Your Equifax Data is at Risk! Who’s at Fault, Will They Ever be Punished?

PERSPECTIVE-Equifax suffered one of the most significant data breaches ever, exposing confidential information stored within its network. What’s more, three executives sold a fair slice of their personal shares in the company after the event was discovered and before it was communicated to authorities and the public. Oh, and the sales were not part of a 10b5-1 arrangement through the SEC. The purpose of this arrangement is to minimize the risk of insider training by scheduling sales in advance. 

The company claims none of its executives knew anything about the breach when they sold. 

Section 302 of the Sarbanes-Oxley Act (SOX) states that the CEO and CFO are directly responsible for the accuracy, documentation and submission of all financial reports as well as the internal control structure. 

Every quarter, the CEO, CFO and others certify the effectiveness of the internal controls to the SEC.

One of the executives who sold his stock was the CFO. 

Chief Financial Officer John Gamble sold shares worth $946,374 on August 1, two days after the hack was discovered. It is inconceivable that the breach was not escalated to his level within 48 hours, given the responsibility he has under the law. I have seen less significant internal control failures reported internally in that amount of time. 

There will be investigations; if there was any cover-up, someone will talk, e-mail trails will exist.

But will anyone be convicted? After all, no head of a major lending institution was sentenced criminally as a result of the mortgage meltdown. 

There is yet a bigger question: how many credit rating services do we need? 

Would the nation suffer if Equifax ceased to exist? 

Think back to earlier scandals such as Enron and WorldCom. Unlike Equifax’s, those were of a financial nature, but poor internal controls set the stage for the fraud. SOX was passed by Congress in response. 

Both of those companies are gone. Are we worse off today without them?


(Paul Hatfield is a CPA and serves as President of the Valley Village Homeowners Association. He blogs at Village to Village and contributes to CityWatch. The views presented are those of Mr. Hatfield and his alone and do not represent the opinions of Valley Village Homeowners Association or CityWatch. He can be reached at: Prepped for CityWatch by Linda Abrams.