Oops, I Did It Again, and Again, and Again, and Again

How Many Consecutive "Accidents" Does It Take?

The topic title may lead you to believe that this story is about our favorite bipolar lipsyncing trainwreck, however I'll leave that never-ending saga to the tabloids. What I'd like to know, is how a ship accidentally cuts an undersea internet cable five times within a week!

Looks like we have another incision in the undersea lifeline of the Internet -- the fifth one in a week's time. This underwater cyberartery has recently seen more surgery than Dr. 90210's office just before the Oscars.

This series of events has really put a scare into the "niche group" of people that rely on the Internet for daily life. The truth is, approximately 90 percent of all Internet traffic is routed through these undersea cables, while only about 10 percent is routed through satellite. So a few more of these "accidents", and we'll be back to downloading important Internet data at the speed of a 300 baud rate modem.

Let me go out on a limb here. I don't think these are accidents anymore. It's not enough that the Egyptians have already shot holes in the whole, "it's a ship anchor" theory, citing the absence of the primary requirement for this theory to hold water -- a ship. What's more, is that there is no realtime monitoring of the cables, making it a prime target for sabotage.

But the real tipping point for me comes from my Six Sigma training, and my understanding of risk, which I would like to share with you. To illustrate, imagine that I have a deck of cards that I've shuffled thoroughly, and I pulled out a card at random; the Jack of Spades. If I posed the question, "Am I holding a stacked deck ( a deck that fosters non-random selection, used for magic and cheating )?" you'd probably say, "No."

Now if I pulled the second card; the Queen of Spades; you may pause for a second but it's still probable everything is on the up and up. The third card comes out; 10 of Spades. The fourth; Ace of Spades. Now you should at least be considering some sort of wrong doing. After the fifth card is pulled; King of Spades, most people would be comfortable with the statement that the deck is stacked somehow. Although it's possible this could happen in a normal deck, a threshold has been crossed where it just doesn't see possible.

When setting up comparative testing ( testing to see if two sample distributions are statistically different ), a widely accepted alpha risk is 5%. In layman's terms, the alpha risk usually translates to the risk of taking some action based on the hypothesis that the two sample distributions are different, when in fact there is no difference.

The undersea super-artery of the Internet. Courtesy of Diving Co.

For example, lets say, in an effort to improve compliance proficiency, you take a sample from your New York office, and a sample from your San Francisco office. The results of your analysis confirm that there is a statistical difference between the two operations, and further indicate that the San Francisco office is more proficient. Based on this information, you decide to take action; making your New York operations look more like your San Francisco operations. In this scenario, your alpha risk is the risk that, even though your statistics are showing a difference between the two operations, there is actually no difference, and you've taken an action that will produce no value. An alpha risk of 5% indicates that you're willing to accept 95% confidence that this won't happen.

The reason why a 5% alpha risk is so widely accepted, goes back to the stacked deck example. It just seems like that is the point at which any suspicion is put to rest, and people feel comfortable accepting the remaining risk that they could be wrong.

This is exactly what happened with me and the ship anchor theory. The first time I heard it, I thought it was an unfortunate shame. The second time, I thought it was odd, but still accepted the theory. By the fifth time, I'm not buying it at all.

I'm not pointing any fingers, but once I heard about the fifth incident, I-ran to the press to find out more details. Without naming any specifics, there have been suspicions raised about a certain country deliberately sabotaging the Internet, which I-ran by some educated colleagues. After some deliberation, we reached a certain consensus, which I-ran by more experts. So, think what you will, by my vote is in. Definitely sabotage, and most certainly conceived and executed by an unnamed country.

Unfortunately, deception is a fact of life, especially in the circle of governance, risk, and compliance. Keep your eyes open, and remember the 5% alpha risk. If things just don't seem right, they probably aren't.

Don't Be Late for the XBRL Train

Understanding XBRL and its Business Impact

XBRL, our center stage topic this month, is primed to become the most important formatting standard that the compliance industry has ever seen. SEC Chairman Christopher Cox recently reaffirmed his alignment with XBRL by stating, “In 2008, following years of evaluation and experience through the SEC's voluntary XBRL pilot program, the Commission will consider a rule for the use of interactive data by U.S. reporting companies that will parallel efforts already underway in other countries.”

So, in anticipation of an SEC ruling making XBRL a mandatory component of financial statement submission, let's take a look under the hood and see how it will shortly impact issuers.

But first, what exactly is XBRL?

XBRL stands for eXtensible Business Reporting Language. It's a standard based on XML ( eXtensible Markup Language ), which you might already be familiar with. Information Technology has been using XML quite extensively over the last few years, to foster efficient and accurate data communication between systems, like web services in a Services Oriented Architecture ( SOA ). XML is itself a standard way of representing data.

There's no binary black box like compiled code; everything is done in plain text. You can open up any XML document and read it, although it may be confusing to understand unless you understand the standard. XML is like HTML in a lot of ways, only more strict ( i.e. case sensitive, and much more picky about start and end tags). Contrary to what some people might think, the HTML standard is not based on XML and would not pass strict XML formatting rules. There is however an XHTML standard which is an XML compliant standard that performs the same purpose as HTML. As time goes on, the web development community is embracing the XHTML standard more and more, over the less precise HTML format.

Having a strict formatting standard makes XML a great candidate for communicating data between systems, however the format must be extended before it can be used for any practical purposes. In the XHTML example, XML is extended for representing and displaying web pages. With XBRL, XML is extended for the purpose of representing financial statements. Once your financial statement is encoded in XBRL format, its actual data elements ( not just numbers and text ) can confidently be transmitted to any other system, including EDGAR, without the fear of losing its meaning and accuracy. For instance, with your XBRL statement, EDGAR can determine what your gross revenue is for a period, without the need for complicated parsing routines that are prone to error. This is a natural and significant improvement for EDGAR, which has its roots in simple text transmissions ( ASCII ), and is now relying on HTML to accept financial data from issuers.

Okay, how do you know XBRL will work for you?

First of all XBRL is not new. For about 10 years now, the effort has been pioneered, promoted and proven by XBRL International, a non-profit organization of approximately 550 companies and agencies worldwide. Over the years, they have had plenty of time to improve the standard, making sure it works for a variety of situations, including the accurate tagging of data in financial statements.

Secondly, XBRL application for SEC filing has been piloted for some time now. In 2005, the SEC established a Voluntary Filing Program to test the XBRL filing process with the EDGAR database. To date, approximately 55 companies have been involved in over 240 submissions of XBRL data on EDGAR.

Finally, it is being used today by organizations all around the world. There are several case studies available at the XBRL International website to review, including the Bank of Spain where more than 400 banks are filing on a monthly basis, and the Bank of Japan where financial services companies have been filing since 2006.

So, how will XBRL improve your situation? What's the ROI?

In a nutshell, XBRL is more time efficient and accurate, reducing your total cost of compliance. According to the Journal of Accountancy's June 2007 issue, United Technologies reduced their 10-Q preparation process cycle time from 845 hours to 700 hours, marking a 17% improvement.

The total investment in time was 80 hours, to learn the new software and tag the 10-Q data. The cost of the software was nominal ( under $1000 ), so with a possible total investment of $6,600 ( I'm estimating $70 / hr in labor ), I estimate they are saving $10,150 per quarter, or $40,600 per year. In reality, United Technologies opted to spend a total of $40,000 on the effort, which included the software, the 80 hour implementation time and learning curve, and an external audit of their scenario by a big four auditing firm. Of course the external audit was entirely optional, but even with the added expense, their 5 year annualized ROI% of 81.5% ( estimated based on assumptions ) for the effort is quite respectable.

Of course, this is just one example. After reviewing the United Technologies case study, my feeling is that their process cycle time could be reduced even more, in fact significantly. I could probably get their 10-Q preparation process cycle time to under 100 hours with proper automation. In fact, I would set a target of 45 hours, which would represent a savings of $56,000 per quarter, or $224,000 per year. In 5 years time, that's a savings of over $1 Million. That's huge!

Great, so what's next?

If you would like to find out more about XBRL, visit the XBRL International website. There is a wealth of information there, including more technical details, case studies, updates and more.

If you would like to get started with an XBRL effort, feel free to give me call to discuss.

When More Meetings are a Good Thing

How to Run a Daily Meeting

When running your compliance project, how often are you involved in a project status meeting. Once a week? Once every two weeks? Studies show that the most effective project teams meet once a day.

For project champions, meeting daily is the best way to stay on top of what's happening with the project team, and for project managers it is essential for making minor adjustments to the goal, or responding to risk events before they get out of hand. But how do you organize a daily meeting without being hanged by your project team? Follow these time-tested tips, and your team will love you for it.

Tip # 1: Keep the Meeting to 15 Minutes

This is absolutely vital, which is why it's listed first. Nobody wants to be involved in a daily meeting that is scheduled for an hour, and consistently runs over another 30 to 60 minutes. This may become challenging with a larger team, however I've personally worked worked through 10 team members, and I know of teams where 20 team members were involved. I'd say if you have more than 20 people talking ( see notes on meeting roles below ), you should use another format. Otherwise, 15 minutes is the hard target.

It will take some practice, but proactively strive to end the meeting between the end of minute 14 and the end of minute 15. Once you cross the 15 minute mark, you have exactly 3 more minutes and no more. If you go over ( even one minute ), apologize to the group, and make a point to mention that you respect everybody's time, and you'll try harder next time to end on time. Never exceed the 15 minute mark by more than 3 minutes. Doing so will cause you to lose the respect of the team, for this meeting.

Start the meeting exactly on time ( to the second ). Show up at least 5 minutes before the meeting to get setup ( setup project artifacts, open conference call lines, etc. ). At the project kickoff meeting, explain how the meeting works, and set the ground rules, including when the meeting starts, and that nobody is allowed to be even slightly tardy.

Tip # 2: Follow a Strict 3 Question Format

There are only three things you need to know from each person talking ( see notes on meeting roles below ):

• What did you do yesterday?
• What are you planning to do today?
• Is there anything stopping you from getting your job done?

Systematically circle the room with each person answering these three questions. If you are managing the group ( i.e. waterfall project ), make a quick comment after each set of answers, or engage in a quick dialog, then move to the next person. If you are coaching the group ( i.e. agile project ), have each person ( or pair ) address the group, and allow a very brief discussion, then move on. At the slightest hint of a rathole or problem solving discussion, use the parking lot ( see notes on parking lot below ).

To emphasize, do not allow problem solving in this meeting. You can easily eat up the whole 15 minutes and more on one problem. If something can very quickly be solved, solve it. Otherwise, make a note and handle it offline.

Also, do not "ease into the meeting" with small talk. Start the meeting exactly on time with the first person. 5 to 10 minutes can easily be blown talking about yesterday's football game or presidential debate.

Tip # 3: Meet in Person, and Have Everybody Stand Up

This is especially important for anybody talking ( see notes on meeting roles below ), and of course the project manager or coach. Trying to do this over the phone is messy and prone to a lot of time-consuming technical problems, so try to avoid at all cost.

Of course, if you have a team member that is physically out of the area, you may need to compromise. In this case, they must promise to be calling from a reliable phone line ( no cell phones ), promise to be focused with no distractions ( not even laptops ), and promise to be standing up like the rest of the group.

It's important that everybody physically meet in the same room or area everyday, and stand up. Standing up stresses the importance of having a short meeting. Nobody is going to have a long meeting while they are standing up. If you have the opportunity, it's a good idea to setup the room with no tables or chairs at all. This also helps keep out distractions like laptops.

Which brings up another important point -- no distractions are allowed. No laptops, notebooks, or other distracting material. Cell phones and PDAs should be turned off.

Any meeting notes can be recorded on an easel by a recorder, and if people are worried about walking around with their cell phone off, you can include a reminder at the end of each meeting to turn cell phones back on.

Tip # 4: Understand and Respect Everybody's Role

As you can tell, strong facilitation is absolutely necessary to meet all of your meeting objectives. Part of this is understanding everybody's role in the meeting.

If there is a recorder and / or timekeeper, they should be established ahead of time and be prepared. A recorder is handy to take care of the parking lot ( see notes on parking lot below ), and other things people want to be reminded of ( remember, no notetaking in the meeting ). A timekeeper is nice to remind everybody of the time. I suggest a gentle reminder at minutes 5, 10, and 14.

The most important key in meeting roles and responsibilities, is knowing who is allowed to talk, and more importantly who is not allowed to talk. The project team members ( the people actually doing the work ) are allowed to talk, in the order and format described above ( see notes on format above ). If this is a managed project ( i.e. waterfall project ), then as the format allows, the project manager is also allowed to talk. If this is a coached project ( i.e. agile project ), then the coach should only talk for facilitation purposes ( i.e. setup, close, and shutdown ratholes ). Everybody else is not allowed to talk until the end, where a simple "thank you" is about all that's appropriate. The one exception to this rule, is when somebody talking asks a direct question to somebody that's otherwise not allowed to talk. In this instance, a very short dialog can be exchanged with a short leash. As noted above, the project manager / coach should step in the instant a rathole or problem solving session starts to develop, and parking lot the issue.

Tip # 5: Use a Parking Lot for Side Conversations and Problem Solving

To help out with important discussions that will take too long for this meeting, a parking lot should be established. This is best accomplished with an easel and an assigned recorder. When the discussion starts to take a tangent, the project manager / coach should step in and say, "okay, we need to put this issue in the parking lot and move on."

It's very important that parking lot issues are addressed at a later time. These issues will not be handled in the daily meeting. You will need to organize a supplemental meeting to work through the issue with only the required people.

There are a few strategies for handling the parking lot, depending on the circumstances, however never ignore the parking lot until the next day. If people start getting the impression that the parking lot is just a way to cut them off, they will not respect it, and subvert your meeting objectives.

If you only have one or two issues in the parking lot at the end of the meeting, reserve a minute or so before the 15 minute mark to organize a follow up meeting or two. You can do it directly after the daily meeting, do it in about 15 minutes ( enough time to get settled ), or schedule another time that works for everybody involved. If you can't get it resolved before the 15 minute mark, take it offline with the people involved.

If you have a good pile of items in the parking lot, call a follow up meeting to go over the parking lot items. I know it sounds a lot like a meeting to discuss meetings, but you have to use your time effectively while respecting everybody else's time.

It's usually not hard to work out if you are already in touch with your team's dynamic. The important thing is to do something, and not blow everybody off until tomorrow.

Running an effective daily meeting can boost your communication efforts, while avoiding or eliminating the need for long, boring meetings that suck your time and energy. Although initially the idea sounds like a bad idea, following some simple principles can really make the difference. Short meeting times, proper facilitation, and knowing everybody's role are keys to your success. If you are currently holding a weekly project meeting, try going daily. Your project communication will soar as a result.

Warner Music CEO Sings the Blues

CEO Edgar Bronfman Jr. Accused of Insider Trading

CEO Edgar Bronfman, Jr. Courtesy of Warner Music Group

Edgar Bronfman Jr. , CEO and Chairman of Warner Music Group, is in the soup for some alleged insider trading activities back in his Vivendi Universal days. Judiciaries in France have filed preliminary charges against the former Vivendi executive vice chairman, based on strong evidence that suggests involvement in the wrongdoing. An investigation will now be launched that will either result in a trial, or dropped charges.

Thierry Marembert, Mr. Bronfman's lawyer states that he "has cooperated fully with French inquiries into Vivendi Universal share transactions" and that "[his] transactions have at all times been proper."

The probe started in 2002, when angry shareholders filed a complaint against the media conglomerate, claiming they were mislead into either purchasing or holding Vivendi shares. Investigators are now trying to determine if the company willfully falsified financial statements for the fiscal years 2000 and 2001, and issued deceptive forecasts.

The charges claim that in January 2000, Bronfman, the then CEO of Seagram, sold Vivendi shares just ahead of the Vivendi / Seagram merger in June 2000.

Yes, even in France this is considered illegal.

Frozen Grand Central

What to Do When Things Don't Make Sense

Life unscripted is so much more entertaining than scripted comedy, and here's a great example given to us by Improv Everywhere, a New York based prank collective. Their latest stunt? Have about 200 people just freeze in the middle of Grand Central Station. It's hilarious to see real life in action; people trying to process something that doesn't make any sense. Take a look at this 2 minute clip of the prank:

On your compliance projects, be prepared for situations when things just don't make sense. It's called a cognitive dissonance when what you are observing doesn't add up to what you know of the situation. Let's hope this doesn't happen within your project team, but it very well can happen with stakeholders, especially those on the periphery of your effort.

In almost all cases, the root cause here is communication. You are missing an important piece of information. In the example above, the unknowing people at Grand Central Station were not in on the prank, so things didn't make sense. The whole industry of magic and illusion is based on this principle -- they just don't give you all the information. If the secret is revealed, everything makes sense again.

If you notice a cognitive dissonance with a person or group that can be influential to the success of your project ( like the board of directors ), you've got to act immediately. Confront the issue right away with a platform of honesty and transparency, explaining that your project cannot succeed unless all the information relevant to the project be made available. Be assertive if necessary.

And if your stakeholders go into catatonic shock, don't worry. The joke might be on you!