Help | Contact Us | About Us | Advertise | Reprints | Editorial Calendar | Reports | Newsletters | Subscribe | Testimonials

Compliance Week

Not a member? Subscribe Today | Forgot password?

Remember me

Putting Pornography to Good Use

April 26, 2010

Print
Email
Reprint
Text: A | A | A

More The Big Picture

RELATED TOPICS

SEC

Let’s talk about pornography.

Personally, I’d rather keep picking about the Securities and Exchange Commission’s fraud charges against Goldman Sachs, or the kabuki theater transpiring in the Senate this week before lawmakers go ahead and approve the regulatory reform bill everyone already knows will pass. But occasionally more interesting news crops up, and such was the case when yet another porn-on-the-job scandal emerged at the SEC late last week.

The broad contours of the scandal are pretty clear: Several dozen SEC staffers have been caught watching pornography at work, rather than doing more productive tasks like preventing the financial crisis. One senior enforcement attorney averaged more than eight hours a day eyeing X-rated websites; another tried to access 1,800 porn sites in the span of two weeks and admitted it was “kind of a distraction, per se.” Yet another apparently watched porn involving under-aged boys and may face criminal charges. Anyone who wants to see a full list of the sites under SEC scrutiny, so to speak, can find it on Gawker.com—although if those sites aren’t work-safe for the SEC, assume they’re not work-safe for you either.

Still, despite all the prurient interest, the compliance community does indeed have a teachable moment here. In fact, we have two.

First, the most alarming news from the porngate scandal is that the SEC has serious internal control failures. One employee apparently circumvented porn-blocking filters simply by plugging a flash-drive into his computer. Another uploaded his own videos onto porn websites using his SEC-issued computer. Exploiting control failures to watch porn is ridiculous enough, but employees could also have exploited those failures to steal financial information, upload a virus into SEC systems, or commit other misconduct. That is what should worry people, starting with the five SEC commissioners. A poor internal control environment at the SEC is nothing new; the Government Accountability Office flunks the SEC on its internal controls almost annually. But the GAO specifically faulted data security controls at the agency in 2007, and this news leads me to believe the problem continues.

Second, three weeks ago the SEC announced the hiring of its first-ever chief compliance officer—and then promptly relegated her to a mid-level rung on the SEC’s influence ladder, where she oversees compliance with SEC rules about which financial transactions employees can or cannot make. That set off a small storm of protest from compliance purists, who complained that a true CCO should have wide-ranging power to oversee all ethics and compliance issues and should answer directly to top management. I agreed with them.

Well, the purists are back again, burning up the messages boards at the Society of Corporate Compliance and Ethics. They rightly note that violating porn policies at work is precisely the sort of ethics and compliance issue a CCO should address, and I agree with them again. Donna Boehme, a former chief compliance officer at British Petroleum and now head of Compliance Strategists Corp., put it best:

The SEC’s focus solely on financial compliance mirrors the same mistake that financial institutions have traditionally made. The result is a non-financial compliance problem that has a devastating impact on the organization's reputation and license to operate. Having an empowered, senior compliance and ethics officer reporting directly to the top would have been one important step to detecting and addressing this risk before it reached the front pages of the news.

Boehme is exactly right. Consider the alternative: The SEC catches and disciplines employees on a case-by-case basis for various policy violations; some lawmaker unhappy with the SEC directs government auditors to investigate the agency; that report is mysteriously leaked to the media at some politically inopportune time for the Commission. Events followed that path here, when Sen. Charles Grassley, R-Iowa, directed the SEC inspector general to study the porn problem—and that report then appeared in the media one week after the SEC’s own suspiciously timed charges against Goldman Sachs, just as the Senate began taking up debate over regulatory reform.

Can we not do better? Really?

Compliance Week Podcasts ...

Every week we chat with leading thinkers in compliance, auditing, risk management, public policy and more. These short (10-15 minutes) interviews are free to all. Follow Compliance Week podcasts on iTunes.

Compliance Week LinkedIn Group

Compliance Week now has a companion group on LinkedIn, where members can network and discuss the compliance and governance news of the day. Open to all compliance professionals, free to join.

Survey of the Week

Deloitte is conducting their annual Look Before You Leap: Managing Risks in Global Investments survey to better understand the approaches companies are taking to address compliance and integrity-related risks in emerging markets.

Thought Leadership

View from the Office of the CAE
Sponsored by Grant Thornton

FCPA Compliance
Sponsored by Kroll Advisory Services

Upcoming Webcasts

World of Records Management
Sponsored by Iron Mountain

ERP Security "Health Check"
Sponsored by ControlPanel GRC

Event of the Week

World Class Financial Assurance
Sponsored by Infor

COMPLIANCE WEEK SITEMAP

TOPICS

Accounting and Auditing
Boards and Committees
Case Studies in Compliance
Compliance and Technology
Electronic Discovery and the Revised FRCP
Enforcement & Litigation
Enterprise Risk Management
Ethics & Codes
Executive Compensation
FASB and Financial Accounting Standards
The Foreign Corrupt Practices Act
Internal Control Over Financial Reporting
International, Global Issues
Majority Voting, Proxy Issues
Shareholders & Institutions
Stock Option Expensing
Sustainability and CSR
The McNulty Memo and Penalty Guidelines
Whistleblowing & Hotlines

Databases

Class-Action Filings
Class-Action Settlements
Investigations & Probes
Bylaws & Policies
Codes of Business Conduct
Corporate Charters
Compensation Discussion & Analysis
Internal Controls
Management Discussion & Analysis
Whistleblower Guidelines

Columnists

Robert Herz
Harvey L. Pitt
Richard M. Steinberg
Bruce Carton
Louis M. Thompson
Scott Taub
Davis and Lukomnik
Additional Columnists

Blogs

Reese Darragh
Bruce Carton
Tammy Whitehouse
Matt Kelly
Global Glimpses
Scuttlebutt
GRC Announcements

More

Help
Contact Us
About Us
Advertise
Reprints
Permissions
Editorial Calendar
Reports
Newsletters
Subscribe
Testimonials
Sitemap

Subscribe to our RSS feeds

RSS

© 2012 Haymarket Media, Inc.

This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions

Compliance Week provides general information only and does not constitute legal or financial guidance or advice.