“Prosecutors Drop All Charges Against Actor Jussie Smollett,” The Wall Street Journal, March 26, 2019. Charges dismissed against actor accused of faking a hate crime attack.
Not what you’d readily recognize as an information governance story. But think about the information used in filing the police reports and the controls in place to prevent false police and news reports and unjustified criminal convictions and punishments, and how well they worked. At the police and prosecutors’ offices, the courts, and in newsrooms around the country (world).
Does your company act on unproven or unreliable information? What does that cost? What controls do you have in place? Today’s quiz: how does this fit under the headings of Governance, Information, Compliance, and Use? Identify and discuss.
“Ill-Fated Hewlett-Packard Deal Is Back in Court,” The Wall Street Journal, March 26, 2019. HP alleges that Autonomy fraudulently inflated its financial results, leading HP to pay an hugely inflated price for the company.
What controls are in place to prevent you from overpaying for a company? Isn’t that why there are such things as audited financial statements and due diligence by teams of lawyers and accountants? Didn’t HP and its board of directors consider the possibility that the numbers had been juiced?
So, principally Governance and Information. But a bit of Compliance, as the HP directors had a duty of care (which is a legal duty), as did the directors of Autonomy. Are they getting sued, too? Did the shareholders of both companies assume that the directors and officers would fulfill their duty of care?
“Duke University Agrees to Pay $112.5 Million in Whistleblower Suit Over Grants,” The Wall Street Journal, March 25, 2019. University employee used fake data to secure federal grants.
The university employee had been found to be embezzling. A whistleblower (using his brother as his attorney) sued under the False Claims Act.
Not a good month for prestigious universities.
Governance, Compliance, Information, and Use all in one story. The university didn’t have sufficient controls (Governance) to manage the Information its employees were submitting to the government, and a whistleblower apparently spoke to his attorney brother and then sued to enforce Compliance (and get a slice of the recovery). Now there’s a compelling case for the use and value of information about a colleague’s bad behavior.
“Most Bitcoin Trading Faked by Unregulated Exchanges, Study Finds,” The Wall Street Journal, March 23, 2019. More than 90% of reported trading in cryptocurrencies was fraudulent, study finds. “Of the roughly $6 billion in reported daily volume during four days in March, the firm calculated that about $273 million was legitimate.”
When do you suspect that the information your are being given isn’t true? What controls do you have in place, and what laws or regulations control? Is a bitcoin a security within the reach of the US securities laws? If not, who’s in charge?
Do you want a bit more control over this, or is “buyer beware” enough protection for the savyy investor?
The beat goes on.
“Prosecutors in 737 MAX Probe Focus on Boeing Disclosures to Regulators, Customers,” The Wall Street Journal, March 23, 2019. Did Boeing mislead customers or regulators?
If you are in a regulated business, be careful what you say and what you don’t say to regulators. Speaking untruth to power is ill-advised.
What controls do you have in place to make sure that what you say to regulators is the truth, the whole truth, and nothing but the truth? How do you monitor the effectiveness of those controls? Especially when an untruth may be a criminal offense? And how do you manage the retention or non-deletion of associated drafts and emails and such?
“House Democrats Probe White House Officials’ Email Use,” The Wall Street Journal, March 22, 2019. Did they use personal email accounts for government business?
One of the tricky things about Compliance is if you have a well-publicized case of another executive doing something that looks to be against the rules and he or she is not punished, it’s hard to enforce those restrictions against the next alleged violator.
So, what are the rules here? The ones on the books or the ones in practice? Does anyone in your company use personal email for company business? Is that against the rules? Do you enforce that rule? Or is the practice so widespread your policies/rules are unenforceable? Or is this just the distinction between employees of the White House and employees of the Department of State or the Justice Department?
“Samsung Probed U.S. Marketing Operation Over Dealings With Business Partners,” The Wall Street Journal, March 22, 2019. Looks like people were playing fast and loose with expense reporting policies and the like. Some employees “were let go for cause and without severance following the audit.”
This is a bit of a departure for this blog of late; I haven’t focused so much on pure compliance issues. But this is about Governance and Compliance, writ large. The employees here violated company policy – not laws (as far as we know). Co that’s Compliance (or not). Remember that an employee’s common law duty to his/her employer includes the obligation to comply not only with applicable law, but also with company policy and other lawful instructions from their managers. Violate that and you get fired, for cause.
Try telling your next potential employer that you got “laid off” “for cause.” That’s “Governance.”