“Most Bitcoin Trading Faked by Unregulated Exchanges, Study Finds,” The Wall Street Journal, March 23, 2019. More than 90% of reported trading in cryptocurrencies was fraudulent, study finds. “Of the roughly $6 billion in reported daily volume during four days in March, the firm calculated that about $273 million was legitimate.”
When do you suspect that the information your are being given isn’t true? What controls do you have in place, and what laws or regulations control? Is a bitcoin a security within the reach of the US securities laws? If not, who’s in charge?
Do you want a bit more control over this, or is “buyer beware” enough protection for the savyy investor?
“FEMA Officials Accidentally Released Private Data From 2.3 Million Disaster Victims,” The Wall Street Journal, March 23, 2019. Agency shared unnecessary personal information with a contractor.
Once you have someone’s private data, what controls do you have on using it, storing it, or transferring it to someone else? Those are steps you take in protecting those peoples’ data. Are you sharing enough, but not too much, of their private information?
I am struck by the use of “accidentally” in the headline. The government intended to release the data it released; this was not the case of leaving their briefcase on a bus. I guess they “accidentally” gave the contractor more information than necessary. I guess, but am not sure, that this is better than being hacked, which implies the intervening act of a third party. Here, there was not third party.
The beat goes on.
“Prosecutors in 737 MAX Probe Focus on Boeing Disclosures to Regulators, Customers,” The Wall Street Journal, March 23, 2019. Did Boeing mislead customers or regulators?
If you are in a regulated business, be careful what you say and what you don’t say to regulators. Speaking untruth to power is ill-advised.
What controls do you have in place to make sure that what you say to regulators is the truth, the whole truth, and nothing but the truth? How do you monitor the effectiveness of those controls? Especially when an untruth may be a criminal offense? And how do you manage the retention or non-deletion of associated drafts and emails and such?
“The Secret to Winning Votes: Take the Name of a Popular Leader,” The Wall Street Journal, March 23, 2019. Candidates change their names to that of a former leader.
Your name is, in a sense, Information, akin to the brand of a product. Are there rules about changing your name with the intent to deceive people? In Thailand, apparently not.
“House Democrats Probe White House Officials’ Email Use,” The Wall Street Journal, March 22, 2019. Did they use personal email accounts for government business?
One of the tricky things about Compliance is if you have a well-publicized case of another executive doing something that looks to be against the rules and he or she is not punished, it’s hard to enforce those restrictions against the next alleged violator.
So, what are the rules here? The ones on the books or the ones in practice? Does anyone in your company use personal email for company business? Is that against the rules? Do you enforce that rule? Or is the practice so widespread your policies/rules are unenforceable? Or is this just the distinction between employees of the White House and employees of the Department of State or the Justice Department?
“Samsung Probed U.S. Marketing Operation Over Dealings With Business Partners,” The Wall Street Journal, March 22, 2019. Looks like people were playing fast and loose with expense reporting policies and the like. Some employees “were let go for cause and without severance following the audit.”
This is a bit of a departure for this blog of late; I haven’t focused so much on pure compliance issues. But this is about Governance and Compliance, writ large. The employees here violated company policy – not laws (as far as we know). Co that’s Compliance (or not). Remember that an employee’s common law duty to his/her employer includes the obligation to comply not only with applicable law, but also with company policy and other lawful instructions from their managers. Violate that and you get fired, for cause.
Try telling your next potential employer that you got “laid off” “for cause.” That’s “Governance.”
Another privacy breach at Facebook.
“Hundreds of Millions of User Passwords Exposed to Facebook Employees,” The Wall Street Journal, March 22, 2019. Apparently, the passwords were only exposed to Facebook employees.
Do you use the same password on multiple sites? Not a good Governance procedure to protect your information on the various sites.
But Facebook apparently has some holes in its security practices. Is it just that they don’t care about your privacy as much as you do?