Category Archives: Compliance

Silence as information?

I normally cite to The Wall Street Journal.  But occasionally I come across something elsewhere worthy of note.  One of my sources is the Business Law Prof Blog.  There was a post there today titled “Omissions Liability: Tempest in a Teapot or Gathering Storm?

At issue, can there be Rule 10b-5 liability (dealing with securities fraud) for not saying something, when you had knowledge and something akin to a duty to disclose.  There’s a Supreme Court case (Leidos, Inc. v. Indiana Public Retirement System) pending that may resolve the issue.

Is a corporation’s failure to say something in itself information, and if so, is that silence itself information that must be governed in order to be compliant?  How do you manage/govern silence?

 

Advertisements

Leave a comment

Filed under Board, Business Case, Collect, Communicate, Communications, Compliance, Compliance, Compliance, Controls, Corporation, Directors, Duty, Governance, Inform market, Inform shareholders, Investor relations, Management, Third parties, To report

Catching up

I was working on another project, and could not do my postings as timely as I would like.  But here’s a bunch of news items I wanted to write about:

Leave a comment

Filed under Compliance, Compliance, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Lawyers, Oversight, Ownership, Privacy, Third parties, Uncategorized

Keeping it in the family

“Two Plead Guilty in Insys Cases,” The Wall Street Journal, July 12, 2017 B3.  Insys Therapeutics had an unusual fentanyl problem: bribing doctors to prescribe it.  Two saleswomen took the plea.

Notable:  one of the women is married to the firm’s former CEO, who  was arrested on related charges in December, together with 5 other senior managers.

Does corruption normally run this deep?  Where is (or was) the board?

Leave a comment

Filed under Board, Compliance, Compliance, Compliance, Compliance Verification, Controls, Corporation, Culture, Culture, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, Management, Oversight, Oversight

Altered metrics

If someone asks you to “alter” or “fudge” a financial metric reported to the market, take pause.  Or hit the big red button.

“Witness: Magnate Knew of Altered Metric,” The Wall Street Journal, June 28, 2017 B9. The chairman of a large company allegedly knew that one of the financial metrics the company reported to the market for the previous quarter was improperly inflated.  Or fudged, as they say in the trade.  By $12 million.

The former chief accounting officer took a plea to fraud (and admitted to lying on other matters) and is cooperating with the government; the former CFO is charged with criminal fraud and is at trial.  The company is “cooperating.”  The chairman hasn’t been charged.  Yet.

Why isn’t the company charged?  At least one of its agents appears to have committed a fraud.  Why isn’t the chairman charged, if he knew?  Is this consistent with the Yates memo?  Is there a civil (derivative) suit against the chairman?

Leave a comment

Filed under Accuracy, Board, Collect, Communicate, Compliance, Compliance, Compliance, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Inform market, Internal controls, Management, Oversight, Oversight

Weakest link

Where do you start if you want to pierce a corporation’s cybersecurity protections?  The CEO.

“Goldman, Citi Bosses Duped by Email Prankster,” The Wall Street Journal, June 13, 2017 B11.  Although nothing confidential was leaked, the CEOs bought into phishing emails.

Hard to blame the Chief Information Security Officer.  One assumes there’s a policy in place, but can you write a policy to protect against this?  Who else in the corporation isn’t following the existing policy?  How do you fix? Two-factor authentication for every email to/from a senior exec?  Encryption?

Leave a comment

Filed under Access, Compliance, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Internal controls, IT, Management, Policy, Security

Surgical precision

How do you deal with claims of sexual harassment?  Have two law firms conduct investigations and fire 20 people.  But will that be the end or the middle?

“Uber Fires Over 20 In Wake Of Probe,” The Wall Street Journal, June 7, 2017 B1.  Over two hundred claims investigated and no action taken in 100 of them.

Were there supervisors who participated or condoned or who failed to notice or respond?  Were there reporting practices and policies in place?  If harassment was “accepted” in the Uber culture, who’s to blame?  HR?  The Board?  Management?  How long had this been going on?  How much will the shareholders have to pay?

A summary of one of the law firm reports is due out soon.

Leave a comment

Filed under Board, Compliance, Compliance, Compliance, Controls, Corporation, Culture, Culture, Duty, Employees, Governance, Internal controls, Management, Oversight, Oversight

The self-governing company

Uber fired the executive at the heart of the dispute with Google over self-driving cars.  The exec failed to meet a deadline to comply with a court order to turn over documents in a trade secret case over self-driving cars. “Uber Fires Executive At Center Of Suit,” The Wall Street Journal, May 31, 2017 A1.

Lesson?  If you hire an employee from a competitor and he’s accused of stealing his former employer’s trade secrets, try your best to look good.

What’s your process for keeping new employees, especially from competitors, from damaging your business and your reputation by bringing in your competitor’s trade secrets?  Did you follow it, or is it just there for show?

Leave a comment

Filed under Communications, Compliance, Controls, Corporation, Duty, Employees, Governance, Information, Internal controls, Management, Managers, Oversight, Ownership, Policy, Protect, Third parties, Value