General
Suicide Prevention & Speak-Up Culture
Today we have a reminder about the importance and value of a speak-up culture from a rather unlikely source: the new U.S. suicide prevention hotline, which is already receiving more calls than anyone expected. The 988 hotline went live on July 16, replacing the longer, toll-free hotline number that people had used for decades prior.…
Read MoreStudy: Deferred Comp Boosts Ethics
We have a fresh bit of ethics and compliance academic research to start our week: a study from Australia demonstrating that deferred compensation is indeed a good way to curb misconduct risk among employees — and can even boost employee productivity, too. The study comes from Elizabeth Sheedy, business professor at Macquarie University and director…
Read MoreA Compliance Experiment in GIFs
Any compliance professional worth his or her salt knows that clever communication about ethics and compliance policies is crucial to winning over employees’ enthusiasm. So when a compliance officer (who shall remain anonymous) shared with me a prototype “anti-bribery compliance through GIFs” — well, that was too good not to publish. Therefore we humbly submit…
Read MoreTwitter Allegations: Begin at the Top
Corporate compliance and audit professionals might want to clear your schedules. The former head of security for Twitter has published a stunning whistleblower complaint against the company, alleging all manner of security failures at the social media giant — and that management then lied to the board and regulators about the severity of the problems. …
Read MoreFresh Approaches to Cybersecurity Risk
Every regulator and their uncle is climbing aboard the cybersecurity bandwagon these days. Before that bandwagon starts rolling away with itself, however, we might want to ask whether corporate audit and compliance teams, and even the regulators themselves, are going about all this in the wisest way possible. Two recent posts on Radical Compliance capture…
Read MoreLessons in the HanesBrands Cyber Attack
Before we all forget, compliance and audit professionals should note that HanesBrands coughed up an ugly quarterly report last week — and one principal reason for that awful report was a ransomware attack that apparently cost HanesBrands $100 million in lost revenue. The ransomware attack itself is not news; Hanes disclosed the matter on May…
Read MoreWisdom From a Compliance Dinosaur
The other week I had coffee with a veteran compliance officer passing through town. This CCO has worked at numerous global organizations, some of the biggest names in his industry and to the public at large. So when my friend — we’ll call him the Dinosaur, since that’s how he described himself — started talking…
Read MoreAttestations for Cyber Controls
Last week I was in Atlanta speaking to a group of IT auditors. Conversation turned to the SEC’s proposals for expanded disclosure of cybersecurity risks, and attendees raised a good question: Does this mean that CISOs and other executives will need to attest that, yes, the company’s cybersecurity measures are effective? Under the text of…
Read MoreI Talked Compliance With BlenderBot
Everyone knows I’ll talk ethics and compliance with just about anybody. So when Facebook decided to roll out its new AI-driven chatbox, of course I swung by its website and started asking the bot what it thought of corporate compliance programs. The bot, apparently named BlenderBot 3, was launched on Monday. People can strike up…
Read More‘Reasonably Designed’ Programs, Part II
Our post last week about the lack of clear standards for a “reasonably designed” compliance program drew lots of comment from compliance professionals — enough that the issue deserves continued exploration, since there’s plenty more to say on the subject. First let’s consider a concrete example of the confusion that could arise here. Imagine your…
Read More