• United States



AIG Bonus Payout Due to Contract Requirements? Gordon Gekko is Alive and Living at AIG

Mar 16, 20095 mins
Business ContinuityCareersData and Information Security

abstract background light blue
Credit: Illus_man/Shutterstock

I would bet that the CSO at AIG is begging for dollars to secure his environment yet he can't get it. I would bet his budget is well below $168M and I would also bet that your data is at risk at AIG. Is this an irresponsible statement? Maybe, but the ethos exhibited by AIG in light of the current economic crisis are deplorable and would suppose that security takes a backseat just as shareholder value has.

I would recommend that the Obama (CIKR) administration require all companies receiving bailout dollars to disclose any and all security and risk posture information including audit findings, threat and vulnerability information, incidents, breaches, and other such items. I would also require that a certain percentage of the funds flow directly to information security to shore up the deficiencies within 6 months or face penalties. Then CISOs and CSOs would not have to beg for leftover table scraps. If the current administration really wants to drive cyber security, then start with these companies.

They say they must pay the money out since they have contracts that require it. These contracts must say that we pay regardless of performance and I would bet that they say if you perform, you get even more.  AIG has a couple different Codes of Conduct espousing high ethical behavior. If this is the case, then the officers and other staff receiving the $168M should donate it all back to worthy causes since they certainly did not earn it. I have also seen corporations ignore such contracts. It is a matter of will.

Even so, the administration can't abrogate existing contractual obligations without shaking confidence in the legal system, Summers said. (Lawrence Summers, director of the White House National Economic Council)

"The easy thing would be to just say, you know, 'Off with their heads,' and violate the contracts," he said. "But you have to think about the consequences of breaking contracts for the overall system of law."

Hmmm. I would bet that compliance with regulations are not met on a continuous basis and are these laws not contracts? I wonder how many SOX deficiencies they have (significant deficiencies and anything that is material)?

Are you mad as hell?

The flow of some of the initial bailout dollars that AIG received when to firms such as Goldman Sachs, Societe Generale, Deutsche Bank, Merrill Lynch, Morgan Stanley, Bank of America and Barclays.  AIG paid more than $75 billion in the final months of 2008 to numerous domestic and foreign banks, as well as to various U.S. municipalities (sending our money back into the system to many organizations who received bailout dollars themselves - it is just a family affair).

Corporate Responsibility (directly for AIG):

Since our founding nearly a century ago, the AIG Companies (Collectively “AIG”) have focused on being a leader in corporate social responsibility. As a global financial services organization, we have committed our resources to developing products and services that address the needs of our clients as well as promote a corporate culture that values integrity, diversity, innovation and excellence.

AIG recognizes that its investments in support of our customers, employees and the communities in which we operate are critical to our success. AIG's ongoing efforts to be an outstanding corporate citizen and promote responsible and sustainable business practices are essential to our long-term business objective of creating value for our shareholders and serving the interests of our clients.

If AIG truly believes in exhibiting social responsibility and demonstrating the behavior of a good corporate citizen, then give the money back since giving the $168M out to the top few percent of employees does not increase shareholder value.

This Code of Business Conduct and Ethics ("Code") embodies the commitment of American International Group, Inc. and its subsidiaries (collectively, "AIG") to conduct its business with the highest ethical standards and in accordance with all applicable laws, rules and regulations of the countries in which AIG engages in business. All members of the Board of Directors, executive officers, and senior financial officers are expected to adhere to the principles and procedures set forth in this Code. Directors, executive officers, and senior financial officers that are also AIG employees are also required to abide by AIG's Employee Code of Conduct, which is not part of this Code.

In the employees code of conduct that all must adhere to, there is a clause that must apply to the recipients of the $168M:

Waivers of the Code

From time to time, AIG may amend or waive certain provisions of this Code. Any employee who believes that a waiver may be appropriate should discuss the matter with their business unit compliance officer. Only the AIG Board of Directors or its Nominating and Corporate Gov-ernance Committee may grant a waiver of a specific provision of the code for an executive officer of AIG.

What is also quite striking is that much of this money is retention pay! It just demonstrates how mediocrity bands together to ensure the status quo.

If you are really upset about the current 'requirement' to payout $168M in bonuses from your tax dollars - let them know – Tell them to give it back and to allocate more funds to information security while you are at it. (What is really interesting is that AIG offers` cyber identity theft insurance –

For some reason, I don't think I'll be applying ...