Random Compliance on My Mind…

Random thoughts about compliance, audit, and risk management to keep you entertained while I’m away on vacation this week… 

The OFAC framework for sanctions compliance is an outstanding document. I understand that implementing its recommendations may be a pain in the neck, but it packs a tremendous amount of information into 12 pages. Line for line, it’s far more informative than the Justice Department’s guidelines of effective compliance programs

Kudos to Axon, maker of police body-cameras, for deciding not to incorporate facial recognition technology into its products yet. It’s refreshing to see a company admit its limitations amid murky ethical issues, and exercise prudence. 

I won’t say the same for DeepNude, an app that uses AI to create nude images of women from photos posted online. The software developers behind DeepNude took the app off the Internet in June several hours after they released it for sale — but not until the app had already been sold numerous times, and now its software code is out there for others to exploit. You’re supposed to consider the ethical implications of your product before sale, not after. 

Big political thought, Part I: One could easily sketch out a scenario in 2020 where Donald Trump wins the Electoral College with 270 votes on the nose, but because he is so unpopular and drives people to vote against him — he won’t just lose the popular vote by 3.2 million like 2016; he could lose the popular vote by 10 million or more. 

Lately I’ve been reading the disclosures companies have been making under the new accounting standard to report the costs of operating leases. We’ve had three years to prepare for this standard, and still, plenty of companies can’t seem to deliver what the standard wants: clear, easy-to-see disclosure of leasing liabilities and assets. Yeesh, people. Do better. 

Has anyone else noticed that Hester Peirce, Republican commissioner on the SEC, gives more speeches than a second-rate presidential candidate? She’s somewhere new every week.

Prediction: Donald Trump won’t debate the Democratic nominee next year. Not sure whether he’ll complain about biased media, or a rigged system, or some other flimflam excuse — but he’s not going to do it. I’ll bet you a year’s SCCE membership fees. 

I welcome the idea that we should update the Three Lines of Defense model of risk assurance created by the Institute of Internal Auditors. But I’ve read the call for public comment twice, and I’m still not sure exactly what the document is proposing to do. 

Hardly any comments yet for the SEC’s proposal to exempt more filers from audits of internal control over financial reporting. I understand that most comments will arrive just before the July 29 deadline, but still — I wish this issue would get more attention. 

One of the most under-noticed deals of the year: Salesforce buying Tableau, the data visualization software maker. Internal audit and compliance teams should be marching into your sales departments’ offices demanding, “Salesforce has better data visualization? Give it to us now!”

So if we adopted blockchain for payments to third parties, and those blockchains were public, where others could see them — could companies somehow use that technique to identify high-risk third parties and cut them out of the supply chain? That is, could blockchain somehow create the seal of approval for third parties that compliance officers keep wishing the world could invent?

Big political thought, Part II: If Trump wins the Electoral College while losing the popular vote so widely, that would probably mean Democrats expand their majority in the House and pick up Senate seats in states like Maine, North Carolina, or Arizona. (Part III is the big reveal.)

Part of me wants Elizabeth Warren to be the next CEO of Wells Fargo. Whatever else you might think of her, it would be fascinating to watch how she’d handle that job.

More companies should report the costs of ongoing FCPA investigations in quarterly reports like Walmart did. It’s an interesting statistic and shows how much companies really do spend trying to unravel FCPA messes. 

Robert Jackson, Democratic commissioner on the SEC, is outstanding at the job — “the job” being to defend your positions while having no real power as a minority party commissioner. Guy always drops a truckload of research and data into his speeches that skewer whatever policy Republican commissioners are trying to ram through.

The CFTC issuing whistleblower awards this year intrigues me. The agency seems to be much more active, and explanatory, with its awards notices. 

Also, the SEC’s proposals to curb large whistleblower awards — we all know that’s going to get challenged in court the day after those proposals are adopted, right? (See Republican commissioners and policy ideas, ramming through, above.)

As someone who lives far from the southern border, I’d have no issue with the Trump Administration housing some migrants and refugees at facilities here. This is a national challenge and it requires a national solution. (And one based on compassion, not fear.)

I’ll take an ounce of strong control environment over a pound of control activities any day of the week.

Big political thought, Part III: So if Trump clings to the presidency via the Electoral College, but clearly is not the people’s choice and Democrats have even stronger control of Congress — do they begin impeachment proceedings in 2021 anyway? Think about it. 

I had a personal Facebook account for years, until I deleted it in 2018. One of the best decisions I ever made. I recommend it to everyone.

Leave a Comment

You must be logged in to post a comment.