accuracy, Compliance, Compliance, Controls, Corporation, Culture, Data quality, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Policy, Protect assets, To report
What do you do when a rogue employee decides to express his or her politics by messing with your product? Could that affect your brand?
No, this isn’t about the NFL.
“Twitter Tightens Security,” The Wall Street Journal, November 4, 2017 B3. Security lapse allows a departing and now former Twitter employee to shut down President Trump’s Twitter feed for eleven minutes.
Cybersecurity focuses not only on external hackers but also internal bad-deed doers. Sometimes, even well-designed security plans fail. But those third-party plans are protecting your information in their control.
Do you have special controls for special celebrity cases? Do you take extra steps for departing employees?
Not sure Twitter is a brand.
Filed under Access, Business Continuity, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Internal controls, IT, Management, Oversight, Protect, Protect assets, Security, Supervision
“A Hot Startup Misled Advertisers,” The Wall Street Journal, October 13, 2017 A1. Outcome Health apparently misled advertisers as to how many units their ads were appearing on. The investigation continues.
How would your employees react if ask to provide inflated numbers to potential customers? How would your investors react after a story appears on page one, above the fold? Probably reflects in the valuation of the company. And what about your company’s extensive political contacts?
Filed under Accuracy, Board, Communicate, Compliance, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Culture, Data quality, Directors, Duty, Duty of Care, Employees, Governance, Inform market, Inform shareholders, Information, Internal controls, Investor relations, Managers, Oversight, Oversight, Policy, Protect assets, Protect information assets, Use, Value
As if Facebook weren’t enough, the Russians allegedly go after the phones of NATO soldiers.
“Russia Targets NATO Soldiers in Phone Hack,” The Wall Street Journal, October 5, 2017 A1. Use of drones suggests a national actor.
Do you control what your employees have on their phones? Can you? How? What if it is your company’s proprietary data? Or overseas?
Filed under Access, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Internal controls, IT, Oversight, Ownership, Protect, Protect assets, Security