SEC’s Push for Better Cyber Governance


Today I want to revisit the SEC’s proposed new rules requiring public companies to disclose more about their cybersecurity risks. Those plans would obligate companies to discuss how the board and senior management address cybersecurity risk at a strategic, enterprise level. What’s that all about?  In a previous post about the SEC proposals, I considered…

Read More

Tesla’s Governance Issues Keep Coming


Compliance officers, today we all owe a thank you to California state labor regulators. Why? Because we’re always looking for examples of poor corporate governance to discuss, and those regulators served up a stunner at the end of last week: Tesla.  You may have already heard the basics. Last Thursday the California Department of Fair…

Read More

Ozy Media’s Governance Flop


You may have missed this, but last week a media business with oodles of funding from Silicon Valley closed up shop because of flawed leadership behavior that culminated in accusations of fraud. Which gives us yet another opportunity to talk about the importance of board governance to keep leaders’ ethical conduct correct. The media business…

Read More

Jerry Falwell and CEO Oversight


The Lord works in mysterious ways, and compliance professionals witnessed that again this week. The Supreme Being sent us a flock of governance lessons to consider from the downfall of Jerry Falwell Jr., who just resigned as president of Liberty University amid a sex scandal. Falwell had been leader of the evangelical college since 2007.…

Read More

Governance Lessons From the Postal Service

Postal Service

Radical Compliance always strives to find the latest, best illustrations of corporate governance gone wrong that we can dissect for lessons everyone else can learn. Today we have a gem: the U.S. Postal Service.  By now you probably know at least the contours of the story. The U.S. Postal Service is a money-losing operation, and…

Read More

IIA Unveils New Three Lines Model


The Institute of Internal Auditors has unveiled a revamped version of its famed Three Lines of Defense model for risk assurance. Perhaps the most notable change: no longer calling it the Three Lines of Defense.  Instead, the IIA guide is now officially known as “The Three Lines Model” — a nod to criticism over the…

Read More

When Covidiocy Strikes Corporate Governance

For several weeks now we’ve been spot-lighting good practices in corporate governance and compliance during the Covid-19 crisis. Today we’re flipping the script to call out some stupendously inept corporate behavior in these difficult times. Everyone, say hello to the Boston Sports Club. BSC is one of those upscale urban personal fitness chains; you probably…

Read More

7 Compliance Items to Watch for 2020


Welcome to 2020, everyone! This has been a long winter break, but before we return to the grind of emails to answer and staff meetings to avoid, let’s spare a few moments to ponder how the corporate compliance landscape might evolve in the coming year.  Without further delay, then: my annual list of compliance issues…

Read More

Management Override and Navy SEALs

management override

Keeping pace with all the ethics and compliance lessons one can learn from the Trump Administration is no easy task. Nevertheless, we have yet another one: the perils of management override, as demonstrated by President Trump’s determination to keep a disgraced Navy SEAL in military service. The story evolved quickly over the weekend. It begins…

Read More

IIA Proposes Three Lines Update

internal audit

Internal audit professionals, fire up your keyboards. The Institute of Internal Auditors is calling for public comment about possible updates to its Three Lines of Defense model of risk assurance. The proposed updates are now available on the IIA’s website. You can download, read, and ponder them at your leisure; and start offering feedback on…

Read More