I couldn’t quite bottom out exactly what EY was saying, but I’m pretty sure it wasn’t that. On your interpretation, EY said, “who EAs are fucking is none of [wider] EA’s business [except people who are directly affected by the COI]”. But he goes on to clarify “There are very limited exceptions to this rule like ‘maybe don’t fuck your direct report’ ”. If that’s an exception to the rule of EAs fucking being only of interest to directly affected parties, then it mean EY thinks an EA having sex with a subordinate should be broadcast to the entire community. That’s a very strict standard (although I guess not crazy—just odd that EY was presenting it as a more relaxed / less prurient standard than conventional financial risk management).
It also doesn’t address my core objection, which is that EA leadership failed very badly to implement proper financial risk management processes. Generally my point was that EA leadership should be epistemically humble now and just implement the risk management processes that work for banks, rather than tinkering around and introducing their own version of these systems. Regardless of what EY meant, unless he meant ‘We should hire in PWC to implement the same financial controls as every Fortune company’ then he is making exactly the same mistake EA leadership made with FTX—assuming that they could create better risk management from first principles than the mainstream system could from actual experience
By the way, I disagree with the objective position here too. Every FTX investor needed to know about the COI and the management strategy FTX adopted in order to assess their risk exposure. This would be the standard at a conventional company (if the company knew about such a blatant COI from their CEO and didn’t tell investors at a conventional company then their risk officers would potentially be liable for the fraud too, iirc)
I couldn’t quite bottom out exactly what EY was saying, but I’m pretty sure it wasn’t that. On your interpretation, EY said, “who EAs are fucking is none of [wider] EA’s business [except people who are directly affected by the COI]”. But he goes on to clarify “There are very limited exceptions to this rule like ‘maybe don’t fuck your direct report’ ”. If that’s an exception to the rule of EAs fucking being only of interest to directly affected parties, then it mean EY thinks an EA having sex with a subordinate should be broadcast to the entire community. That’s a very strict standard (although I guess not crazy—just odd that EY was presenting it as a more relaxed / less prurient standard than conventional financial risk management).
It also doesn’t address my core objection, which is that EA leadership failed very badly to implement proper financial risk management processes. Generally my point was that EA leadership should be epistemically humble now and just implement the risk management processes that work for banks, rather than tinkering around and introducing their own version of these systems. Regardless of what EY meant, unless he meant ‘We should hire in PWC to implement the same financial controls as every Fortune company’ then he is making exactly the same mistake EA leadership made with FTX—assuming that they could create better risk management from first principles than the mainstream system could from actual experience
By the way, I disagree with the objective position here too. Every FTX investor needed to know about the COI and the management strategy FTX adopted in order to assess their risk exposure. This would be the standard at a conventional company (if the company knew about such a blatant COI from their CEO and didn’t tell investors at a conventional company then their risk officers would potentially be liable for the fraud too, iirc)