Star Wars – Compliance Building

Compliance Lessons from Star Wars – Rebels

With the pending release of Episode VIII – The Last Jedi, I’m joining Tom Fox in tying compliance and the Star Wars franchise together in some posts this week. Star Wars is about the rise of the evil galactic empire and the rebels who fight against it. I think some Bitcoin advocates are trying to be the rebels who portray the the Federal Reserve as the evil Galactic Empire. The battle is for freedom of money.

“This is a fantastic fundamental hedge and store of value against autocratic regimes and banking infrastructure that we know is corrosive to how the world needs to work properly,” said Chamath Palihapitiya, the founder of Social Capital and an early Bitcoin investor. “You cannot have central banks infinitely printing currency.”

In response to that, I give you this picture of the Treasury Secretary showing a new sheet of money to his wife dressed in Darth Vader garb. (Add a helmet and it’s complete)

Of course the Treasury is not the Federal Reserve and this printed money is not the same as the Federal Reserve buying bonds with money pulled out of thin air. Since we have entered a post-factual world in Washington, I’m not sure we need to let facts get in the way of a great picture.

The underlying technology of Bitcoin, blockchain, is a brilliant shared ledger. It has the ability to replace some proprietary databases of transactional information. I’m less interest in Bitcoin itself. Digital currency moves control of the currency from the central banks to computer servers. While currency can be inflated be the central banks, Bitcoin is limited to a slow creation on the servers running blockchain.

As a naysayer, I failed to see the rise of Bitcoin. If I had a bought a few bitcoins when I first looked down my nose at it, I would have made a pile of cash.

The Federal Reserve, at the heart of the Galactic Empire, has pushed Bitcoin aside. Janet Yellen, the current Chair of the Board of Governors of the Federal Reserve System on Wednesday called Bitcoin a “highly speculative asset” and “not a stable source of value”, and “it doesn’t constitute legal tender.” In response, Bitcoin did not back down and the exchange rate stayed stable. The empire would have to find other ways to attack cryptocurrency.

The rebellion has grown from Bitcoin to other cryptocurrencies. They are launching their attacks in Initial Coin Offerings. No initial coin offerings have been registered with the Securities and Exchange Commission as the sale of securities. They are operating outside the oversight of the SEC, failing to give purchasers/investors the protections that come with SEC registration and oversight.

If you invested in an ICO, should you be worried that the offering might be targeted by the SEC? Yes, you should be worried. That ICO is Alderaan and the SEC has the Death Star. A million voices will scream out about the injustice. So much real money and false value will be destroyed.

The SEC stopped an ICO this week for Munchee. Munchee was seeking $15 million to improve an existing iPhone app for restaurant meal reviews and to create an “ecosystem” in which Munchee and others would buy and sell goods and services using the tokens. The company emphasized that investors could expect that efforts by the company would lead to an increase in value of the tokens and it would take steps to create a secondary market for the tokens. As the SEC has said in the DAO Report of Investigation, a token can be a security based on the long-standing facts and circumstances test that includes assessing whether investors’ profits are to be derived from the managerial and entrepreneurial efforts of others. The Munchee ICO was an illegal IPO.

The Empire of regulatory oversight has many factions. This week the IRS won a case against Coinbase, one of the largest digital currency brokers. The IRS claimed that virtual currency gains have been underreported based on the disproportionate number of taxpayers reporting gains from Bitcoin compared to the number of Coinbase account holders. Coinbase has approximately 5.9 million customers and has provided $6 billion in Bitcoin exchanges. However, the IRS has identified only 800 to 900 taxpayers in each of the years from 2013 through 2015 who reported gains or losses that the IRS believes are “likely related to bitcoin.”

The battle will rage on. Rebel cryptocurrency against the regulated dollar. Which will allow you to buy a coffee at Dunkin Donuts? and which will you use?

See Tom’s posts:

Compliance Lessons From Star Wars – Lies

With the pending release of Episode VIII – The Last Jedi, I’m joining Tom Fox in tying compliance and the Star Wars franchise together in posts this week.

I’ve always been trouble by the lie from Obi Wan Kenobi to Luke Skywalker:

“Darth Vader betrayed and murdered your father.”

It’s the little lies that lead to bigger lies and bigger problems. Some of the ponzi schemes I see start with a sponsor telling a little lie about performance results. Then the sponsor is trapped chasing those untrue returns. That leads to bigger lies and bigger problems as the deficit between actual results and fictional results grow.

We saw the little lie growing with Bernie Madoff. Decades ago he missed his returns and lied about them. At some point he just gave up and didn’t pretend to chase the returns anymore. That became to a multi-billion dollar deficit between actual results and the fictional results he told investors.

Plenty of ponzi schemes are formed as frauds from the outset as a way to separate people from their money. They start off with outlandish returns and promises of guaranteed results. There is a subset of these frauds that had started out with good intentions but misstep into these little lies that lead to downfall.

Obi Wan’s lie to Luke sends Luke into an ill-chosen battle with Darth Vader. Luke is seeking revenge for the death of his father. Things don’t go well for Luke in a battle against one of the fiercest warriors in the galaxy.

The cynic in me might point out that the lie was not intentional. Behind-the-scenes lore of the Star Wars franchise tells us that the plot turn in Empire Strikes Back, and told further in Episodes II and III, may not have been envisaged when Star Wars was made. For the pure of heart, we can assume the Kenobi was just trying to protect Luke from the truth.

Compliance Lessons From Star Wars – Hacked

With the pending release of Episode VIII – The Last Jedi, I’m joining Tom Fox in tying compliance and the Star Wars franchise together. Starting at the beginning with Star Wars, or what is now Episode IV – A New Hope, the climax is the destruction of the Death Star.

One of the complaints about the movie is the plot hole allowing “the ultimate power in universe” to be destroyed by a a group of small fighters. As we learned in Star Wars – Rogue One, the Death Star was hacked. The developer left a back door: a small, two meter-wide thermal exhaust port which would lead straight to the station’s main reactor. The developer leaked the plans to rebels who launched their attack.

Clearly, the Securities and Exchange Commission is very focused on cybersecurity. Particularly, since the SEC’s EDGAR database was hacked last year. In speeches, actions and warning about exam priorities, the SEC puts cycbersecurity at or near the top of the list.

The focus on cybersecurity is not just to take the steps to harden your systems to prevent the hack, but creating a response plan in case you discover you are been hacked or have been hacked. Clearly, a flaw in the defense of the Death Star was not sending out enough imperial fighters to counter the rebel attack. The defense plan never expected an attack by small ships.

The death of Grand Moff Tarkin was not taking the threat seriously.

OFFICER
We’ve analyzed their attack, sir,
and there is a danger. Should I have
your ship standing by?

TARKIN
Evacuate? In out moment of triumph?
I think you overestimate their
chances!

Tarkin underestimated the chances and disappeared from the Star Wars movies until last year’s Rogue One prequel to Episode IV. Never underestimate a cyber-attack on your firm.

As many cybersecurity experts have told me, it’s not “if” you will be subject to an attack, it’s “when” you will be subject to a cyber-attack. Don’t suffer the imperial oversight failure of Tarkin. Be vigilant for weakness.

May the Force be with you.

Although Tom decided to ignore Episodes I-III in his posts, I will advocate for using the “machete order” for viewing the movies: IV, V, II, III, VI.

The key problem is that Mr. Lucas changed the end of VI so that Anakin is now played by Hayden Christensen. You will have no idea who that person is if you have not seen II or III. Plus II and III fill in the backstory of Anakin. You will note that Episode I, the worst of the movies, is left out. That removes Jar-Jar almost completely, removes midochlorians, and removes trade disputes. In return, you get a bigger universe, a better understanding of the threat posed by the emperor, and the redemption of Anakin.

Jedi Training and Compliance Training

As I was gently caressing my tickets for tonight’s early premier of Star War: The Force Awakens, another compliance thought came to mind. The Star Wars saga shows three examples of Jedi training. One of which falls far short of the compliance standard.

We see glimpses of the younglings training at the Jedi Temple. That was the standard method at the time, giving their plastic young minds the right message from early on. We don’t know how well the training went because Anakin slaughtered them in Episode III.

In Episode V, we see Yoda’s training of Luke in the swamps of Dagobah. That seems to work, even though the training seem incomplete. At the end of Episode VI, Luke is tempted by the Emperor to come to the Dark Side. Doing so will save his friends. Luke is tempted, but does not cross the line.

We see Obi-Wan Kenobi’s training of Anakin Skywalker in Episodes II and III. Young Anakin was already too old for the Jedi Council’s standards, but they relented to Obi Wan’s plea to take Anakin under his wing.

He is beloved as a character, but Obi Wan falls short in compliance training.

He pushed the Jedi Council to break its rules and allow Anakin to begin training. As we see in Episode III, he was too old and had become too attached to his mother.

The one key to Jedi training is to avoid the Dark Side. Obi-Wan failed to see the signs and put Anakin into remedial training. Anakin is tempted to the Dark Side and crosses the line.

The key goal to compliance training is teaching employees where the line of good and bad is and to stay away from the line. The employee may perform well or not, but you don’t want the employee to cross the line to the dark side.

Obi Wan was lured by the prospect that Anakin was supposed to be the “chosen one,” restoring balance to the Force. He broke the rules to get him into Jedi training. He overlooked Anakin’s shortcomings and misteps because he thought he was the “chosen one.” In the end, the training failures lead to the destruction of the Jedi, the rise of the Galactic Empire and the loss of millions of lives.

The Compliance Failure of the Death Star

The Death Star was touted as the “ultimate power in the universe.” But a few proton torpedoes managed to destroy the entire station. It didn’t make into the trilogy, but I assume there would have been an ensuing investigation that would have looked at the failures that lead to loss. At least I imagined there must have been while my family was re-watching the Star Wars movies in anticipation of this week’s premiere of Episode VII.

The entire series starts with Darth Vader pursuing Leia Organa because she has gotten her hands on the technical readouts for the Death Star. If the Empire was so sure that the battle station was invincible, it would not have been so concerned. At least you would think so. But perhaps it’s just a plot device.

Grand Moff Tarkin, who had overseen the construction of the Death Star, dismisses the idea that the moon-sized battle station is at risk from an attack by small fighters. He is right. The risk is very small. It was a small, shielded exhaust port. he shot “was impossible, even for a computer.”

The first attack run resulted in the destruction of the fighters. The second attack run hit the target but merely impacted on the surface. It is only the Luke Skywalker with his Force assisted attack that manages to hit the difficult target correctly. T

Of course the outcome is catastrophic so there was clearly a mistake in the design of the station.

The Emperor was not happy and began a culling at the highest ranks of the Empire, executing officials such as Moff Coovern and Minister Khemt, believing that their incompetence was partly to blame for the station’s annihilation. That does not sound like great way to run a “lessons learned” post-action review.

We don’t know if the design was improved for the Death Star II. It too was destroyed, but under different circumstances. It was, in part, constructed as trap to destroy the Rebel Alliance. The Emperor left it appearing vulnerable, when it was in fact fully operational, with the a huge portion of the Imperial Fleet hidden nearby. The flaw was in the Emperor’s plan by overlooking the capabilities of the local Ewoks.

In the end, I say it was not a compliance failure, it was a governance failure. The Emperor ran his organization through fear, using Darth Vader to intimidate of kill those dared question the Emperor. Grand Moff Tarkin executed the Emperor’s orders, creating a massive battle station that could destroy planets and star cruisers. But they overlooked the small things. And that lead to their downfall.

I don’t think the Emperor would have tolerated a compliance program. Unless you view Darth Vader as the CCO.

It was the arrogance of the top leadership failed to see the risks and thought they could see everything, unaware of their blind spots.

If you want more Star Wars and compliance mash-ups, check out Tom Fox’s posts this week:

Darth Vader and the New York Stock Exchange

Is this going to improve the image of the stock market? Darth Vader ringing the opening bell at the NYSE?!

Lucasfilm Ltd. Brings the Force to the New York Stock Exchange This Holiday Season – press release

After more than 30 years, Star Wars maintains its position as the #1 selling licensed toy property in the US, with sales over 60% ahead of any other toy license, and 25% ahead of the nearest boys toy property. To mark the occasion, Lucas Licensing’s Howard Roffman rang The Opening Bell.