Click on the link below for the Chronicle’s story, stating that a new investigation report concludes that UC interfered with the state internal auditor’s audit of UC, including changing survey answers or results. I have previously blogged about the state auditor’s audit of UC, and, frankly, as an ex-auditor and after having been involved in litigation as an attorney for many, many years, I was and still am complimentary that the state auditor held her ground and called thing as she believed them to be – that can be a tough situation to be in, and I would be interested to hear whether the state auditor herself felt any pressure from any sources.

Let me also add that I have heard stories for years about internal auditors and compliance professionals, and also, sometimes, external auditors, who have felt pressure to conduct their activities, or to report findings, in a manner that was contrary to how they thought a particular matter should be handled or reported.

It is my understanding that the investigation report will be coming out, perhaps today. I haven’t seen the actual investigation report – I always like to see the actual source information or document – too much “news” today is skewed with intentional or unintentional bias, or is incorrectly reported, or is reported in a summary manner that causes the “news” to not be correct or to be misleading, or is reported with an objective in mind, or uses adjectives instead of facts and evidence, or is anonymous or from anonymous sources, or is really more opinion than facts and evidence (“opinion-jour”), etc. And there are always two sides to a story, and sometimes three, four, or more sides. There was a saying several years ago, trust but verify. I believe the options are: (1) trust and don’t verify, (2) trust but verify, (3) question but verify, or be skeptical but verify, and (4) don’t trust but verify, or distrust and verify. I’m at least at (3), and often at (4). Below is the link to the Chronicle article:

http://www.sfchronicle.com/bayarea/article/Report-says-UC-president-s-office-improperly-12358268.php

That’s all for now. Of course, each situation is different.

David Tate, Esq., Royse Law Firm, Menlo Park, California office, with offices in northern and southern California. http://rroyselaw.com

Royse Law Firm – Practice Area Overview – San Francisco Bay Area and Los Angeles Basin

• Corporate and Securities, Financing and Formation
• Corporate Governance, D&O, Boards and Committees, Audit Committees, Etc.
• Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
• International
• Immigration
• Mergers & Acquisitions
• Labor and Employment
• Litigation (I broke out the litigation because this is my primary area of practice)
•             Business
•             Intellectual Property – Patents, Trademarks, Copyrights, Trade Secrets
•             Trade Secrets, NDA, Accounting Issues, Fraud, Lost Income, Royalties, Etc.
•             Privacy, Internet, Hacking, Speech, Etc.
•             Labor and Employment
•             Mergers & Acquisitions
•             Real Estate
•             Owner, Founder, Investor, Board & Committee, Shareholder, D&O, Etc.
•             Insurance Coverage and Bad Faith
•             Lender/Debtor
•             Investigations
•             Trust, Estate, Conservatorship, Elder Abuse, and Contentious Administrations
• Real Estate
• Tax (US and International) and Tax Litigation
• Technology Companies and Transactions Including AgTech, HealthTech, Etc.
• Wealth and Estate Planning, Trust and Estate Administration, and Disputes and Litigation

Now that oversight of the entity’s “culture” has reached the boardroom, where do you start if culture hasn’t really been on the radar? As you might know, for example, whereas the new COSO ERM framework lists culture and governance at step one, it doesn’t go into too much detail or guidance about what these might include, but leaves it for every organization to decide for itself what enterprise risk management will involve and include in these and other areas and steps. If the organization’s culture really hasn’t been on the radar, I suggest that you consider or start with the employee handbook and policies, and the code(s) of conduct – evaluate whether those are currently sufficient or need updating, and then run through the ERM process for the conduct described or listed. Of further interest, below I have pasted snapshots of a current NACD website page discussing culture (and that you can obtain a NACD discussion paper online), a summary of a possibly ERM process (significantly based on the new COSO ERM framework), some additional governance, ERM and audit committee items, and a link to a new Norman Marks discussion “Do we understand what a Risk Event is?

Thanks for reading, and best to you. David Tate, Esq., Royse Law Firm (Menlo Park, California, office) – I have also posted this discussion to http://lawriskgov.com.

Norman Marks “Do we understand what a Risk Event is: https://wordpress.com/read/feeds/254243/posts/1658495448

The Business Judgment Rule

In summary, as a general principle the business judgment rule provides that a director should undertake his or her duties:

-In good faith, with honesty and without self-dealing, conflict or improper personal benefit;

-In a manner that the director reasonably believes to be in the best interests of the corporation and its shareholders; and

-With the care, including reasonable inquiry, that an ordinarily prudent person in a like position with like expertise would use under similar circumstances. The rule itself doesn’t require a particular level of expertise, knowledge or understanding; however, as you might be aware, public company audit committee members do have such a requirement, and you can at least argue that, depending on the facts and circumstances, a board or committee member should have or should obtain a certain unspecified level of knowledge or understanding to be sufficiently prepared to ask questions, evaluate information provided, and make decisions.

Reliance Upon Other People Under the Business Judgment Rule

In the course and scope of performing his or her duties, a director must necessarily obtain information from and rely upon other people. An independent director is not involved in the day-to-day operations of the business. The director provides an oversight function. Pursuant to the business judgment rule, a director is entitled to rely on information, opinions, reports or statements, including financial statements and other financial data, prepared or presented by any of the following:

-Officers or employees of the corporation whom the director reasonably believes to be reliable and competent in the relevant matters;

-Legal counsel, independent accountants or other persons as to matters that the director reasonably believes are within the person’s professional or expert competence; or

-A committee of the board on which the director does not serve, as to matters within that committee’s designated authority, so long as the director acts in good faith, after reasonable inquiry as warranted by the circumstances, and without knowledge that would cause reliance to be unwarranted.

That’s it for now. Thanks for reading. David Tate, Esq., Royse Law Firm, Menlo Park office, with offices in the San Francisco Bay Area and Los Angeles