It is the first Friday in October and I am back with my celebration of classic monster movie month. This year I am returning to the roots, with one of Universal’s original greats The Mummy. Over the next three weeks I will be going through the five Universal movies featuring the creature returned to life through the desecration of his tomb of eternal damnation.

The first appearance was appropriately entitled, The Mummy, and was released in 1932, starring Boris Karloff. In many ways I found this to be the most hauntingly filmed of the classic monster movies. Perhaps this was due to the director Karl Freund, who was in his directorial debut for this film. He is probably best known as Universal’s top cameraman and the person who set up some of the great shots for the gamut of Universal pictures in the 1930s. His use of shadings in the black and white era added an aura of mystery that is not present in today’s films. This original movie in the Mummy series, is probably the best visual feast of all the classic Universal Picture horror films.

One cannot see the movie, or indeed write about it, without talking about the makeup artist, Jack Pierce, one of the truly greatest makeup artists of any era. He headed Universal’s Makeup Department until 1948 and personally created the makeup for all of the classic Universal Pictures monsters. While most people think of Frankenstein’s monster as Pierce’s greatest creation, I agree with his self-assessment that The Mummy was his true masterwork. The application of the makeup was arduous, taking up to eight hours of work on Karloff to complete the 3,000 year old look for the Mummy.

For me, most haunting scene is one which occurs quite early in the movie. After a spell is read aloud, bringing Karloff as the Mummy to life, the casket which houses the Mummy is left open allowing the Mummy to escape into the present-day world. One of the young archeologists sees the Mummy walk out of the room and immediately goes insane. I can hear his haunting scream in my head to this day. But here is the key to making this scene so powerful, we never see the Mummy; the only thing we see is some of the rags trailing from his body as he walks out of the room. Too bad today’s gore-fest directors have forgotten what real terror can be.

The basic story line is that Imhotep, the High Priest of Egypt, was mummified after the Pharaoh found out he had fallen in love with the Pharaoh’s wife Princess Anck-es-en-Amonand. As a Mummy, Imhotep was condemned to eternal damnation and his soul would never to go the afterlife. After he is released from this curse in the 20th Century with the reading of the spell, Imhotep searches for the reincarnation of the Princess. He finds her in modern day London, as Helen Grosvenor, played by the alluring Zita Johann; the Mummy tries to convince her she is the reincarnated Princess Anck-es-en-Amonand and to join him in an eternal love affair. Grosvenor prays to the goddess Isis who sends a ray into Imhotep which turns him into dust.

So, the compliance angle here? It is the dust in end that Equifax created from its statements over the past week and actions which led to the massive data breach in the first place. The former head of the company, Richard Smith, testified before Congress that the entire breach was the fault of one lone employee. Yes, you read that right, the rogue employee myth lives. Admitting that the company had received the security warning that part of its security software, Apache Struts, had a deficiency and needed an upgrade to install a patch. A Memo was sent to the IT Department and Smith literally testified before Congress that one Equifax employee ‘didn’t read the memo’ and did not install the patch. Of course, all this happened in March some three months before the breach occurred. Equifax either did not verify the update was installed or could not do so. Further none of the company’s internal controls or other redundant back-ups picked up this mis-adventure.

Another interesting compliance angle and one which may be even more instructive than former Chief Executive Officer (CEO) Smith’s inane defense were the actions of the company’s General Counsel (GC), John J. Kelley. While most reports have focused on Kelley’s role in allowing senior executives to dump their stock before the public announcement of the security breach, thereby saving them millions; I was more interested in Kelley’s multiple roles in the organization. In addition to be GC, he was also Chief Compliance Officer (CCO) and a host of other roles. According to the Equifax website, Kelley was responsible for “legal services, global sourcing, security and compliance, government and legislative relations and more.” The head of security reported to him. As I have previously noted, law schools simply do not prepare lawyers for the compliance role and certainly not all the roles that Kelley took on.

Another clear sign that Equifax was headed for a massive crash in the dust is also found in the company’s Board committee charters and the make-up of its Board of Directors. It should not surprise many reader that Equifax did not have a Compliance Committee on the Board. More troubling, for a company which is in the specific business of buying and selling data, it did not even have a data governance or other similar committee.

While the Board did have two members who are retired CEOs of technology companies; the Board did not have any compliance expertise on the Board. Just as Wells Fargo and Uber demonstrated, when you do not have a commitment to compliance, extending up to the Board; a company cannot adequately prevent, detect and remediate a significant issue; let alone respond in an adequate manner.

Just as Imhotep literally turns to dust to end the movie, Equifax’s claims are dust in the wind. One thing I forgot to mention is that as it is a 1932 production, it is pre-Code. So be on the lookout for some interesting ladies garments. As I said, a visual feast for all.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at