Published by Ethical Board Group Limited | www.ethicalboardroom.com
Autumn 2017 Australia: Shareholder activism on the rise How activists are transforming the corporate landscape
COSO ERM 2017 What CEOS and boards need to do
Keeping it above board Incorporating climate change into board agendas
Building competence can address financial risks of climate change
Divestitures done right
When a piece of your company no longer fits
Outside-in board evaluations
Minimising the risk of a data breach
9 9772058 611002 772058 611002
SECURE YOUR DATA
UK ÂŁ9.95 USA $14.99 CAN $16.99 EUR â‚Ź11.99
11 06
INFORMATION GOVERNANCE
How assertive will shareholders become?
ISSN 205 8- 61 1 6
Your Bank More than 190 Branches More than 1,5 million Clients Province of
Luanda (117 Branches)
Cacuaco
City of Luanda Viana Belas
BFA is growing with Angola. With 16 Corporate Centres, 9 Investment Centres and 165 Agencies across the country, it now serves more than 1,5 million Clients. With a competitive and wide range of financial services available and a commercial network that reaches almost every part of the country, BFA is growing to meet all its Clients’ needs wherever they are and wherever they need to be. For further information on how to start or strengthen your business relations with Angola, visit any BFA Agency, Corporate Centre, Investment Centre or go to www.bfa.ao
in Angola. Cabinda (7 Branches) Soyo
Uíge (2 Branches)
Dundo
Negage
N’zage
Caxito Province of Luanda
Lucapa N’dalatando
Catete Porto Amboim
Dondo
Cacuso
Saurimo (2 Branches)
Malanje
Calulo
Gabela Waku-Kungo
Sumbe
Luena
Bailundo
Catumbela Benguela (6 Branches)
Kuito Lobito Huambo (11 Branches) (4 Branches) Ganda Caála Cubal Caconda
Lubango (8 Branches) Namibe
Menongue
Matala Chibia
Tômbua Ondjiva
Santa Clara (2 Branches)
N
Ethical Boardroom | Contents
52
COMMENTARY
10
Looking into the crystal ball Heightened sensitivity towards data security will heavily influence information governance practices in 2018
12
The ROI of leadership that inspires change Organisations that strive to inspire, serve and seek to do good in the world gain more than just profit margins
14 16
Passive investor: Active owner A not-so-subtle approach to framing the future Boards can make the world a better place Companies are increasingly embracing the UN’s sustainable development goals
EUROPE
18 20
Global News: Europe Corruption, bribery, IPO research and a board revamp When sustainability chimes with stability For an economy to be sustainable, it needs to be stable. And for an economy to be stable, it needs a reliable financial infrastructure. But what does this entail?
BOARD LEADERSHIP
30 12
22
From the outside in Board evaluation: what investors are looking for from corporate leaders
26
Board evaluations: Good defence & good offence How is your board grading its own performance?
28
The science of inclusive and effective boards Psychology has much to say around decision-making, biases and assumptions in the boardroom
30
A smarter way to corporate governance The new reality is moving beyond regulations and towards a forward-thinking approach, heavy on ethics and culture
4 Ethical Boardroom | Autumn 2017
34
www.ethicalboardroom.com
Contents | Ethical Boardroom
34
Transforming organisational culture Using governance to transform culture, performance and results
THE AMERICAS
38 40
Global News: The Americas Gender diversity, good governance and fraud
14
Codelco’s covenant of trust The Chilean state-owned copper miner is committed to transparent and auditable management
42
AVANGRID: Utility of the future Maximum transparency and evolving policies are the cornerstones of the energy giant’s corporate governance
BOARD GOVERNANCE
44
40
CONTENTS
Lessons learned by an auditor Education never ends if you’re to stay ahead in the auditing world
46 48
PCAOB: Minding the GAAP Is auditor regulatory oversight beneficial for public companies? In governance we trust Corporate misconduct has eroded trust; governance frameworks are key to rebuilding it
52
Remuneration practices in 2017 A cross-border analysis reveals increasing shareholder support towards management compensation, but issues do persist
54
Legal assessments benefit the bottom line An outside perspective can address gaps in resources or a misdirection of efforts
58
COSO ERM 2017 Why should boards around the world care about the 200-page US guidance? The answer might surprise you
ASIA
62
16 www.ethicalboardroom.com
Global News: Asia Corporate governance, corruption and diversity
Autumn 2017 | Ethical Boardroom 5
Ethical Boardroom | Contents
64
Hairline cracks in the glass ceiling More board diversity is needed in South Asia but there are signs that women are rising through the ranks
68
Boardroom investment and engagement in Japan Companies with actively involved share owners perform better over the long term
70
India’s independence call Companies are still struggling to come to terms with the ‘outsider’ model of corporate governance
THE EB 2017 CORPORATE GOVERNANCE AWARDS
74
72
Introduction & Winners list We reveal our 2017 Asia and Australasia Award winners
82
74
Media Prima: Tuned in to good governance Ethical Boardroom talks to Datuk Kamal Khalid, the company’s Group Managing Director, about a commitment to good governance
AUSTRALASIA
76
Global News: Australasia Sustainability, investor engagement and board misconduct
84
ACTIVISM & ENGAGEMENT
78
Charting rise of shareholder activism in Australia Activists are transforming the Australian corporate landscape
82
Promoting good governance in Canada Shareholder engagement is key, says the Canadian Coalition for Good Governance
84 88
Successful divestitures When a piece of your company no longer fits: what boards should know From risk to opportunity How corporate boards can build competence to address the financial risks of climate change
112
92
Climate enters the boardroom What business leaders need to know about climate reporting and staying ahead of the game
6 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
Contents | Ethical Boardroom
MIDDLE EAST
96 98
Global News: Middle East Gender diversity, family business and foreign investment Governance and compliance management in utilities Thriving in today’s closely regulated environment requires companies to move with the pace of their industry and society
78
REGULATORY & COMPLIANCE
100
While the cat’s away Building and sustaining high-quality ethics and compliance programmes is an essential strategy
104
The benefits of compliance training Why executive boards should invest in educating employees on company laws, regulations and policies
106
Gearing for GDPR The simple lack of a policy audit trail could cost dearly from May 2018
RISK MANAGEMENT
108
88
Is cyber risk a D&O risk? Directors’ and officers’ litigation: the relative materiality of cyber exposures
120
112
Cyber resilience: A business priority Cyber exposures are an operational risk to manage, not a problem to solve
AFRICA
116
Global News: Africa Corporate governance codes, remuneration and corruption
TECHNOLOGY
118
Better board papers: Opportunity to improve board effectiveness How can we ensure productive and effective discussions occur? Let’s start by looking at the quality of board papers
120
The tech impact: Empowering boards In search of the holy grail of board work: a clarion call for smarter technology
www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 7
Ethical Boardroom | Foreword
Welcome to the Autumn 2017 edition of Ethical Boardroom magazine
FCA and the Saudi IPO — a step too far? Potentially the biggest equity sale in history, the initial public offering of oil giant Saudi Aramco has not only sparked intense competition among global exchanges but has led to the UK’s market regulator becoming mired in controversy, too.
Plans for Aramco’s dual listing on the Saudi stock market and an international exchange for 2018 sit at the heart of Crown Prince Mohammed bin Salman’s ambitious Vision 2030 reform programme that aims to move the country away from its reliance on oil into other industrial sectors. By selling around five per cent of the state-owned oil company, Prince Mohammed expects to raise about $100billion if it achieves its valuation of $2trillion. With the world’s exchanges vying for a piece of the huge prize, the UK Financial Conduct Authority’s (FCA) decision to unveil plans that would pave the way for Saudi Aramco to float in London via an easier route on to the stock exchange has left investors agape. The FCA has proposed a rule change that would allow state-owned companies, such as Aramco, to apply for a special category of premium listing with less onerous disclosure and regulatory requirements. Under the FCA’s proposal, the likes of Aramco would not have to get approval from outside shareholders for
8 Ethical Boardroom | Autumn 2017
transactions with the state and they would not have to give independent shareholders a vote on who should serve as independent directors. But should rules be changed in order to attract large state-backed companies that are reluctant to meet more stringent corporate governance requirements? For some, the idea of a $2trillion Saudi oil company picking London for its stock market listing – giving the UK a much-needed boost in the wake of Brexit – would make bending the rules worthwhile. But weakening rules that are designed to protect shareholders is a slippery slope. As many have warned – there are many reasons why national governments may seek to use state controlled enterprises to pursue politically-motivated or public policy-driven goals. The FCA proposals could dilute protection for private investors against interference from foreign sovereign company owners and impact the UK’s world-class reputation for upholding strong corporate governance. In this issue of Ethical Boardroom, contributor Héctor Lehuedé discusses the purpose of corporate governance to ‘create an environment of trust, transparency and accountability necessary to obtain long-term investment, financial stability and sustainable growth’ (page 48). While on page 30, Cristina Ungureanu chats about smart corporate governance principles and the importance of approaching governance with the view of being responsible towards investors, employers, customers and acting as a force for good in society.
www.ethicalboardroom.com
Contributors List | Ethical Boardroom
Our thanks to this issue’s contributing writers SALLY AFONSO Compliance advisor within the financial services industry
PATRICIA J. HARNED Chief Eexecutive Officer, Ethics & Compliance Initiative
ASHOK KUMAR ANJAN Chief Compliance Officer, Dubai Electricity and Water Authority (DEWA) DR DOYIN ATEWOLOGUN Lecturer in Organisational Leadership and Learning, Queen Mary University of London
KEVIN KALINICH, JACQUELINE WATERS & CHRIS RAFFERTY Kevin is the Global Practice Leader, Cyber Insurance, Jacqueline is the Management Liability Legal & Claims Practice Leader and Chris is the US Sales & Growth Strategies Leader, Management Liability, Aon Risk Solutions
ROBERT BARKER Managing Director, BarkerGilmore
DATUK KAMAL KHALID Group Managing Director, Media Prima
JASON R. BARON Of Counsel in the Information Governance and eDiscovery Group at Drinker Biddle & Reath LLP, Washington, D.C.
OSCAR LANDERRETCHE Chairman of the Board of Codelco
FABIO BIANCONI Director at Morrow Sodali DR DEBRA L. BROWN Chief Executive Officer, Governance Solutions
CHRIS LANDIS Division CEO, SIX Swiss Exchange TIM J. LEECH Managing Director at Risk Oversight Solutions Inc HÉCTOR LEHUEDÉ Senior Manager, OECD Corporate Affairs Division
MARK EDGE UK Managing Director, Brainloop
JEREMY LEIBLER Partner at Arnold Bloch Leibler
STEPHEN ERLICHMAN Executive Director, Canadian Coalition for Good Governance
PAULA LOOP & CATHERINE BROMILOW Paula is a PwC partner and the leader of PwC’s US Governance Insights Center. Catherine is a PwC partner in PwC’s Governance Insights Center
NANCY FALLS CEO of The Concinnity Company TAYLOR GRIFFIN & WILLIAM STERN Taylor is Chief Operating Officer. William is Managing Director, The Miles Group
YOSHIKAZU MAEDA Head of Responsible Investment, GO Japan R. SCOTT MAHONEY Senior Vice President, General Counsel and Secretary; Chief Compliance Officer of AVANGRID
TOM McLEOD Managing Consultant, McLeod Governance BOB PARISI Cyber Product Leader, Marsh VEENA RAMANI Director of the Capital Market Systems Programme at Ceres JULIAN ROBERTS Chief Executive Officer, EssentialSkillz Ltd JOHN ROE Head of ISS Analytics DR TONY ROOKE Director of Reporting, CDP VLADISLAVA RYABOTA Regional Corporate Governance Lead, IFC South Asia ANNE SHEEHAN Director of Corporate Governance, California State Teachers’ Retirement System (CalSTRS) NEMIT SHROFF Associate Professor of Accounting, MIT Sloan School of Management JANE STEVENSON Vice Chairman, Board & CEO Services, Korn Ferry MAHENDRA SWARUP Chairman, Association of Independent Directors of India CRISTINA UNGUREANU Head of Corporate Governance, Eurizon Capital CAROLA VAN LAMOEN Head Active Ownership at Robeco
EDITOR Claire Woffenden DEPUTY EDITOR Spencer Cameron EXECUTIVE EDITOR Miles Hamilton-Scott ART DIRECTOR Chris Swales CHIEF SUB Sue Scott ONLINE EDITORS Allegra Cartwright, Hermione Bell PRODUCTION MANAGER Jeremy Daniels SUBSCRIPTIONS MANAGER Lucinda Green HEAD OF ONLINE DEVELOPMENT Solomon Vaughan ONLINE DEVELOPMENT Georgina King, Rosemary Anderson MARKETING MANAGER Vivian Sinclair CIRCULATION MANAGER Benjamin Murray HEAD OF SALES Guy Miller SALES EXECUTIVE Michael Brown PRODUCTION EDITORS Tobias Blake, Dominic White VIDEO EDITOR Frederick Carver VIDEO PRODUCTION Tom Barkley BUSINESS DEVELOPMENT Dammian Botello, Giles Abbott, Gerald Fox, Steven Buckley ASSOCIATE PRODUCER Suzy Taylor ADMINISTRATIVE ASSISTANT Abigail Fitzwilliam HEAD OF ACCOUNTS Penelope Shaw PUBLISHER Loreto Carcamo Ethical Board Group Ltd | Ethical Boardroom Magazine | 1st Floor, 34 South Molton Street, Mayfair | London W1K 5RG S/B: +44 (0)207 183 6735 | ISSN 2058-6116 | www.ethicalboardroom.com | Ethical Boardroom | twitter.com/ethicalboard Designed by Yorkshire Creative Media | www.yorkshirecreativemedia.co.uk. Printed in the UK by Henry Stone Printers. Images by www.istockphoto.com All information contained in this publication has been obtained from sources the proprietors believe to be correct, however no legal liability can be accepted for any errors. No part of this publication can be reproduced without prior consent from the publisher.
www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 9
Commentary | Information Governance
Looking into the crystal ball Heightened sensitivity towards data breach will heavily influence information governance practices in 2018 Predictions are notoriously bad at actually predicting the future. Dr Dionysius Lardner stated in 1830: “Rail travel at high speed is not possible because passengers, unable to breathe, would die of asphyxia.”
An 1876 internal memo from Western Union said: “This ‘telephone’ has too many shortcomings to be seriously considered as a means of communication. The device is inherently of no value to us.” James Watson, chairman of IBM, famously opined in 1943: “I think there is a world market for maybe five computers.” And who can forget a spokesman for Decca Records on declining to sign The Beatles in 1962: “We don’t like their sound and guitar music is on the way out.” With that significant caveat in mind, here are three predictions (along with some honourable mentions) as to what will be deemed important to get right or at least pay increased attention to during the coming year, as a matter of corporate information governance (IG).
1
General Data Protection Regulation (GDPR) compliance will drive greater attention and urgency to implementing IG solutions This prediction is almost a ‘no-brainer’. The GDPR, with its effective date of 25 May 2018, will be a key driver of greater attention being paid to IG, given the looming prospect of ongoing audits and fines for noncompliance with key privacy-related provisions. Among its many provisions, the GDPR requires that corporations get a handle on knowing where ‘personal data’ resides in corporate networks and repositories, which in turn will mean documenting that some kind of data inventory has been undertaken to identify such data generally and especially a subcategory of ‘sensitive personal data’. The latter category consists of personal data revealing a person’s ethnic origin, political opinions, religious beliefs, trade union membership, data concerning health, sexual practices or orientation and genetic or biometric data. Heightened attention must 10 Ethical Boardroom | Autumn 2017
Jason R. Baron
Of Counsel in the Information Governance and eDiscovery Group at Drinker Biddle & Reath LLP, Washington, D.C. be paid to putting in place protocols for employees in any enterprise consisting of a ‘data controller’ or ‘data processor,’ in order that everyone understands how to manage personal data in conformance with the GDPR and local law. The discipline of information governance is fundamentally all about corporations obtaining better visibility and insight into their data stores, in order to be able to intelligently assess risks and material weaknesses in how data is being preserved, as well as to assess the true value of the data in the company’s possession and control. For several years, leading advocates of best practices in IG have been advocating the formation of an IG council, with an interdisciplinary composition of key C-suite executives, including a chief legal officer, chief information officer, chief financial officer, head of information security, head of human resources and other key staff involved in the processing of corporate data. The GDPR requires that a data protection officer (DPO) be appointed with the portfolio for ensuring compliance with GDPR and local standards. A key challenge for each enterprise will be integrating the work of a DPO with whatever existing IG structure has been set up to monitor corporate data policies, especially with respect to retention, privacy and security of data. Corporations will need to find the right balance in devoting resources to meet increased risk under the GDPR, lest they end up spending too much on storage and creating other bottlenecks out of an abundance of caution. Escalating newly arising issues to an IG council may help in achieving that balance and will take on special importance in 2018. One perhaps overlooked aspect of GDPR compliance may mean a sea-change in the way corporations treat compliance with ‘tried and true’ records schedules. To date, most records schedules set out retention periods where the period effectively sets a minimum retention length for preserving records, without a great
deal of attention being paid if records (especially in electronic form) are held for a longer time period. With the GDPR comes a spotlight on record retention time periods also operating as a ‘maximum’ in cases of personal data, where the enterprise may be subject to audits aimed at ferreting out whether such data continues to exist notwithstanding its eligibility for destruction or deletion. breaches will continue unabated: 2 Cyber a wake-up call for IG oversight?
Almost just as certainly as the GDPR’s effective date, predictably the world will continue to see massive and not so massive data breaches at regular intervals through 2018. At the time of this writing, Yahoo and Equifax have been the latest corporate victims. Apart from the obvious measures that cyber experts recommend, increasingly boards of directors have been tasked with some measure of supervision and oversight with respect to what policies are being adopted by CEOs in anticipation that they will be the next hacking target. But is this enough? As noted in this space earlier this year, in light of the almost-certain risk involved in experiencing a data breach, it is highly recommended that board members expand their cyber-mandate to ask fundamental questions about the nature of the legacy data that the enterprise holds in all of its varied network systems and platforms.1 Asking the ‘why’ question – why the corporation is holding on to terabytes of legacy data in superseded applications and backup media – is the beginning of a strategy aimed at mitigating cyberthreat risks through data reduction. More generally, asking the question of how the enterprise categorises its information as to value v. risk should be useful in prioritising concrete IG-related activities. An IG council charged with delegating out the overseeing of data clean-up efforts should be working hand in hand with cybersecurity experts in asking these fundamental questions. Internet of Things (IoT) 3 The will increasingly impact on
corporate governance decisions The IoT is transforming the data landscape www.ethicalboardroom.com
Information Governance | Commentary and will continue to do so at an accelerating pace in 2018. According to one recent report, the proportion of IoT adopters ‘that have embraced IoT on a massive scale – more than 50,000 connected devices – has doubled since 2016.’2 Gartner has estimated that 11.2 billion connected things will be in use worldwide in 2018 and will reach 20.4 billion by 2020.3 This means the IG landscape must anticipate and deal with smart, connected devices streaming data into the enterprise from every imaginable corner of the globe and of every type: from consumer wearable biometric data, to data from smart objects in the home and automobiles (including driverless ones), as well as sensors covering energy and industrial grids. Although the scale, volume and variation of these new types of streaming data will pose new challenges, the basic framework of information governance first principles applies in this new domain as well. An IG council with representatives from the C-suite should systematically inventory new forms of data being collected within the enterprise and develop policies on retention, privacy and security that reflect a new data environment beyond email and other forms of user-generated applications on social media. trends coming 4 Other into focus in 2018
First, with each passing day it becomes clearer that artificial intelligence (AI) in the form of software and algorithms will increasingly predominate in non-traditional areas, including in providing informational insight and understanding of corporate data. Max Tegmark, in his recent book Life 3.0 (2017), includes an illustration of the ‘landscape of human competence’ where the rising sea level of
AI now engulfs human activities such as chess, Jeopardy!, Go and driving, with speech recognition and translation next up, and art, cinematography, book writing, science, AI design and programming still on the hills ahead to be conquered. Tegmark asks the question: How long will it take until machines can out-compete us at all cognitive tasks? (Emphasis in original.) An emerging public discussion of the ethics of AI as used in the corporate enterprise has been spearheaded by the call by members of the EU Parliament to have the body ‘propose rules on robotics and artificial intelligence, in order to fully exploit their economic potential and to guarantee a standard level of safety and security’.4
The discipline of information governance is fundamentally all about corporations obtaining better visibility and insight into their data stores, to be able to intelligently assess risks and material weaknesses in how data is being preserved Second, distributed ledger technology (commonly referred to as ‘blockchains’ in connection with Bitcoin and other crypto-currencies), holds out the promise in the near term of disrupting longstanding approved methods of recordkeeping, especially in the financial sector, but in many other private and public verticals as well. For example, in the US, the Securities and Exchange Commission, the Commodities Futures Trading Commission and the Federal Reserve all have published requests for comments and made other types of background papers available online. These
collectively describe how distributed ledger technology aims to provide greater security through a new form of ‘trusted’ system of interlocking blocks of data, each of which has had its information encrypted and verified by a network of computers in such a way as to make the data virtually immutable to modification by bad actors. Third, the various controversies that have arisen over the use by senior officials of ‘private email networks’ and other forms of apps as an ‘end-run’ around compliance with sanctioned official networks, are really just the tip of a ‘shadow IT’ iceberg that will become more apparent in 2018.5 It will be imperative that as a matter of IG policy both the public and private sector pay greater attention to putting policies in place that are understood by all employees, not just senior officials, to set out where corporate data, including intellectual property, is to be stored. Without such policies, Cloud-based information assets will prove increasingly difficult to control, representing an increasing source of reputational risk. 1 See Jason R. Baron, Information Governance Oversight: Questions For Board Members To Ask At The Board, Ethical Boardroom (Oct. 2017), https://ethicalboardroom. com/information-governance-oversight-questions-forboard-members-to-ask/. 2See IoT Barometer 2017/17, http://vodaphone.com/business/iot/iotbarometer. 3 Gartner Press Release (Feb. 7, 2017), http://www. gartner.com/newsroom/id/3598917. 4EU Press Release (Feb. 16, 2017), http://www.europarl.europa.eu/news/en/ press-room/20170210IPR61808/robots-and-artificialintelligence-meps-call-for-eu-wide-liability-rules. 5 See Jason R. Baron & Amy R. Marcos, Beyond BYOD: What Lies In The Shadows, Ethical Boardroom (August 2015), https://ethicalboardroomcom/beyond-byod-whatlies-in-the-shadows/
FORECASTING FUTURE TRENDS Data breaches will continue to drive information governance strategies www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 11
Commentary | Leadership
The ROI of leadership that inspires change Organisations that strive to inspire, serve and seek to do good in the world gain more than just profit margins Crises have a way of showing leaders and organisations in their best light or, conversely, of exposing all the cracks and seams.
As a recent example of the former, the most inspirational variety of leadership, consider Exhibit A: USAA, the San Antonio, Texas-based Fortune 500 diversified financial services group of companies. Service is the mantra USAA lives and breathes daily – from the top to the bottom of the organisation. Its mission of dedicated service informs everything it does, from how it treats employees to serving military members and their families. In late August, when Hurricane Harvey surged and flooded much of Texas, I reached out to USAA’s chief executive Stuart Parker, who responded: “We are OK, but are working to ensure our members’ and team members’ families are well and are doing all we can to help our members in harm’s way.” Wayne Peacock, the president of the Property and Casualty division, replied: “Finest hour for Team P&C. Spent two hours with front-line claims team this morning. Pretty amazing to see the commitment and passion to serve our members.” A week later, when Hurricane Irma was about to hit, Parker shared that, in advance of the storm, the USAA leadership team was setting up a temporary service centre operation outside Florida to be ready to serve USAA members who would need assistance after the storm. This was a complex manoeuvre that involved relocating employees and their families from their Florida service centre location to another area that would keep employees safe and enable them to demonstrate the care and service values that are at the very core of the USAA ethos. A highly successful organisation, USAA is proof positive that it is possible to do well by doing good. The process begins by purposefully articulating, demonstrating and reinforcing the behaviours that will ultimately define your culture. Following that initial step, there should be equally deliberate decisions about how these desirable behaviours will be explicitly and implicitly rewarded and reinforced and, at 12 Ethical Boardroom | Autumn 2017
Jane Stevenson
Vice Chairman, Board & CEO Services, Korn Ferry the other end of the spectrum, those that will be called out and not tolerated by having negative consequences – starting at the top. These critical, defining behaviours are both the building blocks and hallmarks of a company’s culture, which is, in turn, the crucial underpinning that either enables or derails the strategy. In fact, the culture an organisation builds and nurtures is the foundation for all positive outcomes, from great leadership to innovative products and services. Ultimately, companies get the culture they reward and deserve.
Focus on culture change
At Korn Ferry, we are seeing a markedly increased focus by companies on culture and, more specifically, culture change. In an increasingly competitive global business environment, many companies have latched onto culture change as something that can provide an edge, and there is growing awareness, underscored by a succession of news stories, of just how insidiously destructive the wrong culture can be. Culture change, or transformation, starts with recognising that culture is not a thing in itself that arises fully formed, but the product of myriad behaviours that are first identified, then rewarded, reinforced and, perhaps most important, modelled by the board and top leaders in the organisation. Moreover, culture is not an appendage that can be transplanted onto an existing organisation and then be expected to thrive. It is something that grows organically, from both the top down and the bottom up. It is unique to each organisation. It takes time to take root and has to be aided by the ongoing cultivation and consistency of leadership. The board can and should take a leadership role in shaping culture, working with the CEO and top team to review and regularly revisit strategic objectives and the behaviours required by management to ensure their success. While that varies by company, stage of growth and industry, in today’s environment it should go without saying that there should be zero tolerance
for behaviours that flout established legal and moral standards. But that’s just the baseline. Leaders have to check back in, taking the organisation’s ‘temperature’ on a regular basis. Behaviour is a reliable indicator of where the culture is moving, a ‘canary in the coal mine’, and undesirable behaviour patterns can and must be eliminated. That may require some soul-searching and interventions but, if done early enough and appropriately, with the right rewards and penalties, leadership can reboot and get back on track to creating the culture that will serve the organisation’s mission, vision and values. At Wells Fargo, for example, that recognition and intervention didn’t occur early enough. Employees got the message, loud and clear, that sales (real or not) were king and that the end justified any means. Leadership turned a blind eye to how amazing sales levels were achieved, rewarding those who hit unrealistically ambitious sales goals, despite warnings from ‘less successful’ employees. In retrospect, knowing what we do now, it’s no wonder the wheels fell off the Wells Fargo ‘stagecoach’, derailing the company’s strategy. Wells Fargo should be considered a cautionary tale of what can happen when behaviour and the resulting culture are not carefully watched and tended.
Defining supportive behaviours
Leaders can support an effective culturebuilding process by first defining those behaviours that will support strategic initiatives. What do they look like in operational terms? What should be rewarded and continually reinforced and how? What are the implications for compensation? Equally important, how will transgressors, particularly those whose behaviour flies in the face of bedrock values, be treated? That may speak loudest of all. Bear in mind that it is much easier and more effective to clearly define what should ideally be reinforced and manifested in the culture at the outset – closely linking those efforts to what will best support the strategy – than it is to change or transform a culture that is out of sync with desired results and www.ethicalboardroom.com
Leadership | Commentary behaviours, already embedded and therefore counterproductive. To that point, consider Exhibit B: Uber. The recent resignation of Uber Technologies Inc.’s founder and CEO Travis Kalanick was the culmination of six months of scandals for the Silicon Valley company, which is now trying to overhaul the very culture that initially fuelled its meteoric rise and was later responsible for its precipitous decline. Ongoing revelations highlighted a culture that tolerated alleged unethical and illegal behaviour. The fallout can be measured not only in terms of profits but also the harder-to-quantify damage to reputation, specifically as a desirable organisation to work for or invest in, or as a service that is safe to use. There is a long road ahead for Uber’s new CEO, Dara Khosrowshahi, who joined at the end of August. In his first official tweet, Khosrowshahi acknowledged the culture-rebuilding work ahead, saying: “This company has to change…what got us here is not what’s going to get us to the next level.” In another tweet, he indicated that he wants to bring in a chairman who can serve as his ‘partner at the board level’. We wholeheartedly agree. There are many other ‘Ubers’ now coming to light. Companies that, particularly at an early, entrepreneurial stage, were successful despite cultures that tolerated, even rewarded, destructive behaviour. The resulting dysfunctional, inhumane culture only becomes more and more of an albatross over time – particularly for companies that plan to go public – where both public scrutiny and the bar for acceptable behaviour are set at a dramatically higher level.
Demonstrating respect
As role-models-in-chief, board members and top leadership of the organisation must give priority to building the desired culture. Many leading companies are already including oversight of culture as a primary board duty – another shade of risk – and are implementing metrics and processes to regularly monitor it. At its highest level, that culture must demonstrate respect for human dignity and, in more operational terms, it must support the successful execution of strategic imperatives. Society, will no longer countenance disrespect and discrimination, and organisations that do not recognise this ultimately pay the price www.ethicalboardroom.com
in terms of the inability to attract investors, recruit talent and damage to their brand. The business of building, pruning and continually reinforcing the values that undergird a particular organisation’s culture is hard work. While this work is sometimes parked to the side as companies pursue everyday work and deadlines, building a cohesive, effective culture cannot be an afterthought; it is the essence of what makes success possible. And, it is from the CEO and the board that everyone else takes their cues. Long-term ROI is measured in far more than dollars and cents. Of course, large public companies – indeed any business – exists largely to make a profit, but that isn’t the only measure of success. Organisations that strive to inspire, serve and seek to do good in the world, gain another sort of ROI. While that may be harder to gauge, we know without even the shadow of a doubt, that these less-tangible attributes figure significantly in the long-term success of organisations and their ability to reward all stakeholders.
Society, will no longer countenance disrespect and discrimination, and organisations that do not recognise this ultimately pay the price in terms of the inability to attract investors, recruit talent, and damage to their brand
STRIVING TO DO GOOD Effective leaders can create a positive culture Autumn 2017 | Ethical Boardroom 13
Commentary | CalSTRS
Passive investor: Active owner “As long as there are teachers in California, we are going to be investors in the capital markets,” is something Christopher J. Ailman, our chief investment officer at CalSTRS, always says. CalSTRS literally owns the market, with stakes in more than 8,000 companies around the world. Although we may be passive investors, we play a prominent role as active shareowners.
With a 104-year history of providing retirement benefits to California’s educators and investing across the global marketplace, CalSTRS consistently emphasises our long-term investment focus and related strategies. More than 914,000 California educators and their beneficiaries can rest assured that CalSTRS will be here to provide secure retirement benefits well into the future. As active owners, we frame our future – and the future of the capital markets – by advocating for best-in-class governance on a global scale. Even given our $213.7billion fund size, CalSTRS often owns less than one half of one per cent of a globally traded company. On the other hand, California ranks as the sixth largest economy in the world and, as the largest teacher-only pension fund, CalSTRS is looked to as a powerful voice in the public markets. While we prefer behind-the-scenes efforts, we will not hesitate to engage publicly if companies maintain outdated, inefficient practices that are detrimental to their performance.
It all starts in the proxy
CalSTRS treats proxy votes like any other plan asset and exercises our right to vote to enhance shareholder returns. For US companies, the proxy is the first step in engagement with shareholders. The proxy not only serves as a compliance document, it’s also an effective communication tool. In 2016, CalSTRS voted on 76,260 individual proposals – 24,818 from US companies and 51,442 from global companies. As active owners, CalSTRS uses a combination of analysis, research and 14 Ethical Boardroom | Autumn 2017
A not-so-subtle approach to framing the future Anne Sheehan
Director of Corporate Governance, California State Teachers’ Retirement System (CalSTRS) dialogue with relevant parties, as well as a set of defined principles, to provide a full perspective of issues prior to voting. The power of the proxy vote lies in its ability to create any necessary changes that enhance a company’s long-term shareholder value.
Shareholder proposals turn up the active owner’s volume
As an active owner, CalSTRS has a vested interest to safeguarding the long-term performance of more than 8,000 companies in our portfolio as we fulfill our duty to pay teachers’ pensions. Well-governed companies are more likely to allocate capital efficiently and productively. Promoting good corporate governance improves companies’ long-term value proposition and addresses investor concerns about whether or not a company is acting in their best interest.
By maintaining an active seat and a strong voice at the table, active owners can weigh-in on changes that could impact the long-term financial health of their respective portfolios Private dialogue may also focus on board diversity, voting rights structure, risk management, capital allocation, sustainability awareness, executive compensation or myriad issues that may impact a company’s performance. Board diversity is a governance issue that has garnered success through the use of private engagement. Diversity is not only a social issue – it’s a risk that should be mitigated and an opportunity to provide improved returns. In fact, McKinsey & Co research shows that companies with more female executives in decision-making positions continue to generate stronger
market returns and superior profits. The business case for diversity is evident in the rapidly changing demographic profile of the US, as well as the continuing rise in purchasing power of women and various ethnic and racial groups. Diversity offers asymmetric protection, including superior upside in growth markets, allowing companies to make better decisions about strategy and manage risks. There is a direct correlation between diversity and performance. In the McKinsey study Why Diversity Matters, gender diverse companies were 15 per cent more likely to have financial returns that were above their national industry median and racially/ ethnically diverse companies were 35 per cent more likely to have financial returns. As part of our commitment to advancing board diversity, in 2016 CalSTRS engaged with 87 California-based companies, resulting in 12 companies either appointing women to their board; amending their policies to commit to diversity; or expanding their search to include women or minority candidates. Although we prefer quiet, behind-thescenes engagement, sometimes companies are not receptive to our suggestions. Through proxy voting and filing shareholder proposals, active owners can escalate their engagement efforts by going public with their unresolved concerns. The power of proxy voting and shareholder proposals is evident in CalSTRS’ effort to advance the majority vote standard for director elections. Majority vote standard endows shareholders with the ability to 1) remove poorly performing directors, and 2) increases directors’ accountability to shareholders, who are, in fact, the company’s owners. Since 2010, we’ve engaged with approximately 100 companies annually to adopt a majority vote standard. Since the beginning of this initiative, more than 500 companies in the Russell 2000 index have adopted a majority vote standard for their director elections. This effort exemplifies the acceptance among the shareholder community that majority vote standard is a governance best practice.
Active owners in the marketplace
Asset owners with a large stake in the health of capital markets have a keen interest in the rules and regulations that govern the www.ethicalboardroom.com
CalSTRS | Commentary
GLOBAL STEWARDSHIP AT WORK Fiduciary responsibility is at the heart of CalSTRS’ decision-making
securities markets in the US and globally. A fair and efficient market is key to CalSTRS’ success as a long-term investor. Engaging policymakers through letter writing and committee membership puts active owners on the frontline of ensuring shareholder protections are safeguarded. Additionally, responding to proposed regulation and legislation is a vehicle for shareholders to provide influence and education on the potential impact that proposals may have on their investments. Therefore, it’s imperative that active owners consistently provide input to regulators and industry bodies, such as the US Securities & Exchange Commission (SEC), the Public Company Accounting Oversight Board (PCAOB). By maintaining an active seat and a strong voice at the table, active owners can weigh in on changes that could impact the long-term financial health of their respective portfolios. But no one passive investor-active owner can do the work alone. www.ethicalboardroom.com
Collaborating across the active owner peer network
As stated previously, a large passive investor, like a pension fund, owns a small percentage of each portfolio company. It is important for like-minded organisations to collaborate in order to help companies, regulators and legislators understand that long-term active owners are vulnerable to the decisions, regulations and policies they are creating. To stretch the impact of their capital and leverage their experience, active owners make strategic alignments with myriad coalitions and organisations. Active involvement with a peer network deepens and broadens the active owners’ engagement opportunities in financial markets across a large spectrum of issues. Partnerships also lend weight to an individual active owner’s position to undertake value-driving change. The benefit is better performing, better governed companies for all investors.
Fulfilling CalSTRS’ long-standing promise to California educators Like any large, mature financial services organisation, the challenges of balancing assets and liabilities, investment gains and losses, and creating long-term value guide our business strategies. CalSTRS maintains steadfast diligence in our role as an active owner, implementing strategies that serve to strengthen our success, with our priority focussed on the financial health of the fund. We are stewards of the hard-earned income that dedicated California educators contribute toward their retirement and entrust to us throughout their careers. And, ultimately, our goal remains focussed on generating returns that are sufficient to pay our members’ retirement benefits, now and well into the future.
Autumn 2017 | Ethical Boardroom 15
Commentary | Sustainability
Boards can make the world a better place In a global effort to ensure ‘the future we want’, the United Nations (UN) released the sustainable development goals (SDGs) in 2015, explicitly inviting the private sector to contribute as well. Since then, the private sector has embraced this invitation, setting goals and making concrete plans. For investors, active ownership is an important way to encourage companies to follow through. The agenda for sustainable development was adopted by 193 countries, who agreed to contribute to the realisation of 17 SDGs by 2030. The goals range from ensuring the availability of water and sanitation for all, ensuring food security and achieving gender equality, to providing access to affordable and sustainable energy within 15 years.
Embracing the sustainable development goals
To achieve these goals, the UN explicitly invites the private sector to make a measurable contribution. The private sector can back many SDGs directly. A good example is SDG Goal 9: industry, innovation and infrastructure. It can be achieved by investing in power generation, renewable energy, transport, water and sanitation projects. A PwC study estimates that SDG Goal 9, SDG Goal 8: decent work and economic growth and SDG Goal 13: climate action are the most actionable goals for the private sector to tackle.1
16 Ethical Boardroom | Autumn 2017
Companies are increasingly embracing the UN’s sustainable development goals Carola van Lamoen
Head Active Ownership at Robeco
A win-win for business
By contributing to the goals, companies can have a positive impact on society and the environment. But it doesn’t stop there. It can also be a business opportunity, providing companies with a future competitive advantage by being a source of innovation, process improvements and operational efficiencies. Companies that embed SDGs into their business strategy will be more likely to align this with governmental policies and regulations, thus avoiding the risk of losing their licence to operate or encountering high costs resulting from structural change. We encourage company boards to identify the most material SDG(s) for their business and identify the associated risks and opportunities. By linking the strategic vision to desired impact through material SDGs, the board can develop measurable targets to enhance both the financial and non-financial performance of the company. In this way, we as asset managers can help companies in which we invest to contribute to the SDGs in a way that is beneficial to the bottom line as well. In doing so, we have various tools at our disposal, such as impact investing to make a measurable social or environmental impact, the integration of
ESG (environmental, social and governance) information into the investment decision-making process, exclusion of companies or sectors and active ownership. As a sustainable asset manager, Robeco uses all these tools, although we tend to focus less on exclusion. We have a primary duty to obtain a good performance for our clients and want to achieve this in a sustainable way. Consequently, we prefer to have a constructive dialogue with companies to encourage them to improve their sustainability performance. Excluding companies means we can no longer influence them.
Active ownership: a powerful tool
In our view, active ownership is a powerful and direct way for asset managers to make a constructive contribution to the SDGs. We use our influence as an investor to encourage companies to contribute to the realisation of these goals. By actively engaging with companies on the most material sustainability issues, we enhance their competitiveness and profitability and hence the investment performance. The two main ways to exercise active ownership are engaging in an active, structured dialogue with companies and voting at shareholders’ meetings. We will give an example of both.
Engagement: constructive dialogue between company and investor
We engage in a constructive dialogue with companies, encouraging them to take action on the SDGs. For our engagement theme ‘ESG risks and opportunities in the biopharmaceutical industry’ we have stimulated companies to report on their contribution to SDG Goal 3: good health and well-being. Financially, this is material since the biopharmaceutical industry is exposed to risks such as lack of societal trust and vulnerability to negative media exposure. Alternatively, pharma companies derive a competitive advantage from consistent investment in R&D that is aimed at the development of innovative drugs, which in turn contribute to SDG 3. We see that the first companies have started to include concrete showcases in their sustainability reports and have created internal working groups to find ways to report quantitative impact. www.ethicalboardroom.com
Sustainability | Commentary
Aligning voting activities with the SDGs
In recent years, the number of shareholder proposals on SDG-related topics filed at companies’ shareholder meetings has risen substantially, gaining ever greater levels of investor support. An important topic is SDG Goal 5: gender equality. Companies should be prepared for this. An increasing amount of studies point to broader diversity, including gender diversity, as not only a societal issue, but also a financially material issue for investors to consider. For instance, Robeco’s own studies2 indicate that companies with more diverse boards are better positioned to outperform, while research by Morgan Stanley3 found that the stocks of American companies with the highest scores on diversity beat those that scored the lowest by 2.3 per cent on an annualised monthly basis over the last five years. Earlier, McKinsey & Company4 had found that companies with highly diverse executive teams boasted higher returns on equity, earnings performance and stock price growth. We therefore believe that assessing diversity in the board and total workforce is important. This is an example of how the SDG Goal 5: gender equality relates to a
financially material sustainability issue and we will therefore support these proposals, unless the company already offers disclosure on the issue, such as diversity policies and pay data demonstrating that no gender gap exists. It is important for company boards to develop diversity policies, not only at board level, but for the broader workforce as well and to increase disclosure on this topic.
An increasing amount of studies point to broader diversity, including gender diversity, as not only a societal issue, but also a financially material issue for investors to consider
Conclusion
In the two years since the presentation of the SDGs, we have seen multiple publications by companies on how they expect to contribute to the SDGs. A common language is being developed that helps us as investors to compare companies and select the winners in the market. Still, progress can be made on the relevance and accuracy of disclosures and the measurement of impact. The financial industry has a special role to play, having the ability to direct capital towards companies and sectors that offer the largest opportunities to contribute to the SDGs. The SDGs set clear goals for 2030 and as an active investor with a long-term focus, we are particularly interested in the strategy companies are developing for their most material issues. A growing number of investors expect company boards to show leadership in the realisation of SDGs. We expect the SDGs will become a standard part of the dialogue between boards and shareholders soon. It is therefore crucial for board members to discuss how they wish to contribute. 1
PwC (2016). Make It Your Business: Engaging With The Sustainable Development Goals. 2 Robeco (2015). Do Companies With Diversified Boards Have Higher Stock Returns?. 3Morgan Stanley (2016). Putting Gender Diversity To Work: Better Fundamentals, Less Volatility. 4 McKinsey (2007). Women Matter: Gender Diversity, A Corporate Performance Driver.
CULTIVATING A BETTER WORLD Business leaders must embrace opportunities offered by sustainable development goals www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 17
Global News Europe UK watchdog revamps research rules Investors in stock market listings in Britain will get access to independent research on companies preparing to list much sooner under final rules published by the Financial Conduct Authority. The regulator has announced reforms to the UK’s initial public offering regime that will give investors access to information from independent analysts on companies seeking to float. The rules, which will come into effect in July 2018, are designed to address concerns around the transparency
of the IPO process and potential conflicts of interest. Christopher Woolard, FCA’s executive director of strategy and competition, said: “The measures bring together a significant package of reforms to ensure UK wholesale markets remain efficient and effective, including improving the quality and timeliness of information in the IPO process and enhancements to the listing regime. Our aim is to ensure the UK’s primary capital markets remain of the highest quality and continue to serve issuers and investors.”
Prisa looks to appoint new chair
Spanish publishing group Prisa, which publishes the national newspaper El País, is looking to revamp its board after chairman Juan Luis Cebrián (pictured) agreed to step down after more than 30 years. According to reports, a proposal to appoint Javier Monzón as Cebrián’s successor has been blocked by some board members and investors, including hedge fund Amber Capital. Amber Capital is a London-based fund with a 19 per cent stake in Prisa. Joseph Oughourlian, Amber’s chief executive, won a seat on the Prisa board last year and voted against Cebrián’s pay package last February, according to regulatory filings.
French authorities ‘investigate F1 conflict sale’ France’s fraud investigation body Parquet National Financier is said to be investigating a potential conflict of interest associated with the sale of Formula One (F1) earlier this year. According to The New York Times, French authorities are seeking information on the deal by F1’s regulator the Fédération Internationale de l’Automobile (FIA).
The report claimed that financial corruption investigators in France are looking into whether the FIA had a conflict of interest when it approved the sale of F1’s commercial rights holder (CRH) to the investment firm Liberty Media Corporation in January. Consultancy firm Deloitte has warned the FIA to improve its monitoring processes to ensure that it is free from conflict of interest.
Airbus prepares for turbulent corruption probe
Airbus might face substantial fines resulting from corruption investigations by the UK and France into using middlemen in sales of planes, according to Tom Enders, the aircraft maker’s CEO. The UK’s Serious Fraud Office and later its French counterpart opened investigations into Airbus after the firm reported itself in 2016. Enders has said he would be prepared to step down if he was ‘no longer part of the solution’, as the firm deals with the ongoing situation. The CEO has said he had no knowledge of illicit funds at Airbus being used to bribe potential customers.
18 Ethical Boardroom | Autumn 2017
PSG boss grilled in Fifa bribery case Nasser Al-Khelaifi, chairman and CEO of French football club Paris Saint-Germain, has been questioned over a World Cup broadcasting bribe. He denies any wrongdoing and has not been charged. Qatari businessman Al-Khelaifi, who has held the twin posts since 2011, was subjected to a full day of questioning by Swiss investigators. Al-Khelaifi and former Fifa secretary general Jérôme Valcke are both subject to criminal investigations by Swiss authorities into allegations of bribery, fraud, criminal mismanagement and document forgery linked to a 026-2030 rights deal. Valcke also denies the claims. A Sardinian villa valued at £6.2million was allegedly how al-Khelaifi had bribed the top Fifa official. www.ethicalboardroom.com
Europe | Sustainability
When sustainability chimes with stability
For an economy to be sustainable, it needs to be stable. And for an economy to be stable, it needs a reliable financial infrastructure. But what does this entail? For any infrastructure provider, it is absolutely critical to ensure the stability of its services. From this perspective, any change equals a risk of creating instability. However, change is inevitable and has to be faced or, if possible, anticipated. Developments in the area of regulation and technology as well as competitive pressure require a constant development of systems and services. An example from the technological perspective is digitalisation, which will no doubt change the way we do things, possibly also what we do. How exactly and how fast this will happen is difficult to predict. But the digital revolution is a reality and the upcoming challenges have to be met. These challenges could take many forms. Maybe new services will be created based on the data generated by the increasing interconnection between humans and machines or objects. Maybe they challenge existing business models or even entire industries. Digitalisation raises such questions for operators of the financial market infrastructure, including SIX. For example, bank customers now use more automated processes and mobile banking. This has created new demands within the financial market infrastructure. Which requirements will it have to meet? And from a governance perspective: what rules determine how data is used? What conditions does the State need to put in place to ensure that everyone benefits from digitalisation while upholding consumer or investor protection?
Finding the right balance
In the case of a stock exchange, the challenge is and always has been, to achieve a balance between stability and trustworthiness and serving the changing needs of its customers and the society at large. In this respect, SIX has a responsibility – not only at a corporate
20 Ethical Boardroom | Autumn 2017
Chris Landis
Division CEO, SIX Swiss Exchange level, but also, even more importantly, on a societal level. Because some of the infrastructure it provides is systemically important: it is fundamental to the competitiveness and performance of the Swiss financial centre and therefore to the economy. To reflect this responsibility SIX has made the stability of the financial sector the first and most important of its corporate responsibility principles. The availability and reliability of its infrastructure are the foundation of the stability of any financial centre. Every day, millions of financial transactions, a high volume of data and monetary amounts in the billions pass through the systems of a financial infrastructure service provider such as SIX. It is therefore crucial that this load can be handled by its systems reliably and at any time.
Events, such as a prolonged power cut, floods, acts of sabotage or pandemics, could lead to chaos on the financial markets, destabilising financial systems and thereby the economy In recent times, the financial infrastructure in Switzerland has passed several such ‘stress tests’, the biggest one being the decision taken by the Swiss National Bank to abandon the euro exchange-rate floor on 15 January 2015. On that particular day, SIX had to handle six times the normal trading volume – and did so without any problems.
System availability: A top priority
Ensuring the availability, stability and security of the systems – especially in crisis situations – is at the core of financial services providers. Events, such as a prolonged power
cut, floods, acts of sabotage or pandemics, could lead to chaos on the financial markets, destabilising financial systems and thereby the economy. Any infrastructure service provider for a financial centre should therefore be aware of its responsibility and act and plan accordingly. Redundancy, in terms of systems and connectivity, staff recovery and succession planning, and robust, rehearsed emergency procedures, form the basis of our ambition to operate responsibly. Infrastructures that SIX operates worldwide can be deployed all year round, 24/7 and the average availability of all SIX services is 99.95 per cent.
Forward-looking mindset
Corporate governance should be geared towards sustainability and longevity. This implies a mindset that is not only focussed on the present but also forward-looking. Financial market infrastructures need to be developed on an ongoing basis to meet future requirements and challenges. SIX aims to ensure this through a well-balanced ownership and through active participation in all relevant organisations. Economic success, social responsibility and environmentally conscious actions should complement one another. Through the creation of appropriate framework conditions at national and international levels, SIX not only supports Switzerland’s sustainable development as a financial centre, but also contributes to the stability of the overall economy.
A greener future
Infrastructure is not the only area where a stock exchange can demonstrate its commitment to corporate responsibility: it can also relate to the financial instruments traded on it. A current example of a project that SIX is working on relates to the fixed income segment and the visibility of green bonds.
www.ethicalboardroom.com
Sustainability | Europe Green bonds are conventional fixed income instruments, created to (re)finance projects that have positive environmental and/or climate benefits. Several approaches can be used to define what a green bond is, using different data and parameters. One prevalent way is to apply the criteria of the Climate Bonds Initiative (CBI). The CBI is an international, investor-focussed not-for-profit organisation supported by a large network within the financial industry. Based on its data of labelled green bonds, these specific instruments can be identified. Figures on the development in recent years show an increasing interest for sustainable investments. In particular, the issuance of green bonds has increased from $11billion in 2013 to $42billion in 2015 and estimates of CBI expect up to $130billion to be issued in green bonds in 2017. Of course, the success of green bonds also depends on how actively they are traded. A clear identification of green bonds will support investors and asset managers in their decision process. On the route to introduce green bonds, SIX took a first step in November 2016 by organising an event in cooperation with the International Capital Markets Association (ICMA) and
PLAN BEE
“If the bee were to disappear from the surface of the earth, man would have no more than four years to live,” according to a quote often attributed to Albert Einstein. Although the brilliant physicist probably never said it and the forecast is a bit too grim, it is based on a kernel of truth: given their complex interactions with the plant world, bees are a critical part of our ecosystem. This is why SIX has adopted a new corporate responsibility engagement, dedicated to protecting the honeybee. Three beehives were installed in early summer on the roof of the new SIX headquarters and the Swiss stock exchange in Zurich. The first honey was harvested in late summer and was auctioned with the proceeds being donated to conservation efforts. the Swiss Financial Analysts Association (SFAA). This event was very well received by investors as well as underwriters, encouraging SIX to continue on this path. If green bonds can be added to the offering of SIX, it would support the growth of sustainable finance and therefore be a perfect fit with its corporate responsibility framework. Besides ensuring stability and being a responsible employer, the company concentrates its activities on strengthening social cohesion and the careful handling of natural resources – true to its principle ‘enabling a sustainable future’.
PASSING THE STRESS TEST Stability of the financial sector is a priority
www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 21
Board Leadership | Evaluation ASSESSING BOARD PERFORMANCE Investors are keeping a closer eye on boardroom practices
From the outside in
Board evaluation: what investors are looking for from corporate leaders For years, investors have increasingly focussed attention on the quality and effectiveness of boards of directors governing companies in their portfolios. And the attention hasn’t gone unnoticed: to their credit, directors are doing a better job than ever of giving insight into boardroom processes and of engaging with investors on critical issues, such as management performance, strategy, succession, governance and executive remuneration.
In the wake of corporate scandal after scandal, investors are taking a much closer look at the board than ever before. Recent revisions to local stewardship codes and the Shareholder Rights Directive at EU-level have added even more momentum 22 Ethical Boardroom | Autumn 2017
John Roe
Head of ISS Analytics to the effort. These revisions emphasise that investors’ stewardship activities should include monitoring and engaging with companies on matters such as strategy, performance, risk, capital structure and corporate governance, including culture and remuneration. Engagement should be purposeful dialogue with companies on those matters as well as on issues that are the immediate subject of votes at general meetings. Investors are therefore looking for real-time data that can give them an advantage in understanding how well the board is functioning and indicators of how well it may be executing its fiduciary responsibilities. Directors might be surprised at how deeply some investors are looking, outside in, to get an idea of how the board may be performing. Over the past year, we have discussed the issue with a wide range of stakeholders
and have collected feedback regarding the areas that investors are looking at to evaluate boards of directors and what types of indicators might fall into each of those areas. The areas that we heard most consistently include: ■■ Board self-regulation How well does the board identify and mitigate its own weaknesses, encourage underperforming directors to improve and, ultimately, manage its own membership? ■■ Composition and structure Does the board have the right set of skills, capabilities and perspectives, to include various measures of diversity and does the board put in place effective checks and balances over various roles? ■■ Transparency, engagement and responsiveness How well does the board describe its own actions and engage and respond to feedback from the company’s owners? www.ethicalboardroom.com
Evaluation | Board Leadership ■■ Track record and outcomes How have companies – both this one and others – performed under these directors’ stewardship and what can special situations at these companies tell investors? ■■ Risk management How does the board identify, address and manage critical enterprise risks? Looking deeper, there are a range of ways that global investors are interested in assessing the board, on these five dimensions below. This list is just a starting point – and no investor uses, or perhaps would even agree with, all of these factors. And different investors even interpret some of these data points differently, making the issue even more complicated for boards of directors. But it’s important to understand the wide range of perspectives that have been voiced and to see how broadly investors are beginning to cast their nets to gain a better view of board performance. Investors do recognise that outside-in analysis is likely to miss many important factors that are unobservable outside the boardroom and committee meetings. But that doesn’t mean that investors don’t – or shouldn’t – pay attention to key signs of board performance that are externally observable, for those are often important clues that may lead to further investigation and engagement.
BOARD SELF-REGULATION 1 2 3 4 5 6 7 8 9
Board refreshment Director tenure distribution Quality of board evaluation processes Track record of willingness to surface and act on internal issues Size and structure of director compensation Stock pledging Related party transactions Director continuing education/ professional development Role rotation
RISK MANAGEMENT 1 Distribution of risk management responsibilities and board-level risk management framework commensurate with risk exposure 2 Strategic risk management 3 Financial/financial engineering risk management 4 Regulatory risk management 5 Cyber risk management 6 Environmental & social risk/ sustainability risk 7 Succession risk management 8 Internal risk management (whistleblower protection) 9 Idiosyncratic risk management
www.ethicalboardroom.com
We’ll take a closer look at just a few of these points to illustrate things that boards should be thinking about as they engage with their shareholders and fulfil their director obligations.
Board self-regulation: the ideal board of directors is a perpetually moving target
The shareholders’ needs and expectations from the board are in constant flux. Required boardroom skills constantly evolve – technology management and cybersecurity are the obvious recent examples; investors in companies with significant cyber risk now have a reasonable expectation that the company’s board has the ability to identify, monitor and mitigate cyber risk. But it’s not just skill requirements that are changing – long-established calls for more gender diversity, alongside increasing calls for other forms of diversity, add to changing expectations. From an investor’s viewpoint, that means that a board shouldn’t be a static body, serving together, year after year; there is a need to constantly evaluate how the environment is shifting, identify new risks the board should be managing and ensuring that the right skills are in the boardroom to manage those risks. The recent increased attention on board refreshment highlights this investor viewpoint. Boards need to embrace that
Companies are increasingly moving from general board-level performance assessments to having individual assessments of each board member and even bringing in an external assessor in some cases to facilitate the board’s evaluation TRANSPARENCY, ENGAGEMENT, & RESPONSIVENESS 1 Willingness to engage with shareholders /evidence of effective engagement 2 Presence of an easily accessible inbound engagement channel 3 Disclosure of how shareholder feedback influences boardroom decision-making 4 Responsiveness to low-support management proposals 5 Responsiveness to shareholder proposals 6 Compensation programme transparency 7 Clarity and depth of corporate governance guidelines
their responsibilities will continue to evolve and the composition of the board will likely need to shift over time to include expertise in emerging areas of need. Some great boards realise this and are transparent about the company’s evolution of needs from the board of directors. In their annual reports, they discuss emerging company risks, changing company needs and how the board is responding to these changes through education and refreshment. But quality disclosures of this type are still too few and far between.
Boards are disclosing more sophisticated board and director assessment processes Perhaps unsurprisingly, one of the fastest-advancing corporate governance practices is how boards of directors are evaluating themselves. ISS Governance QualityScore tracks how companies disclose that their boards evaluate themselves; for the past three years, this has been one of the top three areas where we are seeing the most companies improve. Companies are increasingly moving from general board-level performance assessments to having individual assessments of each board member and even bringing in an external assessor in some cases to facilitate the board’s evaluation.
COMPOSITION & STRUCTURE 1 Gender diversity 2 Other measures of diversity (ethnic, racial, background, experience, age, etc) 3 Director skills & capabilities 4 Director affiliations/associations 5 In cases of combined chair/CEO, presence of an empowered lead independent director 6 Board and committee independence 7 Interlocks
TRACK RECORD & OUTCOMES 1 Company financial performance record relative to peers over the median director’s tenure 2 Director track record at other companies (both performance and risk/events) 3 Actions taken in contested/ contentious situations 4 Nature and outcome of any unilateral actions 5 Governance/risk management failures at current and prior directorships — financial restatements, material governance problems and more 6 Executive compensation programme outcomes
Autumn 2017 | Ethical Boardroom 23
Board Leadership | Evaluation Looking at historical data, Europe has led the way in external evaluation for years. Going back three years to mid-2014, 37 per cent of European companies were already using external assessors as part of their evaluation process. (The use of external assessors in Europe compared to the US is unusually high for several reasons, including the UK Combined Code of Corporate Governance, which recommends that an external assessor be used at least every three years.) American companies show a much more dramatic improvement, but also a much bigger gap; in 2014, 59 per cent of S&P 500 companies and 70 per cent of Russell 3000 companies, only disclosed that they performed a general board assessment. Even then, they did not specify whether it was conducted at the individual director level, or whether they used an external assessor. The disclosed use of external assessors to facilitate board evaluations is still relatively rare in the US. Despite the improvement in disclosures regarding board assessment processes, board evaluation process disclosures often still do not tell investors nearly the volume of information needed, especially regarding the outcomes of the assessments.
After the assessment
Perhaps the biggest question in many investors’ minds is, after the assessment, what happens to the gathered information? Some investors feel that the assessment process has turned into a check-the-box exercise within too many boardrooms. From the board’s perspective, check-the-box behaviour doesn’t necessarily mean that the board isn’t doing anything with the assessment outcomes. Frequently, boards take a standard set of follow-up actions after each set of assessments, such as updating the
skill and capability requirements for the next director search. But if the board isn’t working to identify emerging required board skills and capabilities and acting affirmatively to shore up those gaps, it seems that the impact of the board and director assessments doesn’t reach its full potential. Investors are more concerned about how boards are using assessment data to improve its ability to fulfil its fiduciary responsibilities and maintain a high state of
boardroom effectiveness. And they want those impacts to be felt in the near-term, not several years out. In the eyes of many investors, underperforming directors should be afforded the opportunity and means to improve and expectations should be set for that improvement; and if that improvement isn’t realised, the underperforming director should be counselled to step down. But how often does that really happen? How many boards have you served on where
EUROPE LEADS THE WAY WITH MORE SOPHISTICATED BOARD ASSESSMENTS 61.1% ■ Europe (QualityScore covered companies
Source: ISS QualityScore
48.2%
■ S&P 500 ■ Russell 3000 (Ex S&P 500)
42.4% 32.6%
39.6%
34.3%
21.3%
7.9%
6.5%
3.8%
0.8% No information
24 Ethical Boardroom | Autumn 2017
General evaluation/ internally facilitated
More detailed evaluation/ internally facilitated
1.6%
More detailed evaluation/externally facilitated (at least every three years) www.ethicalboardroom.com
Evaluation | Board Leadership
TRACKING PERFORMANCE Technology allows investors to gain a clearer overview
Unforced director turnover can be difficult to spot and investors are aware that there can be good reasons for what appears to be unforced director turnover. For instance, some boards adopt their own limits on the number of directorships an individual may have; that can have a ripple effect, causing that director to step down at another board. However, the mere presence of perceived unforced board turnover can be an interesting signal to investors. The real problem for investors is trying to interpret that signal. Is an unforced turnover situation a sign of a well-functioning board trying to upgrade its membership or is it a case of a high-performing director stepping down from a board where problems may loom? There have certainly been cases of both and similar fact patterns may lead to different interpretations by different investors. But, in either case, a few investors are beginning to use this as a signal for situations to things investigate more deeply.
A few are certain: record the board’s role Track and outcomes: will continue connecting the dots In the past, the evaluation to become of a director’s fitness to more complex, serve has mainly involved the analysis of that the skills individual’s actions at the required will company she or he is being continue to elected to serve. But over just the past few years, more and grow and more technology has evolved the level of to allow investors to have a much more holistic view accountability of what directors have done to shareholders as directors and executives at other companies. will only Of course, this often increase starts with looking at the
a director was permitted to continue to serve – sometimes for years – even though they didn’t make material contributions in the boardroom? It isn’t a secret to investors that some companies allow underperforming directors to continue to serve and even stand for re-election again and again. But in today’s business environment, where shareholders’ expectations about the skills and capabilities of the board are changing and growing, some investors are losing patience with boards that don’t police their own membership effectively.
Unforced director turnover: a controversial signal of board self-regulation
One somewhat controversial measure of how boards are acting on assessments is looking at ‘unforced director turnover’. That’s when a director steps off a board without being compelled to do so – such as hitting a term limit or mandatory retirement age, for instance. Certainly, boards make an occasional ‘hiring mistake’ and some directors decrease in their effectiveness over time. But it’s surprising – or perhaps it isn’t – to see how infrequently some companies are willing to admit those issues. www.ethicalboardroom.com
performance track record of those companies while the director nominee was serving at the outside company. But that’s just the starting point: sophisticated shareholders are now spending more time (usually in high-profile situations) understanding governance, remuneration and activist issues at each of those companies – and the responses that those companies offered to the issues. Especially troublesome are directors that sat on boards where material problems erupted – some investors view those directors as ‘troubled’ and are less excited about them serving on other boards in their investment portfolio. Directors from boards such as Kobe Steel, Wells Fargo, Equifax and even private companies, such as The Weinstein Company, all may face questions from shareholders in public companies where they sit. Over time, we expect a director’s actions (and in some cases, mere presence) in certain situations at one company
to increasingly affect their election results at other companies.
The big caveat: Outside-in board evaluations cannot reveal everything
Outside-in board evaluation is an important step in the due-diligence and engagement preparation process for any investor. But that outside-in analysis cannot reveal everything about the board – and sometimes that analysis is as likely to raise important questions as answer them. Some studies have shown that important boardroom problems often are only seen behind closed doors. For instance, last year, the Stanford Graduate School of Business released the results of its 2016 Board Of Director Evaluation And Effectiveness survey. The findings of that survey are interesting – in the executive summary, they find that directors frequently report internal issues in areas such as group dynamics (the following list from the report’s executive summary): ■■ Directors do not invite the active participation of all members ■■ Directors allow personal or past experience to dominate their perspective ■■ Directors do not express their honest opinions in the presence of management ■■ Directors are too quick to come to consensus ■■ Directors do not understand the boundary between oversight and actively trying to manage the company ■■ Fellow board members derail the conversation by introducing issues that are off-topic But without being in the boardroom, shareholders have a difficult time understanding exactly what dynamics are in play and directors are rarely willing to disclose when they find issues in the boardroom.
Focus on the board not likely to ease
With scandals continuing to occur and board-level risk management practices (among other things) under increasing scrutiny, the list of items that investors are likely to be watching will grow. What is less certain is how assertive shareholders will become and how companies will respond – how will they answer the call for more boardroom transparency? And will investors be willing to hold the board more accountable? A few things are certain: the board’s role will continue to become more complex, the skills required will continue to grow and the level of accountability to shareholders will only increase. Autumn 2017 | Ethical Boardroom 25
Board Leadership | Performance
Taylor Griffin & William Stern
Taylor is Chief Operating Officer. William is Managing Director, The Miles Group
Board evaluations: Good defence & good offence How is your board grading its own performance? Concerns about whether a board is being effective have only grown for institutional and activist investors alike in recent years – raising questions around board tenure, term limits and how performance is being measured. ‘How long have these people been on the board?’ ‘How well are they doing their job?’ ‘How do you know how well they’re doing their job?’ ‘Shouldn’t we shake things up?’ – all these kinds of questions are forcing boards to think about how they rate themselves as stewards.
26 Ethical Boardroom | Autumn 2017
On the other side of the equation, most board members think they are doing a good job. When it comes to grading their own board’s effectiveness and performance, most directors use a pretty generous curve. In a study we conducted with the Rock Center for Corporate Governance at Stanford in the US, nearly 90 per cent of directors said that their board had the skills and experience necessary to oversee the company. Directors, on average, rate their boards as a four on a scale of one to five in terms of effectiveness and nearly three-quarters (73 per cent) say that the individual directors on their board are extremely or very effective. Belying this perceived satisfaction about their governance capability, however, are some evident cracks. Only about half of the directors we surveyed (52 per cent) believe that their board is very effective in dealing with directors who are underperforming or exhibiting poor behaviour. And only slightly more (57 per cent) believe that their board is effective in bringing in new talent to refresh the board’s capabilities before they become outdated. The fact that nearly half (46 per cent) of directors think that a subset of the board has an outsized influence means that more of the influence is being wielded by some than others. While stronger directors may typically have greater influence, less qualified but more vocal directors can exert influence in their own way, with their more passive (and sometimes more competent) peers capitulating.
The underperforming director — a ‘third rail’ for boards
In fact, perhaps the most significant finding in our study was that most directors would like to remove at least one fellow director from their board: when asked how many fellow directors they would want removed because they are ineffective, 28 per cent said one director, 18 per cent said two directors and eight per cent said three or more directors. Why? The reason can be any number of issues: from the professional (experience that has become less relevant to the company’s business over time) to the behavioural (either an overly aggressive attitude or, conversely, a lack of active participation in board discussions). The issue of what to do about a problem director – if the person is even recognised as such – can cause a sticky situation in the boardroom. While there are certainly some directors who are so valuable that people want them around for a long time, problems may arise when those who bring less to the table are reluctant to step down as their effectiveness and relevance wanes. With the average tenure of public company directors at 9.1 years for large-cap companies and 8.4 years for small-cap (according to Equilar’s 2016 Board Composition And Director Recruiting Trends report), most board members have longstanding relationships with their peers. Confronting someone you’ve sat across from for nearly a decade is certainly not something directors want to do. Director underperformance is a problem in its own right. What magnifies the problem is a board’s failure to regularly evaluate the performance of its individual directors. Absent a true evaluation, underperforming directors are kept in place well past their ‘sell by’ date – the point at which they are actually being useful. Having these directors around draws down the effectiveness of the board. If allowed
www.ethicalboardroom.com
Performance | Board Leadership to fester, these directors can become toxic, causing outright dysfunction. And when investors sense some blood in the water around particular negative boardroom dynamics, boards can get quickly put on the defence.
Getting into diagnostic mode: doing evaluations right
To short-circuit this path to dysfunction, it is critical for the chairman or lead director to adopt a diagnostic approach and take the results seriously. The best boards are already adopting rigorous annual performance reviews and moving past mere compliancedriven, check-the-box evaluations. To address these and other board performance issues, a robust evaluation should enable a company to assess – and rectify – the behaviour and practices of the full board and individual directors. Most boards ask their CEOs to conduct annual assessments of their team and it makes sense for the board to do the same for themselves, not just around governance issues but also around skills, relevance of experiences and contribution. The best directors want feedback and want to grow and increase their effectiveness. Like some employees, some directors may be of greater service at another company. It is not helping the company or the director to keep them around if they are not a valuable contributor. In our work with numerous boards around the globe, we have found certain common traits of successful board evaluations. By successful, we mean that these evaluations not only followed the letter of the process (by documenting that the assessment was conducted), but also the spirit of the exercise by addressing the question: what are these directors doing right and what could we be doing better? The diagnostic should indicate how the board can improve on its governance of the company. Based on board evaluation processes that have worked, here is what has proven to be successful: Investment from board leaders in the process: Rather than a purely legal review, a board should conduct its evaluation with a focus on leadership development and board governance. It’s important for the board leadership to truly lead this process, signalling a high-level commitment by having the chair, lead director or chair of the nominating/ governance committee spearhead the evaluation and endorse the remedies. Assessing both individual and team performance: The board should be asking
www.ethicalboardroom.com
tough questions that go beyond governance processes and delve into individual director effectiveness, qualifications, contribution and the group’s effectiveness as a whole. Questions should include: How could the board as a whole be more effective? Are all members contributing at the same level? How could the board’s interface with management be improved? Does the board understand the market and customer segments? Does the board have a solid sense of its role, such that they probe management at the right level, but don’t micro-manage? Taking into account the future needs of the company: The company should determine if the board’s composition is aligned with what the business needs one, five and 10 years down the line. One approach would be to develop a matrix of the experience, skills and industry or market perspective needed for the company to successfully execute its go-forward strategy
The best boards are already adopting rigorous annual performance reviews and moving past mere compliance-driven, check-the-box evaluations and then compare that to the competencies of the current board members. Consistent standards applied to all directors: Attempting to remedy ineffective behaviour of an individual director (perhaps one who monopolises boardroom discussions or one who never sufficiently contributes) is a highly sensitive undertaking. Boards can make this process less contentious by soliciting individual feedback for each director so no single director appears ‘singled out’ for criticism.
structured the same way – with individual calls to action that will collectively raise the performance of the overall board. Education and structural support for directors: Periodic sessions should be held to expand the entire board’s understanding of industry, marketplace, macroeconomic, or overall leadership issues. Objectively setting policies, such as rotating committee membership and establishing a process for removing ineffective board members, can create a better framework for improving director performance. By applying the same rigour to assessing their own performance as they do to management’s performance, boards can lay a more solid grounding for their own effectiveness and demonstrate to investors and regulators that they are careful stewards of the company. These self-assessment exercises serve as evidence of the board’s commitment to process, engagement and excellence. Further, these assessments are symptomatic of care and diligence, which may pre-empt many challenges down the road. With investors feeling more and more empowered to call for board changes, boards can use evaluations in self-defence, but also in a very positive way to systematise their own misgivings and provide a forum for making the changes they feel must be made.
ROUND ONE Introduce board evaluations
Documentation of evaluation and next steps: A summary of the evaluation should be prepared, including the process itself and general observations. Given the sensitivity and liabilities that directors face, the summary should not contain any conclusions or assertions of incompetence, wrongdoing or failures to perform. Each director’s specific feedback should be
Autumn 2017 | Ethical Boardroom 27
Board Leadership | Social Science BECOMING MORE AWARE OF DIVERSITY Psychology offers insights into how to maximise board effectiveness
The science of inclusive and effective boards Psychology has much to say around decision-making, biases and assumptions in the boardroom
Effective boards result from getting several processes right, including director selection, achieving the right skill combination and harnessing positive group process. Positive group process is particularly important when diversity (both demographic and cognitive) is introduced into the boardroom. Psychology, as a behavioural science, plays a significant role in helping us understand – and leverage – the relationship between differences (e.g. ethno-cultural diversity) and board effectiveness. Gender and ethnicity are two commonly discussed dimensions of board diversity. Ethnicity and gender are similar. Many of us see ourselves as part of gender and ethnic groups and both are visible social identities. Behavioural science evidence shows that our brains operate similarly in response to gender and ethnic stimuli – we rapidly categorise people as ‘like’ us or ‘unlike’ us, based on gender and ethnicity. However, there are also key differences between how we respond to these categories and the implications for board effectiveness. For example, women on boards may grapple with gendered assumptions of what leadership looks like. Women directors may thus face the ‘double bind’ of balancing directness with nurturing behaviour in their interactions with other 28 Ethical Boardroom | Autumn 2017
Dr Doyin Atewologun
Lecturer in Organisational Leadership and Learning, Queen Mary University of London board members. This challenge is unlikely to be experienced by senior Asian men. Another difference is that we know that gender diversity tends to increase as board size and the numbers of non-executive directors go up. This is not so much the case with ethnicity. Also, gender diversity is strongly associated with particular industries. For example, proportionally, women appear more successful in attaining executive roles where they have a financial background. A study by Cranfield University showed that 45 per cent of female executive directors are financially qualified and 65 per cent in total have a financial background.1 In contrast, 26 per cent of their male colleagues are financially qualified and 44 per cent have a financial background. However, such patterns are weak or absent with regards to ethnic diversity.
Avoiding assumptions
Chairs of inclusive and effective boards cannot therefore assume that what works for women directors will work for directors of colour. The science underlying gender v. ethnicity dynamics vary because: ■■ The nature of contact between gender and ethnic groups (men and women v. whites
and Asians, for example) varies. This means there will be different degrees of comfort and familiarity between white male directors and their white female v. minority ethnic colleagues of either gender ■■ There are, traditionally, more ethno-cultural categories, compared to gender. This means that we grapple with many more different trends and associated stereotypes for different groups (e.g. Chinese v. Bangladeshi). Thus, interactions with different directors of colour are likely to vary, depending on cultural background ■■ The biases we have about gender are different to the biases we hold about ethnicity. As earlier mentioned, assumptions of women being warm but incompetent, or opting out of full-time careers to focus on family will be less pertinent for understanding barriers and formulating solutions to enhance ethnic diversity on boards ■■ As the proportions of potential directors of colour are smaller than the proportions of potential women directors, the practicalities of representation (e.g. on long lists and short lists) become trickier For these reasons, attention to how psychology can contribute to inclusion and board effectiveness as it relates to different forms of diversity is important. The role of psychology is particularly important because, as chairs and executive search firms (ESFs) www.ethicalboardroom.com
Social Science | Board Leadership become increasingly aware of the critical importance of gender diversity, there is a risk they may experience limited cognitive capacity for other forms of diversity, such as ethnicity. Work psychologists can support decision-makers to manage any cognitive fatigue associated with focussing on multiple strands of difference. The evidence suggests that the representation of directors of colour on boards is declining, and there is limited understanding of the particular dynamics of ethnicity-related diversity when it comes to predicting board effectiveness. Minority ethnic representation on US and UK boards (Zweigenhaft, 2013; Alliance for Board Diversity, 2013; BITC 2014, Green Park 2014) is declining. This decline is in the context of an increasing population of people of colour (i.e. non-whites) globally; in the UK, from a current figure 14 per cent of the total population, forecast to rise to 25 per cent by 2051 (Rees et al, 2015). Despite this decline, there remains relatively little investigation of ethnicity on boards as a single-issue topic. Searches conducted of an academic database, a top-tier management and organisational behaviour journal and a specialised corporate governance journal revealed that we are in the early days of collating evidence coalescing around this area to practically support boards, chairs and CEOs.2 There is some initial progress, with the recent publications of the Parker Review of ethnicity on UK FTSE 100 boards, and The Middle Report commissioned by the Black British Business Awards in examining what it takes to progress minority ethnic talent to executive levels. However, in the academic literature on boards, ethnicity (compared to gender) is most often studied as one of many other characteristics including age, educational background, functional areas of expertise, experience and industry background. Overall, the dearth in literature suggests that there is much potential for psychological insights to address this under-studied and under-explored area.
Insight into effectiveness
Despite the apparent gap in our understanding, some ethnicity-related implications can be deduced. Psychology offers insights into how to maximise board effectiveness by applying the predictable processes of group membership to develop a strong sense of purpose and collective ownership. 3 Two relevant criteria for board effectiveness are board task performance and board cohesiveness.4 Cohesiveness refers to the degree to which board members are attracted to each other and are motivated to stay on the board. Established psychological theory can help to explain board dynamics and under-representation of historically disadvantaged groups, including women and minority ethnic individuals. For example, www.ethicalboardroom.com
agency theory, 5 social identity theory,6 social categorisation theory 7 and upper echelons theory 8,9 broadly explain how as individuals and groups we align ourselves with personal or personally-similar goals and self-interests, sometimes subconsciously. The commonly known concept of unconscious and implicit bias we have about different groups comes from the psychology of group cognition. To improve inclusion and board effectiveness, we can focus on director selection, director induction and board engagement. Gender and ethnicity are ‘salient’ identity categories (compared to age, educational background, functional areas of expertise, experience and industry background) because they make directors more significantly different from the rest of the board. Research based on 1,073 directors suggests that new female and mixed gender minority ethnic directors would need to be more similar to incumbents on other characteristics than other directors who differ along other dimensions (e.g. a young white male director) to increase their chances to be appointed to be committee members and chairs, and increase their tenure generally.10 On appointment, as recommended by Ingley & van der Walt in 2003, the chair should brief the appointee with regard to the background,
The role of psychology is particularly important because, as chairs and executive search firms become increasingly aware of the critical importance of gender diversity, there is a risk they may experience limited cognitive capacity for other forms of diversity, such as ethnicity expertise and special roles of fellow board members prior to introducing them, and to brief key members of the senior management team regarding the appointee. An informal meeting with the chief executive and other board members before attending the first board meeting is also recommended. These actions are critical for reinforcing a collective social identity, which psychological research indicates is a powerful and compelling driver of group cohesion and performance.
Focus on induction
Following appointment, focus should turn to both the formal and informal induction process. First-time minority ethnic directors and women receive significantly lower mentoring than white male first-time directors. Further, minority ethnic first-time directors are 72 per cent less likely to be
advised by an incumbent director about boardroom norms compared to women’s 50 per cent (McDonald & Westphal, 2013). Such formal and informal psycho-social support is critical because it is more difficult for minorities to build social capital due to the natural tendency of the white male-dominated corporate elite to exclude demographically dissimilar others and differentially mentor them. There are also cultural differences in acquiring and leveraging social capital, such as the degree to which individuals proactively engage in impression-management, politicking and self-promotion. Once the board has been functioning as a group for a period of time, the research on small group dynamics and decision-making becomes pertinent. In the board room, the ‘in-group/out-group’ categorisation arises from majority v. minority status. All else being equal, what we know about human psychology tells us that individuals with majority status can exert a disproportionate amount of influence on decision-making.3 Chairs should attend to such dynamics to ensure that the minority ethnic director’s voice is audible and legitimised during board decision-making.
Understanding boards
In conclusion, behavioural science applied to the workplace currently has much to offer in helping us understand how boards come together and make decisions in the context of difference. Psychologists’ social science research skills can also be deployed to expand our understanding. For example, board audits often involve triangulating publicly available data (e.g. the Independent Regulatory Review Commission + company proxy statements + annual reports + news articles + website photos) to conduct indices of diversity on boards. However, proper understanding of board effectiveness and dynamics necessitates the use of other methods in tandem, such as interviews, observations and surveys. These are powerful methods for understanding attitudes and behaviours of company personnel and board members themselves (as recommended by the Parker Review of Ethnicity on UK Boards, 2016). Psychologists are classically trained in a high degree of sophisticated qualitative and quantitative methods for understanding human behaviour. Understanding how inclusive boards become more effective means we cannot shy away from complexity. Complexity means future focus on things like multiple identities (e.g. gender with ethnicity), national/cultural differences and other dimensions. Thus, there is significant potential for chairs and CEOs to benefit from expertise and insights of behavioural sciences in sustaining and enhancing board performance through leveraging diversity. Footnotes for the feature will be run in full online.
Autumn 2017 | Ethical Boardroom 29
Board Leadership | Corporate Governance
A smarter way to corporate governance The new reality is moving beyond regulations and towards a forward-thinking approach, heavy on ethics and culture It is increasingly acknowledged that successful and sustainable businesses are not just good for the economy, they support the wider society by providing jobs and helping to create prosperity, too. Society wants evidence that companies exist for more than simply generating short-term profits and expectations are for corporate governance principles to enhance confidence that companies act in the public interest. This has been an emerging mood across global economies, in the belief that sound corporate governance significantly influences the perspectives of organisations and makes them catalysts for improved societies. The future of corporate governance is clearly marked by several social trends that have been taking place globally. ESG (environment, social and governance) and technology are fast-growing topics and may be the ones most impacting corporate governance. ESG The focus on ESG as a means to creating sustainable value is on the rise. Socially responsible investing has become an important consideration for a growing number of investors, while ESG issues become more thoroughly integrated with company business as a whole. The aspect that is still elusive and is currently on the agenda of companies and investors, is how we can all leverage capital markets to improve not just risk-adjusted returns, but our society as a whole. In other words, how can ESG integration help create sustainable value? An appropriate corporate governance surely holds answers to this. Technology Today, innovation is all around us. The Internet of Things (IoT) is the driving force behind the latest digital trend of improving everything in our society, and so making our lives ‘smarter’. Organisations whose leadership is able to
30 Ethical Boardroom | Autumn 2017
Cristina Ungureanu
Head of Corporate Governance, Eurizon Capital understand the nature of these challenges and has the temperament to embrace it will have a meaningful advantage in the increasingly technological future.
Smart investors and smart companies
We seem to be living in the era of ‘smart’ – we have smart phones, we use smart cars and some of us are or will be soon living in smart cities. The smart part sits at the very core of economics and society – it empowers the community to make better choices for its future. Given these societal trends, it may be the time now in the corporate world to speak about ‘smart corporate governance’: smart investors, smart companies, smart boards of directors, smart principles. The changing landscape of corporate governance is stimulated by increasingly more responsible, more powerful and vocal institutional investors. Responsible
The future of corporate governance is clearly marked by several social trends that have been taking place globally. ESG and technology are fastgrowing topics and may be the ones most impacting corporate governance investing and stewardship has gathered momentum across the world in the past decade, as we as investors look for financial returns while helping to achieve a positive impact on the world around us. The rising voices of the investor community relates to the impact that investors have on company boards. Just by looking at the main takeaways from the 2017 AGM season, one can observe the evolving
policies of voting and engagement of many institutional investors on ESG matters. Among all the shareholder proposals on the US AGM agendas, almost 60% are ESG-related proposals. Consequently, the newest and perhaps most important board risk oversight expectations are being elevated by investors, calling on executives and boards to spend more time and effort directing and overseeing long-term value creation for shareholders and stakeholders. Companies, too, have new ways of doing things: the shift from a ‘linear’ to a ‘circular’ way of doing business will be one of the medium- and long-term goals of several companies, also through the development of new technologies. Companies are making more efforts to understand what part of their value chains are associated with the main environmental and social impacts, as well as the magnitude of such impacts. From our investor perspective through monitoring and engagement, we can positively observe the fact that company boards are listening and are acting upon our suggestions and expectations. For example, many boards are adjusting their composition in response to investor requirements for specific skills, i.e. adding ESG skills, cyber skills, international experience or diverse members, refreshing the boards or, in some cases, even asking certain members who did not perform accordingly to step down. Even traditional corporate governance issues, such as executive remuneration, are evolving to meet the alignment, not only with performance or shareholder interest, but also with stakeholder interest. As investors, we are encouraging companies to approach remuneration from a wider angle and many companies are responding or are proactive in this regard. Financial performance no longer makes up the only metric for setting executive pay; non-financial, discretionary metrics are starting to become part of the pay policies. Tying company integrity, ethics, diversity, employee or customer satisfaction and ESG conduct to executive pay is becoming best practice.
www.ethicalboardroom.com
Corporate Governance | Board Leadership
Smart boards of directors
SMARTER WAY OF THINKING Modern boards need to look forward and evolve their ideas and practices
www.ethicalboardroom.com
The fast pace of change raises major issues for company boards of directors – how to achieve a balance between oversight and accountability on the one hand, while ensuring innovation and dynamism on the other. The focus of a smart board will be on ensuring that the business creates value for the company, its shareholders and stakeholders, while achieving its goals under conditions of uncertainty and unpredictable competition. The smart board is fit for the future, is forward-looking with regards to future commercial and industry contexts, seeking to understand the driving forces that are impacting on the business. Many companies are looking not only to long industry experience, but for first-time directors who demonstrate good judgement, intellectual agility, knowledge of technology or digital and the ability to deal with complexity and fast-changing marketplace challenges. And, as fresh faces enter the boardroom, more attention will be paid to director onboarding, an area of corporate governance that has been underserved for some time now. For years we have been talking about tone at the top, but this is no longer sufficient for a lot of companies. New risks, such as disruption, reputation risks or conduct risks, are determining several boards to start asking questions about the company’s tone at the bottom, about the company culture. These boards want to ensure that the tone that they set permeates through the entire organisation and that the tone of their company not only flows down but also flows up to the board, for example through organisational training, induction and through appropriate whistle-blowing procedures. Things are also evolving with board committees. The traditional standing board committees – nomination, remuneration and audit – are no longer the only norm. Many boards are getting creative and setting up new special committees, as an increasing way for boards to be more efficient. These are generally a reflection of the environment and trends we are experiencing, such as technology, cybersecurity, climate change, social care. There are no limits to creating specialised committees and some are given unique nomenclature: from sustainability committee or technology & innovation committee, to environmental & safety committee to strategic planning or quality committees. In many circumstances these are not just special committees, but are chartered committees, which is an approach that we investors expect in order to understand the role and functioning of these new bodies.
Autumn 2017 | Ethical Boardroom 31
Board Leadership | Corporate Governance Traditional board committees have also evolved, particularly as to their role and composition. The criteria for committee chairs has become an important challenge for the overall board composition. We have already seen this approach with the audit committee requiring financial experts as members. For the remuneration committee, a unique skill-set focussed on remuneration or employee issues is now becoming desirable, as well as an expectation from the investor community who will look to discuss remuneration plans with committee members rather than with the company’s human resources department. The risk committee in certain companies may also call for cyber or technology expertise because of these emerging corporate risks, placed high on board agendas.
on a timely and regular basis the possibility to obtain redress for violations of their rights. In Italy, the most recent amendments of the Italian corporate governance code (which has in time inspired also legislative reforms of the national corporate law) covers different areas, including sustainability, a board’s approach to risk and the focussed role of the nomination committee. The code expands the role of the board of directors with reference to the sustainability of the business; the company risk profile is to consider also
that is aimed at long-term value creation. The most recent South African King IV report on Corporate Governance has advanced from the ‘apply or explain’ principle of the earlier King III report to ‘apply and explain’. Practically this means that companies are required to take measures to achieve the principles, but also to explain measures and their results. With the drafting of King IV, changes were effected to the code in order to present very clearly its contribution to organisational value,
Smart corporate governance principles
Corporate governance is indeed evolving to meet the changing needs of the society. The ‘new’ corporate governance seems to suggest that sustainability aspects (such as environmental matters, social and employee-related matters, human rights concerns, anticorruption and bribery) have a relevant impact on the business and should be considered in the definition of the risk profile and strategic objectives of a company. The definition of corporate governance is moving beyond ‘rules’ and ‘processes’ towards corporate culture, vision and responsibility, placing long-term value creation at centre stage. Several corporate governance codes and principles have been updated across the globe in recent years and the main reason was to adjust them to the pace of the society. While keeping consideration for the context of the individual jurisdiction, society and culture have been firmly positioned as a common change agent in many of these reviews. The new codes also place more focus on transparency by the companies, to ensure there is no loophole and the preference – driven also by investors – is for simplicity rather than complexity of governance and its disclosure. The value of ‘comply or explain’ has been acknowledged and enhanced by most countries in the past years. Looking at the principles that have marked the developments in corporate governance globally, one of the chapters of the recently revised OECD (Organisation for Economic Co-operation and Development) Corporate Governance Principles is actually dedicated to the role of stakeholders in corporate governance. This chapter outlines the benefit of active co-operation between corporations and stakeholders and underlines the importance of recognising the rights of stakeholders established by law or through mutual agreements. The chapter also supports stakeholders’ access to information 32 Ethical Boardroom | Autumn 2017
the risks that may be relevant for the sustainability of the business activities in the medium to long term. To further stress the importance of the sustainability matters for a good corporate governance, the code recommends relevant issuers (i.e. issuers included in the FTSE-MIB index) to consider setting up a committee having the task to supervise sustainability issues related to the relevant business and to its interactions with all the stakeholders. The Italian code also introduces the importance of a whistle-blowing system at relevant issuers within an adequate system of internal control and risk management. The most important change introduced by the revised Dutch corporate governance code is placing long-term value creation centre stage, requiring executive and supervisory directors of Dutch companies to act in a sustainable manner by making deliberate choices on the sustainability of the strategy in the long term. Even more than previously, the code is predicated on personal responsibility on the part of management board and supervisory board members, the provisions being formulated in a principle-based way as much as possible, so that executives and directors are encouraged to find an appropriate way to fulfil their responsibilities. Notable, one of the principles in the code specifically states that the board is responsible for shaping a culture
Corporate governance is evolving to meet the changing needs of the society. The ‘new’ corporate governance seems to suggest that sustainability aspects have a relevant impact on the business and should be considered in the definition of the risk profile and strategic objectives of a company advocating that an organisation defines its role and purpose to create value not only for itself and its shareholders but also for all stakeholders. Clearly, the code in its revision has considered the realities of the South African landscape at country level, including socio-economic inequality, economic and political instability, and skills shortage. The US Commonsense Corporate Governance Principles published in 2016 were actually drawn up by large investors (not by market authorities or industry associations as in other countries). The aim www.ethicalboardroom.com
Corporate Governance | Board Leadership was to create a logical reference piece and baseline principles that companies should follow in order to meet investor expectations. The most important message coming out of these principles is for the boards to think long term, as many international institutional investors are also committing their investment in companies long term. Looking at Brazil, because of the strong legal framework and the force of the public prosecutors, it is not uncommon for companies in the country to face public civil actions in the case of ESG-related violations; and we’ve seen several recent cases. The new Brazilian Code issued in 2015 accommodates these issues and sees the role of directors
transparent and fair choices through the fulfilment of companies’ accountability in relation to responsibilities to shareholders and stakeholders’. Most recently the reforms revealed by the UK government in 2017, which will impact the UK Corporate Governance Code, aim to create ‘efffective system of corporate governance which incentivises business to take the right long-term decisions’ through greater stakeholder participation, fairer executive pay and superior governance in private companies. The emphasis is on strengthening stakeholder voices in corporate decisions. Interestingly, too, other countries that do not have a corporate governance history have
effective way to implement it for the future of our society: a smart corporate governance.
put forward certain principles that are quite unique and that we may expect to find within future revisions of other countries’ codes. For example, in Pakistan the State Bank of Pakistan (SBP) has been developing a framework on ‘enterprise technology governance and risk management in financial institutions’ with a vision to provide baseline technology governance and risk management principles to the financial institutions. As part of the governance framework, SBP has mandated financial institutions to have a board IT committee with a minimum of three directors as its members, one of whom shall be an independent director and at least one member shall have relevant qualification or experience of IT. All these approaches are marking a forward-looking corporate governance, an
also key aspects of the ‘new’ corporate governance principles and standards. Nevertheless, while development of new frameworks for corporate governance are centred around the delivery of purpose and long-term value, companies do not need to wait for legislation or redrafted codes to act. Companies now have wide stimulus, from both investors and from society, to evolve governance reforms. The challenge should not be underestimated but opportunities should not be underestimated either. Evidence shows that focussing on long-term value creation and treating stakeholders responsibly leads to superior long-term shareholder returns. So, across the world, it is in a company’s interest to outclass and be the driver in sustainable wealth creation.
Smart approach
What is relevant for the recent global corporate governance codes and principles is that the new reforms are timely, addressing two crucial audiences: shareholders and stakeholders. They will respond to investor long-term interests, being complemented by the stakeholder interest, approaching the issues of governance with a view to companies’ broader role – as being responsible towards investors, employers, customers and as a force in society. Culture and ethics are
GLOBAL CORPORATE GOVERNANCE REFORMS Many international codes and processes have been revamped in recent times
evolving: becoming more proactive rather than reactive, focussing on the long term rather than on the short term, considering intangibles rather than tangibles, having a broad vision about the role of the company in the society and consider stakeholders rather than just shareholders. Asia is also aligning, albeit slowly, to the global pace of corporate governance reforms. In Japan, a corporate governance code that took effect in 2015 seeks to make companies more transparent and responsive to shareholders, also giving consideration to the increase in foreign investments in the country. According to the Council of Experts Concerning the Corporate Governance Code of the Japanese FSA, ‘the code seeks growthoriented governance (and) promotes timely and decisive decision-making based upon www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 33
Board Leadership | Governance
Transforming organisational culture Using governance to transform culture, performance and results Many of our most perplexing social problems are addressed by organisations. A significant number of these organisations fail to achieve success because of their organisational culture. The problem is that an organisation’s effectiveness is limited by its culture, yet effecting cultural change is often poorly understood and accomplished.
At Governance Solutions, we have proposed and tested a solution and associated proprietary tools: a strong governance system, grounded in 12 guiding principles, that act as a tool to transform an organisation’s culture, enabling and facilitating effectiveness and success. We can accomplish this because governance and culture interact continually
Dr Debra L. Brown
Chief Executive Officer, Governance Solutions
at every level of the organisation, from its leadership through departments and divisions to the levels of the small team unit and individuals. They do so in these ways:
1
Culture precedes and informs governance. Culture provides the moral dimension and frames governance, providing both a raison d’etre and non-negotiable boundaries to the articulation of a direction for the entity, whether explicitly or implicitly. outcome of culture 2 A– fundamental guiding into the future – is the
fundamental aspect of governance: to set direction. This is not always linear or simple, though: governance attempts to set a direction, then cultural norms react and
respond to this attempt. At times, it does so in a positive and functional way, at times not. Governance then monitors and evaluates progress towards the direction set, making course corrections. The process is both iterative and dynamic. board and/or leaders responsible 3 The for governance are themselves a
micro-culture and the functional or dysfunctional features of boardroom culture play a pivotal role in governance effectiveness. At the top of the organisation, boardroom dynamics can be viewed as the interplay between three aspects of governance: governance structure, culture and behaviours. Here’s the good news! It is because of this all-encompassing interaction between governance and culture that governance can be used as a tool for transforming organisational culture (see chart opposite).
BOARDROOM BEHAVIOURS Cultural power can impact an organisation’s governance choices 34 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
Governance | Board Leadership
Governance is the system by which the organisation is directed and controlled. Culture is a series of largely unwritten and at times unspoken norms within a group of any size that are used, shared, learned, and taught as the collective progresses and solves problems The way we do this is to reframe governance by adopting a principle-based governance model and then employing certain tools designed to apply those principles in an organisational setting. Governance structures are custom-designed to guide, embed and support the principles and, therefore, the culture.
The 12 governing principles
A strong governance system – the system by which organisations are directed and controlled – is grounded in 12 guiding principles. Together these principles provide a comprehensive system. All twelve principles (see page 36) are needed for the system to work as intended. Both governance and culture need to reflect all of them. Remove one and the system becomes flawed. Principles provide the model, but they are not simply a template; they are also the guidelines and tests along the way. More than just a place to start to articulate a corporate governance framework – they embed at every level. Principles are the beginning and the end – they are a mirror image of culture. It is not governance structure that provides the approach to corporate
TRANSFORMING ORGANISATIONAL CULTURE
If...
Governance provides the: ■ System for leadership of an organisation ■ Foundational principles for problem solving ■ Organisational direction ■ The process for creating, embedding and changing culture and governance ■ The source and use of power...
www.ethicalboardroom.com
Then...
■ Governance provides an effective tool for transforming organisational culture
governance and a chosen governance model – it is the principles. Structure is the application of the principles. Everything in governance, and culture, flows from the principles.
CULTURAL TRANSFORMATION REQUIRES THE FOLLOWING... ■ Change at the heart of the organisation and the individuals in it ■ Impetus for change – a legitimate burning platform to engage people in the hard work of cultural transformation ■ Committed and capable leadership and deep understanding of underlying assumptions and cultural norms ■ Shared experience and exchange of ideas in the aspects of culture requiring change ■ A vision for the future and a proactive plan for moving the organisation from the past, through the present and into that envisioned future ■ Common underlying principles that everyone can agree to – these are the non-negotiables ■ Education, coaching and mentoring aligned with the preferred cultural future ■ Consistency in leadership, group dialogue and constant communication ■ Process and structure designed to formalise cultural norms and expectations ■ Orientation programmes for new members
Autumn 2017 | Ethical Boardroom 35
Board Leadership | Governance
THE 12 GOVERNING PRINCIPLES© The principles Stewardship and Leadership
Authority and Accountability
Accomplishment and Measurement Communication and Integrity
Continuous Learning and Growth Justice and Service
The governance definition & objectives Stewardship: To be entrusted with the care and oversight of resources that do not belong to you — the concept is that the stewardship of those resources will lead to the benefit of both the resources and the owner Leadership: To be a leader is to rule, lift, or carry something (whether a burden or the hopes of others) with a significant sense of the meaning of leadership to guide and teach others to know and understand things they would otherwise not have known Objective: To facilitate the allocation of large amounts of capital to talented specialists (to the most effective uses) Authority: To have right to rule, control, govern, and decide about everything one has stewardship over Accountability: To be answerable for how well a person has led or carried through on the stewardship of those things they have been given authority over Objective: To facilitate effective entrepreneurial and prudent management and reduce agency costs in the organisation Accomplishment: To bring something to its rightful completion, a completion that includes producing of results Measurement: To be measured against standards and targets Objective: To add value to assets and enhance owners’/members’/shareholders’ value Communication: To listen, perceive fully and understand what is heard and then acting on and speaking out in appropriate ways, based on that understanding Integrity: To be complete — in every part — perfect and without error or blame in entirety Objective: To enhance investor and/or donor understanding and confidence Continuous Learning: To be engaged in a process of active discovery Growth: To have the expectation of increase Objective: Improving economic efficiency and growth Justice: To enact both the letter and the spirit of the law — to judge a matter just, while being fair in the treatment of others and in the application of the law Service: To be actively engaged in labouring in the service of others Objective: To act for the good of the community
Transforming culture
Change is the one constant of culture. Culture is hard to change while at the same time it is dynamic and ever-changing. Transformational governance – governance that can be used as a tool to transform organisational culture (see chart below) – is about more than incremental or continuous change. We can begin the journey towards real transformation through: ■ Understanding what culture and governance are ■ Applying the principles that underline them ■ Engaging in shared dialogue to build agreement ■ Creating structure to support those agreements
THE TRANSFORMATION SYSTEM
Orientation
Un de rs
Common frame comprised of core values and beliefs – the foundation of BOTH culture and governance
Dialogue
m en t
a rm Fo
lis at ion
Structure
There is no single right governance model that fits all situations, because each of the dimensions on which governance models are arrayed involves a trade-off between two opposed outcomes – they are in tension with one another. The same holds true for the dimensions of culture. By applying the principles of governance: better informed choices can be made; the optimal balance can be found for each of the dimensions of governance and culture to deal with the
current and emergent situation; alignment will be built throughout the organisation; and organisational culture will be transformed with positive affect. Shared experience is at the heart of culture formation, forming, embedding and sustaining it. Maintaining momentum by meeting together – sharing an experience – toward a common purpose is an essential element of cultural transformation. It is through shared experience that people create: a shared vision, mission and values; agreement on the non-negotiables that will be the foundation and guide for how people in the organisation relate together; a common understanding and frames – common lenses through which they view the organisation; and, importantly, results!
THE RESULTS YOU CAN EXPECT Growth in the Organisation ■ Organisational culture that is deep and broad globally ■ Significant organisational impact
ing nd ta
Aw ar e
Education ss ne
■ Orienting the existing and new team members to the principles and supporting structure ■ Providing continuous education in their application ■ Repeating the cycle as necessary
e re Ag
36 Ethical Boardroom | Autumn 2017
Transformation of the Organisational Culture ■ Measurable changes in organisational culture dimensions Improved Organisational Performance Result ■ Growth in staff, resources, products and/or services ■ Growth in financial resources Implementation of New Governance Structural Tools ■ Applying tools aligned with The 12 Governing Principles© Change in Governance Principles ■ Build on the foundation of The 12 Governing Principles© www.ethicalboardroom.com
Global News The Americas
Women welcomed to Canadian boardrooms Kapoor steps down Women are starting to make inroads into the boardrooms of Canadian public companies, but progress is ‘far too slow’, according to law firm Osler. Osler’s third annual Diversity Disclosure Practices Report 2017 found that the number of companies without any women on the board fell to 37 per cent in 2017, down from 46 per cent in 2016. The proportion of boards with one woman or three women has increased, with the average number of women directors per company climbing to 1.13 — compared to 0.96 in 2016. “Now that over 63 per cent of companies have at least one woman director, it is time to drag the rest along by mandating that every board with four or more directors have at least one woman director,” commented Andrew J. MacDougall, report co-author and corporate governance practitioner at Osler, Hoskin & Harcourt LLP.
US director pay outpaces ‘average American wages’ Boardroom pay at US companies has risen nearly 20 per cent, twice the gain of the average American worker, according to corporate board data company Equilar. An analysis of the 500 largest US-based companies by revenue found that from 2012 to 2016, the median annual compensation for board members rose 19.5 per cent, to $245,000. In comparison, average hourly wages for workers at US companies climbed 9.5 per cent from the end of 2012 to 2016, according to the US Bureau of Labor Statistics. Equilar’s data also revealed that Regeneron Pharmaceuticals paid its directors the most in 2016 at almost $2.1million, followed by Tesla at nearly $1.7million and Goldman Sachs in third at $575,000.
Boardrooms are ‘dismissing’ environmental issues Many directors at US companies think environmental, social and governance (ESG) issues are not a big deal for their organisation, according to PwC’s 2017 Annual Corporate Directors Survey. The survey of 886 public company directors from across the US found that many directors don’t think ESG issues should be taken into account when forming strategy: 40 per cent say they don’t think climate change should play a role and 29 per cent say the same about resource scarcity. In fact, 42 per cent say they won’t need to change their company strategy in the next three years because of environmental concerns. The PwC report warns that ‘directors need to understand how the company addresses ESG issues in its risk mitigation and long-term growth plans — and be ready to talk to investors about it’. 38 Ethical Boardroom | Autumn 2017
from Insys board
John Kapoor, the billionaire founder of pharmaceutical company Insys Therapeutics Inc, has resigned from the company’s board of directors after being named in a fraud and racketeering case. Kapoor, Insys’s majority shareholder, has been added as a defendant in a case against six former Insys executives and managers, including former CEO Michael Babich. Seventy-four-year-old Kapoor, who has been charged with engaging in conspiracies to commit racketeering, mail fraud and wire fraud in an indictment filed in Boston’s federal court, has denied any wrongdoing. He said: “I am confident that I have committed no crimes and believe I will be fully vindicated after trial.”
Food giants pledge to protect Brazilian Cerrado Leading food companies have committed to help safeguard Brazil’s tropical savannah, the Cerrado, ‘within a framework of good governance and land planning policy’. Twenty-three major retailers and food groups, including Walmart, Marks & Spencer, Sainsbury’s, Carrefour, McDonald’s, Nando’s, Nestle and L’Oreal, have signed up to a new resolution to halt the destruction of the Cerrado. The alliance has called for a system that ensures that any future agricultural development takes place on land that has already been degraded, rather than converting virgin soil to farming. The Cerrado is a biodiversity hotspot and home to more than 800 bird species and 11,000 plant species and essential for water and rainfall across Brazil. www.ethicalboardroom.com
Direct to your Door! Email our team now at subscriptions@ethicalboard.com
South America | Codelco
Codelco’s covenant of trust
The Chilean state-owned copper miner is committed to transparent and auditable management Due to its impact and importance at both the national and international level, its importance for the development and global prestige of Chile, its financial and fiscal importance, its size in the copper market, and its general influence, Codelco – the world’s largest producer of copper – must always be adopting and implementing the best corporate practices available.
Under this imperative, the company’s board, senior management and community of employees are committed to a steady path of excellence – giving the highest priority to continually implementing incremental standards of transparency, corruption control, limitations to lobby and conflict of interest firewalls. We believe that ‘getting it right’ not only implies rigorous strategic planning, highquality engineering, sustainable operations
2009
The ‘tip-off line’ was established, which processes an average of 280 anonymous complaints per year under the supervision of the audit committee of the board of directors
2010 2010 2011
The corporate governance code was approved and launched
The policy of controls on business with habitual counterparts was approved and 2015: Codelco corporate regulation 18 (NCC 18) was updated and improved, regulating control, authorisation and reporting under the regulations of the Superintendence of Securities and Insurance (SVS) – the Chilean Securities & Exchange Commission – of operations with companies with ‘related parties’ (relatives of Codelco employees or officials) 40 Ethical Boardroom | Autumn 2017
Oscar Landerretche
Chairman of the Board of Codelco and credible mining plans; nor is it merely a question of cutting operational costs and increasing productivity. It is not enough to design investment agendas that are efficient, cost-effective or that meet deadlines and budgets; nor are the introduction of technologies and the adoption of high socio-environmental management standards sufficient. All this is of the utmost importance, but it is not enough if it is not accompanied by other essential elements: a professional corporate governance, an ethical management of our resources, and the construction and development of a corporate culture in which transparency, equal opportunities and good practices are central.
Security changes
All of this has been achieved over the last few decades, but Chilean mining, including Codelco, has undergone another transformation in that period too, - in respect of operational security. The innovation of
processes and procedures carried out in the struggle for this objective has been dramatic, involving, in many cases, a paradigm shift in operational culture. The results have been exceptional and both Codelco and Chilean mining today show safety indicators that rival and even surpass mining operations in developed countries. This process involved changes in rules and processes, regulations and practices, customs and procedures, but would have failed if not accompanied by a policy aimed at generating a cultural change within the corporation. This policy is expressed in a series of rituals that are practiced every day at Codelco and serve to signal the importance it has for our company. What this board and this administration has sought is to generate a similar change: operational and cultural, institutional and human, in the areas of transparency, equal opportunities and good practices. Codelco is a state-owned company, owned by all Chileans. The way in which the company is managed and the way in which it communicates, explains, controls, audits and evaluates itself must assure all the
2011
2014
2011 2012
2014
The format of the SVS corporate governance and practices reporting standards was adopted (NGC 385) Codelco’s charter of corporate values was developed and promulgated Codelco certified its crime prevention model under Law No. 20,393, on criminal liability of legal persons, prevention of bribery, financing of terrorism and drug trafficking
2012 2012
The system of control on labour, ethical and contractual standards for contractors was created and approved The allocation and use of resources by the board of directors was regulated and capped
A transparent and traceable system of management and registration was established for external requests of work, hiring, firing, downsizing, dismissals, supplier audiences and contract assignments Rules were defined to make transparent and more systematic the relationship between the members of the board of directors and the senior management of the company
2014
A policy was implemented that limits direct allocations and private tenders to the minimum compatible with efficiency. Today, less than two per cent of the contracts are directly allocated and 47 per cent of tenders are public, both figures reflecting a very demanding standard and a historic record for the corporation
www.ethicalboardroom.com
Codelco | South America citizens of our country that the work is done in defence of their interests and values. The guarantee that the decisions that are made by the company are always made exclusively privileging the interest of the country and that resources are not diverted, altered or modified by special interests. Our goal is to sustain this conviction amongst our citizens.
Commitment to getting it right
Codelco must reflect, both internally and externally, that it works within a modern, professional and auditable management framework. We must radiate inward that our company is committed to raising its standards of good corporate governance, probity, management control and transparency. And that is why we will continue to promote policies, but mainly good practices, that inspire us to act with professional and ethical rigour in all instances and at all levels of the corporation. At the same time, we will continue to move towards more transparency and more accessibility to our information and data. It is no longer enough for companies to declare their good intentions; today’s citizens require concrete facts and measurable results. That is why we have promoted and generated a policy and culture of greater transparency, which commits the company to publish and disseminate data, indicators, documents and archives of public interest, in a proactive, voluntary, updated, accessible and
understandable way that goes beyond what is required by law. It is, however, important to understand that there are legal and commercial limits that protect the confidentiality of certain contracts. Therefore, the commitment to transparency is limited only by commercial privacy of business counterparts and respect for the personal privacy of its workers. This balance is critical so that the culture of transparency is sustainable in the long term and not a transitory flare. Codelco is a company with a leadership role in Chile. That is why our company has self-imposed standards that reflect the kind of country that all citizens want to build, even if it means going beyond the rules and regulations established in current regulatory frameworks. At present, the citizens of our country, but also around the world, are demanding greater standards of transparency, probity and good practices from private businesses and public institutions, from companies and governments. Codelco is at the intersection where business and government, public and private, productive and social concerns converge. It’s a company with a leadership vocation placed on it by its history at said intersection and should anticipate these trends to help shape them. The road started in recent years has no return. At Codelco we have driven a profound transformation. In this process, which covers the entire organisation, both from a functional perspective and from the
perspective of personal responsibilities, there are specific areas in which we encourage long-term changes of focus. Since the signing of Codelco’s 2009 Corporate Governance Law, the company has advanced at breakneck speed in fullfiling the objectives of that bill listed in the panel below chronologically. As you can see, Codelco has achieved, under its current corporate governance, high standards of control in keeping with the principles of efficiency, efficacy, and probity. In many respects these standards are higher than those prevailing in the Chilean government and in most Chilean private companies. This shows that the 2009 reform was a tremendous breakthrough for the company, that has allowed Codelco to quickly advance these standards. It is true that in a large company, such as Codelco, with about 20,000 employees and with thousands of commercial transactions a year, there have been and probably will be people who will make errors and even, from time to time, those who will violate norms, regulations and standards, and even people who will attempt to betray public trust. However, thanks to the best practices and management standards that have been implemented in recent years, the occurrence of such events is significantly less likely, less probable and less frequent. This is what we can promise our citizens. This is our covenant. It is a critical one for our country. LIQUID ASSET Chile is the world’s largest copper producer
MINISTRO HALES MINE IN CALAMA It produces 200,000 tonnes of metal a year
2015
The obligation to subscribe to a ‘conflict of interest disclosure form’ for all those who handle contracts with third parties was introduced (approximately 2,000 people) New and strict rules were defined to restrict lobbying of Codelco and to prohibit the reception of corporate gifts of significant value
2015 2015
Any contracting with ‘politically exposed parties’ (PEP), including politicians, their staff and family was regulated. In all cases, it requires the express approval of the board of directors
2015
Any contracting with ‘persons exposed to Codelco’ (PEC), that is, former employees of the corporation, in all cases requires the express approval of the board of directors www.ethicalboardroom.com
2015
The corporate legal councillor office was reformed, centralising its management to assure validity and coherence of corporate standards in all of Codelco’s territorial divisions
2016
2015
Codelco’s internal audit unit was drastically strengthened, and its dependence shifted so that it now works directly for the audit committee of the board of directors with complete independence from senior management
2015
The board’s audit committee was assigned the task of directly supervising the corporation’s risk management and control function
2015
A policy of full compliance with the modern standards of corporate transparency required in public and private spheres was established. As a result today, Codelco is classified as the most transparent public company and one of the four most transparent (including private) companies in the country
Codelco’s internal comptroller’s office was reformed, separating its functions from those of accounting and emphasising its exclusive dedication to risk control and management
2016
Management and probity control policies and measures were made compulsory for all subsidiaries where Codelco has majority control
2017
A permanent audit programme was created specifically to regulate and limit ‘miscellaneous payments’, ensuring that these discretional accounts are used by local company officials for emergencies and specific requirements Autumn 2017 | Ethical Boardroom 41
The Americas | AVANGRID WIND POWER AVANGRID develops projects that promote environmental sustainability
AVANGRID: Utility of the future
Transparency and continuous improvement are the cornerstones of the energy giant’s corporate governance AVANGRID, a leading sustainable energy company, has developed a unique corporate governance system inspired by and based on a commitment to ethical principles, transparency and continuous improvement that reflect its role as the ‘utility of the future’. Driven by the vision of being a leader in the energy sector, through service and innovations that make reliable, sustainable and cleaner energy a reality for millions of customers across the US, AVANGRID’s corporate governance system is integral to this corporate mission and the creation of sustainable value for society, customers and shareholders.
Powering up
Formed in December 2015 through the merger of Iberdrola USA, Inc. and UIL Holdings Corporation, AVANGRID has more than $31 billion in assets and operations in 27 states. AVANGRID owns network utilities and renewable power facilities through two primary lines of business, Avangrid Networks and Avangrid Renewables. Avangrid Networks is comprised of eight regulated electric and natural gas 42 Ethical Boardroom | Autumn 2017
R. Scott Mahoney
Senior Vice President, General Counsel and Secretary; Chief Compliance Officer of AVANGRID companies, serving approximately 3.2 million customers in New York and New England. Avangrid Renewables operates more than six gigawatts of owned and controlled renewable electric generation capacity, primarily through wind and solar, in 22 states across the United States. AVANGRID is the third largest owner/ operator of renewable energy in the US. AVANGRID’s corporate structure forms an essential part of its governance system, supporting a business model that promotes operational efficiency and implements best practices, while ensuring the proper checks and balances are in place. At the top of AVANGRID’s corporate structure is a holding company that consolidates the two AVANGRID subsidiaries (Avangrid Networks and Avangrid Renewables) that hold AVANGRID’s primary lines of business. These, in turn, hold their respective wholly-owned subsidiaries that operate AVANGRID’s primary lines of business. This structure promotes an agile and rapid decision-making process in day-to-day management, while achieving appropriate coordination and supervision at the
AVANGRID level. Management power is not centralised within a single governance body or officer, but rather is decentralised among the boards of directors of AVANGRID’s subsidiaries. AVANGRID engages an independent auditor annually to verify the effective application of this system of checks and balances, as part of an evaluation of the operation and performance of the board of directors and its committees.
A culture of ethics and transparency
Under the leadership of its chairman of the board of directors, Ignacio S. Galán, and its chief executive officer, James P. Torgerson, AVANGRID’s vision is to be a leader in the energy sector, providing reliable service for its customers with a commitment to the wellbeing of its communities. AVANGRID’s core values of ethical principles, good governance and transparency are fundamental to this vision. While only in its second year as a publicly-traded company, AVANGRID has implemented an extensive suite of policies and procedures that form the framework of AVANGRID’s governance, ethics and compliance programme and reflect best practices in both the United States, and internationally. Although not customary in the United States, all of the policies adopted www.ethicalboardroom.com
AVANGRID | The Americas by the AVANGRID board of directors are publicly available in the corporate governance section of AVANGRID’s website at www.avangrid.com. In furtherance of this commitment to transparency, AVANGRID makes publicly available on its website annual reports on ethics and compliance and an annual report on the activities of the audit and compliance committee of the board of directors, which includes an assessment of the committee’s performance. AVANGRID supports this commitment to corporate governance best practices through a robust ethics and compliance programme implemented by an independent, permanent division directly supervised by the audit and compliance committee of the board of directors. The compliance division is responsible for overseeing regulatory compliance and fostering a preventive culture, which is committed to zero tolerance for corruption in connection with its business activities.
generation capacity. This includes AVANGRID’s deployment of smart meters, with more than one million currently installed and plans for an additional 1.8 million more over the next five years; and AVANGRID’s generation of approximately 86 per cent of its energy production from wind and solar renewable resources. Similarly, AVANGRID’s corporate governance system is continuously being reviewed for opportunities for improvement. The annual independent audit of its governance system includes an assessment of how AVANGRID’s practices compare to peers as well as key leading governance indicators. Through this constant process of review and improvement, AVANGRID continues to develop its robust governance system and incorporate the best practices in the United States and international markets. As part of this effort, AVANGRID launched a year-round shareholder engagement programme in 2016 to enable management
Through a constant process of review and improvement, AVANGRID continues to develop its robust governance system and incorporate the best practices in the United States and international markets
new compensation, nominating and corporate governance committee, the implementation of a majority voting standard in uncontested director elections, and an increase in the minimum number of independent members of the board of directors. Partially due to this extensive engagement programme, approximately 99 per cent of all issued and outstanding shares were present in person or by proxy at the 2017 annual meeting of shareholders. AVANGRID shareholders overwhelmingly supported all items proposed by the board of directors, voting to reelect each of the 14 members of the board of directors and approving all other items proposed, with at least 99 per cent of the votes cast in favour of each proposal. AVANGRID’s commitment to ethical principles, good governance and transparency has been recognised within the energy industry and the business community. In 2016, AVANGRID’s businesses in Connecticut were awarded Corporation of the Year by the Greater New England Minority Supplier Development Council and its businesses in New York and Maine were named Utility Customer Champions by the Market
AVANGRID HEADQUARTERS The company delivers energy services to 27 US states
Extensive engagement and continuous improvement Continuous improvement is one of AVANGRID’s core values and is a hallmark of its corporate governance system. AVANGRID is constantly looking across its business to identify and implement best practices that focus on building a diversified and sustainable business that delivers value to shareholders. AVANGRID is committed to the modernisation of the electric grid and transformation to a low-carbon, more reliable and efficient energy system. In particular, during the last two years AVANGRID has made significant investments in grid automation and modernisation and the expansion of wind and solar www.ethicalboardroom.com
and the board of directors to understand the issues that matter most to AVANGRID’s shareholders and address them effectively. AVANGRID reached out to holders of approximately 92 per cent of the company’s outstanding shares throughout 2016 and had discussions covering corporate governance, executive compensation, director skills and refreshment, and the board’s role in oversight of critical issues for the company. The board of directors carefully considered shareholder feedback and took a number of actions to enhance the company’s corporate governance system. These actions included the election of two new independent directors in July 2016 (each of which was overwhelming reelected by shareholders in 2017), the establishment of a
Strategies International in the 2016 Utility Trusted Brand & Customer Engagement study. Additionally, AVANGRID was recently recognised for the second consecutive year as the North American utility with the best corporate governance practices for 2017 by this publication. In 2016, during AVANGRID’s first year as a company listed on the New York Stock Exchange (NYSE), NYSE Governance Services recognised AVANGRID’s governance and compliance programme and named AVANGRID as a Finalist in the Best Governance, Risk and Compliance Programme in the Large-Cap Company category at the NYSE Governance Services’ third annual Governance, Risk and Compliance Leadership Awards. Autumn 2017 | Ethical Boardroom 43
Board Governance | Auditing EDUCATION MATTERS Lifelong learning is an auditing imperative
Lessons learned by an auditor A couple of years ago in a moment of unusually low work demands and perhaps even lower enthusiasm, I decided my goal for that day was to determine exactly how far I was through my career, working on an artificially-imposed retirement age of seventy. Being a sprightly mid 40-year-old gentleman at the time, I realised that I was just before halfway through my career, which had started as a freshman undergraduate accountant at KPMG on a hot summer day in Melbourne, Australia, in December 1988.. This realisation that my career was not even halfway through was quite a daunting moment because it raised the ghost of every university career counsellor shouting ‘well, what are you going to do with the second half?’. As I sat there staring at the accoutrements of this wonderful beast called a career I, however, chose not to reflect on the next stage of the journey but rather on the decades past. What was it that I had learned and what was it that I still had to learn? I realised that there were eight key governance, risk and audit lessons omnipresent in my wonderful journey in some of the world’s great corporations. I wrote them down on a piece of paper to serve as a lighthouse through the rough waves and calm waters that inevitably the next decades will bring. They were: 44 Ethical Boardroom | Autumn 2017
Education never ends if you’re to stay ahead in the auditing world Tom McLeod
Managing Consultant, McLeod Governance
1
You can never stop learning I remember the day very clearly when I became a chartered accountant. With great glee, I exalted to all who cared to listen that that was my last ever exam; that there would be no more tests for me. Unfortunately, or more precisely fortunately, my older brother – long used to being the passive recipient of my extravagant claims – quietly mentioned that that may be the last time I took pen to paper (it wasn’t; an MBA followed) but that I was now entering a world where the great sought out new learnings; sought out new tests each and every day. How right he was that this is the cornerstone of a rich career. When the day comes that the 25 years hence equivalent of a retirement gold watch is handed out and the speeches are said and done I want to be leaving the world of corporate meanderings and intrigue wanting to know that one piece of information more. That will be a career well finished. is a wonderful window 2 Audit on to the world of business
I have to start this observation with a confession. Despite now having spent more
than a quarter of a century in a field of endless fascination to this simple mind, I hated audit at university. I detested the whole thing. I cared not for the accuracy of financial statements or the intimacy of a good sample. Taxation advice was then for me where the real accountants ventured. And then one day a lecturer said to me ‘why do you hate audit’? My answer was along the lines that I sought the riches that would be bestowed on a world-class tax minimiser. Sensing that I was not as superficial as my glib response suggested I was, he asked again ‘why do you hate audit?’ I had wanted to hate audit because that is what everyone else did. It had a bad rap and I was keen to jump onto the bandwagon of moral superiority. What I did not realise then but surely do now is that audit is a wonderful window on to how a business operates. You may not have the depth of knowledge of a process gleaned from years of constant rework – instead, you have a breadth of experiences that remind you that issues in marketing are not all that dissimilar to the challenges that human resources are having on the floor above. greatest value as a risk 3 Your advisor is as a facilitator
Were I asked tomorrow, I could go to the candidate market in any major world city and find by the close of business probably 50 risk advisors that – on paper – would serve their organisations well just based on their qualifications and declared experience. But of those 50 risk advisors there would be only two, perhaps three, that would really www.ethicalboardroom.com
Auditing | Board Governance add value to their organisations. They are the ones that are the great facilitators. By that I don’t (only) mean that they can host a good, interactive workshop. Rather, the memorable facilitator that I seek is the person who can move ideas and thoughts throughout an organisation with an invisible hand. It is the person who knows when the lawyer needs to speak with procurement; that the board member needs to spend time on the factory floor with the knowledgeable supervisor. This may sound self-evident but it is a skill that is often lacking – for the simple reason that it forces the risk advisor out of their comfort zone. You are no longer just writing reports with the feeble hope of some future audience. You are creating an environment where real value exists; where an idea of one married with a thought of another may create something new and valuable.
4
Be prepared to ask how the internet actually works Surely, you say, that after 25 years, any self-respecting business person knows how the internet works. Well, I guess we all do… now. But that wasn’t always the case and my experience about eight years into my career is a warning tale of note. I was asked to complete an audit of a manufacturing company’s e-commerce approach. I (thought I) knew how to audit. I knew a little bit about commerce, given that I had spent four years enriching my mind at one of the region’s great universities. But what exactly was the e in front of the commerce thing? I was too scared to ask for fear of exposing my ignorance and lack of worldliness. So, I preceded to undertake what I suspect (know) was my least useful piece of work in my whole career. I added even less than no value. I had wasted everyone’s time and had delivered a review that was a testament to my ego. I vowed that day that I would never again be embarrassed to ask the modern-day equivalent of how the internet works. And just before you think that this observation is not relevant today, ask yourself how would you explain (or audit) blockchain? wants to be part of a 5 Everyone fraud investigation. Don’t let them
There is an expressway car crash phenomenon that happens when a fraud is identified within an organisation. Everyone slows down and wants to have a look and, by doing so, they make the job of the first responders more difficult. Anyone that has ever investigated corporate fraud will likely attest that in that first hour/day/week after awareness there are always too many people to update; too many people that want their opinions heard, even when their opinions are a distant relative to the actual need for their opinions to be heard. www.ethicalboardroom.com
Your role as the fraud investigator is – like the first responder to accident – to get to a scene quickly and then – also just like a first responder – respectfully but forcefully tell those who don’t need to be there to move on; nothing to see here. A memorable moment in my career to date was when a very senior manager was insistent that on the first suggestion of corporate misadventure that the person so accused be marched out of the offices immediately. The discussion about the importance of due process (and the possibility that the initial indicators may have been wrong) were very telling. What I only realised later is that they wanted to be part of the biggest show in town as they were certain that that response would show that they were a strong leader who had zero tolerance. (As an interesting aside, months later that same leader was accused of wrong doing. Due process all of a sudden became very important).
6
When there is a restructure/ fraud/major event – respect the organisational grief cycle My learned friend Wikipedia helpfully reminds me that the Kübler-Ross model of the five stages of grief, postulates a series of emotions experienced by terminally ill patients prior to death, or people who have lost a loved one. These five stages are denial, anger, bargaining, depression and acceptance. Just as they are real concepts in such personal traumatic circumstances, they are also very evident in organisations
Taking the time to properly educate your workforce is an investment that will have an incredibly long tail. Not only do the immediate recipients understand that they are being looked out for, but, more importantly, the organisation is setting up an environment of continuous improvement that are experiencing major corporate stresses – be they a restructure, a heinous fraud or another major event. A risk and audit professional is well advised to consider the five stages of grief when they seek to impose a stronger or different control environment on the organisation. Try imposing your will at the moment of immobilisation immediately after you hear of the traumatic news and you will spend an inordinate amount of time seeking to do what – had you waited – could have been done in a much shorter time when the person has accepted the situation. Respecting the organisational grief cycle is not as easy as it
suggests as you do have that always present managerial imperative to move things forward. Proceed with caution. best board members 7 The are those that listen
The best board members are not those who need to tell you that they are important or who overly intervene in the management of the organisation’s affairs. They are the ones who listen. A board member who listens isn’t a board member who is silent. They just know when to speak and when to be quiet. They synthesise information; they seek out alternative views; they are not immediately judgmental; they bring to the boardroom table their experiences from other organisations without seeking to suggest that those experiences are somehow better than those that are before them presently. is a silver bullet 8 There – it is called education
Some time since that day when my father drove me to my first day of work, workplace education morphed from training to learning and development to engagement. Call it what you want. If you want to truly have a high-performing organisation that is cognisant and understanding of how best the organisation should be managed, then invest in education. Taking the time to properly educate your workforce is an investment that will have an incredibly long tail. Not only do the immediate recipients understand that they are being looked out for, but, more importantly, the organisation is setting up an environment of continuous improvement. Resist with all your might when a cost-cutting focussed manager says that there is no return on education. Our classic one is fraud awareness training. There is always one manager that will argue that because we have had no recent frauds then we don’t need to invest in fraud awareness training. They never stop to think that it is because we have invested in fraud awareness training that you don’t have any frauds. When the sun sets on our career it is too late to divine the lessons that the journey has gifted us. My strong encouragement to all who are reading this is to take the time to codify the great teaching moments. You may be the only student to study those lessons but the value will be immeasurable. If the first half of the career is any indication, then retirement day in the late 2030s will come around quicker than one can even begin to imagine. It will be for others to judge whether I have added value in a manner that is befitting of the opportunities that I have been presented with. Until then, may I be blessed with good health, strong curiosity, a sound mind and a business world that values not only what my governance, risk and audit skills can bring to it, but also the way that I have gone about it. Autumn 2017 | Ethical Boardroom 45
Board Governance | Oversight THE NUMBERS ADD UP PCAOB is expected to add value to financial reporting processes
PCAOB: Minding the GAAP In the world of financial regulation, the US Public Company Accounting Oversight Board (PCAOB) is controversial. Created by the Sarbanes-Oxley Act of 2002 (SOX) after the Enron and WorldCom accounting scandals, many question whether it adds value to the financial reporting process.
At the heart of the debate is the reliability of companies’ financial statements. While it is the independent auditor’s job to check whether financial statements comply with generally accepted accounting principles (GAAP), auditors are typically paid by the companies they audit and managers often have significant influence in auditor selection. As a result, sceptics question the ability of auditors to stay unbiased and worry that auditors could be influenced by the demands of the companies they audit. Adding to this issue is the lack of transparency in the auditing process. It’s hard for investors to know how much effort the auditor put into ensuring that the financial statements of companies comply 46 Ethical Boardroom | Autumn 2017
Is auditor regulatory oversight beneficial for public companies? Nemit Shroff
Associate Professor of Accounting, MIT Sloan School of Management with GAAP. In general, the auditor’s report provides investors only a pass/fail opinion regarding the financial statement’s compliance with GAAP, leaving investors with little information regarding any critical reporting issues that required significant auditor judgement. Advocates of the PCAOB maintain that a public regulator increases confidence in an audit by inspecting the work performed by auditors, ensuring that the process conformed to certain minimum standards of quality and independence. However, critics contend that PCAOB inspectors do not have the expertise or incentives to evaluate the quality of an auditor’s work.
Confidence booster?
To get to the bottom of this issue, I conducted a study that looked at whether PCAOB
oversight of a company’s auditor increases investor confidence in the audit process and, ultimately, audited financial statements. Since one of the primary purposes of external financial reporting is to facilitate the exchange of capital between companies and investors, I wanted to see (and measure) if companies whose auditors are inspected by the PCAOB are able to raise additional external finance as a result of their auditors’ PCAOB inspections. Further, I looked at whether companies are able to subsequently increase capital expenditures with the increased access to external finance (if any). I used the PCAOB’s international inspection programme as a setting to test the effect of its oversight. SOX requires the PCAOB to inspect the auditing procedures of all auditors that participate in the audit of companies registered with the Securities and Exchange Commission (SEC). This means non-US auditors are subject to PCAOB oversight if the auditor has even one client that is registered with the SEC (e.g. since BP’s shares are cross-listed in the US, its independent auditor, EY-UK, is subject to PCAOB inspections). The big benefit of using the international inspection programme is that I can compare two companies of very similar sizes, performance and growth in a
www.ethicalboardroom.com
Oversight | Board Governance specific country but only one of whose auditor is inspected by the PCAOB in a given year. I constructed a sample of non-US companies from 35 countries whose auditors were inspected by the PCAOB at different points in time since the inception of the inspection programme in 2005. The study suggests that PCAOB inspections are good for companies and investors. Companies whose auditors had no deficiencies identified in the audit process raised significantly more external capital following the disclosure of the PCAOB inspection reports. The increase in capital amounted to 0.5 per cent of their assets, which is equal to approximately a 10 per cent increase in the average amount of external capital raised. While not all companies raise capital, the ones that do tend to raise 10 per cent more after a PCAOB inspection of their auditor. The increased capital is due to companies issuing additional debt and equity following the disclosure of their auditor’s positive PCAOB inspection report. The data also show that companies use these additional funds to increase investment. Companies whose auditors were inspected by the PCAOB increased capital expenditures by 0.3 per cent of assets, which is equal to about six per cent increase in the average annual capital expenditures.
contingent on the content of the PCAOB inspection report. Companies raise significantly less capital and issue significantly less debt and equity capital when the PCAOB report reveals problems with the independent auditor’s auditing processes. Figure 1 plots changes in the amount of external capital raised by companies following the PCAOB inspections of their auditors (conditional on the auditor
Findings show that the PCAOB adds significant value to the financial reporting process. It benefits investors and companies and helps auditors gain market share receiving a clean PCAOB inspection report, i.e. one without a Part I Finding). Similarly, Figure 2 plots the changes in the amount of capital expenditures incurred by companies following the PCAOB inspections of their auditors (conditional on the auditor receiving a clean PCAOB inspection report, i.e. one without a Part I Finding). The figures also plot two-tailed 90 per cent confidence interval around each point estimate of the PCAOB effect to help assess the statistical significance of the effects.
Highlighted problems
Not surprisingly, the extent of this impact is
FIGURE 1 The sum of debt and equity issuances in a year scaled by total assets
0.035 0.025 0.015 0.005 -0.005
t-4
t-3
t-2
t-1
t
t+1
t+2
t+3 t+4 & later
-0.015 -0.025
A company’s fiscal year relative to the disclosure of its auditor’s PCAOB inspection report, where ‘t’ is the year in which the inspection report is made public.
-0.035
FIGURE 2
Annual capital expenditures scaled by total assets
0.035 0.025 0.015 0.005 -0.005
t-4
t-3
t-2
t-1
t
t+1
t+2
t+3 t+4 & later
-0.015 -0.025 -0.035
www.ethicalboardroom.com
A company’s fiscal year relative to the disclosure of its auditor’s PCAOB inspection report, where ‘t’ is the year in which the inspection report is made public.
Both figures show that the financing and investing patterns of companies significantly change once their auditors’ PCAOB inspection reports are made public. Since the PCAOB inspections occur in different years for different auditors, the patterns observed below are very unlikely to be explained by general economic or industry trends, or changes in the availability of capital over time. Another finding was that financially constrained companies (i.e. smaller companies and those that do not pay dividends) increase external financing and capital expenditures by a larger magnitude in response to their auditors’ PCAOB inspection report than financially unconstrained companies. This means that firms below the median size in each country benefited the most.
Market share
Finally, in a separate study, I examine whether companies respond to these capital market benefits of hiring a PCAOB-inspected auditor by switching auditors if their incumbent auditor is not subject to PCAOB oversight. Since only a subset of public company auditors in every country (besides the US) participates in the audit of a US cross-listed/listed company, only this subset of auditors are subject to PCAOB inspections. I examine whether PCAOB-inspected auditors gain market share at the expense of those not inspected by the PCAOB. As expected, I find that PCAOB-inspected auditors gain four to six per cent market share from those not inspected by the PCAOB and these auditor market share gains occur only when auditors receive a clean PCAOB inspection report. While several prior papers examine the effect of PCAOB inspections, my studies are the first to show that such oversight has significant effects on corporate finance decisions and to document the magnitude of those effects. By doing so, the paper also documents the spill-over effect of US securities regulation on companies operating outside the US, finding that non-SEC registered companies derive economic benefits from PCAOB oversight. The finding that PCAOB oversight has spill-over effects outside the US is relevant to European companies and auditors, some of whom benefit from these effects. In summary, my findings show that the PCAOB adds significant value to the financial reporting process. It opens the black box of auditing via auditor inspection reports, which benefits investors and companies and also helps auditors gain market share when some of their peers aren’t subject to similar oversight. So, to answer the question of whether the PCAOB inspections are worthwhile? This study suggests that the answer is a resounding yes. Autumn 2017 | Ethical Boardroom 47
Board Governance | Trust COMMITMENT TO GETTING IT RIGHT Promoting business integrity through strengthened corporate governance
In governance we trust “Happy families are all alike; every unhappy family is unhappy in its own way,” wrote Leo Tolstoy in the opening lines of Anna Karenina, preparing the reader for the tragic fate of Princess Anna’s marriage to Count Karenin. It is a stark reminder that for a marriage to succeed it has to juggle many moving parts, any one of which can send the relation out of equilibrium in a different direction. A similar claim could be made about firms’ governance. For governance frameworks to be effective, they have to find the right balance of a number of challenging aspects in a way that suits the features of the individual firm. Get one of them wrong and bad things will happen, sooner or later.
Impact of misconduct
Corporate misconduct is unfortunately a ubiquitous and gloomy by-product of bad governance in today’s markets, so there is no need to describe it here. It may suffice to say that, to a degree, we have become rather unemotional about breaking news regarding the latest scandal, as well as to the sheer magnitude of some of the consequences. One is the impact on trust, not only in business, but on trust in institutions more generally. When corporate misconduct is uncovered, citizens first blame the company and its 48 Ethical Boardroom | Autumn 2017
Corporate misconduct has eroded trust; governance frameworks are key to rebuilding it Héctor Lehuedé
Senior Manager, OECD Corporate Affairs Division leaders, as they should, but then also fault the authorities under whose watch events unfolded as well as the market as a whole, wondering as to the extent of bad practices. Distrust is only more acute if citizens perceive that punishment is not sufficiently proportionate, especially if the culprits walk away free (and with a bonus). Whatever measure is used to assess the level of trust, there is clearly a very strong agreement in the data that it fell significantly in the Organisation for Economic Co-operation and Development’s (OECD) area after the widespread misconduct revealed by the financial crisis, from an already very low starting point. We haven’t yet recovered from this fall and we suffer the consequences in a post-truth and increasingly polarised world.
Drivers of trust
As discussed in a 2017 OECD report Trust And Public Policy, trust is usually understood as ‘holding a positive perception about the actions of an individual or an organisation’. 1 Trust
works by giving us confidence that others will act as we might expect in a particular context. It is developed (or lost) on the basis of the individual’s actual experience although, as a subjective phenomenon, it is based on facts as much as on our own perception or interpretation of them. It is also shaped by the opinion of others and influenced by media. From an economic point of view, trust reduces costs and increases the speed of social interactions, generating tangible benefits for all: a ‘trust dividend’. When present, trust allows us to make decisions without having to renegotiate with and/or reassure our counterparts at each interaction. The OECD report further discusses what institutions can actually do to strengthen lost trust, which is essential for the effectiveness of public policy. It points in the direction of two fundamental building blocks: competency and values. These two concepts encompass a range of qualities and attributes that have been shown to inspire trust, in particular: reliability, integrity, responsiveness, fairness and openness. They contribute to an individual’s direct sense that the institutions with which he/she deals are trustworthy.
Governance failures
As argued by the G20/OECD Principles of Corporate Governance, the purpose of corporate governance is precisely to create an environment of trust, transparency and accountability necessary to obtain long-term investment, financial stability and sustainable www.ethicalboardroom.com
Trust | Board Governance
growth.2 This environment offers households the opportunities to hold equity and participate in the profits and wealth creation of the private sector, while facilitating the channelling of savings to promising business ventures that agree to adopt good governance to receive financing. Robust empirical results, including by the International Monetary Fund (IMF), show how good corporate governance reduces risk for individual firms as for the market as a whole.3 This link between risk and governance was also in the Financial Stability Board’s (FSB) mind in 2016 when it created its Working Group on Governance Frameworks (WGGF), chaired by Jeremy Rudin, Canada’s superintendent of financial institutions. The group, that was mandated to explore the use of governance frameworks to reduce misconduct risk, presented a first public report in May 2017 which includes an engaging literature review of root causes of misconduct.4 For this, the WGGF scrutinised a dozen prominent institutional failures in the financial and non-financial sectors, distilling common governance problems that offer clues into the actual functioning of governance frameworks: ■■ Pressure The WGGF learned that all institutions studied were subject to strong pressures when they failed. These pressures rose from external forces (such as the need to maintain political support for space activity in the case of NASA’s
space shuttle disaster, or increased competition threats in the market in BP’s Deep Horizon oil spill) as well as from internal forces (like an overly ambitious growth strategy, as in many financial institutions during the financial crisis). These pressures put governance institutions to a test they didn’t resist ■■ Leadership Pressure found its way into the organisation from the top, usually beginning with the board and senior management. The WGGF notes that this influenced their leadership styles and tone, as well as the strategy and decisions they adopted. Dominant leadership and stressed group dynamics left little room for dissent and constructive challenge, so people didn’t speak up or were ignored if they did. Inappropriate behaviour, or behaviour inconsistent with official policies and values, quickly became tolerated (something psychologists refer to as ‘normalisation of deviance’) and shaped a riskier ‘new normal’ ■■ Culture■Yielding to pressure, leadership negatively influenced the organisational culture and behaviour of the entire company beyond previously established rules and procedures. Organisational mindsets were realigned with a desire to
achieve results at the expense of security, compliance, ethical values or long-term sustainability. As employees perceived few opportunities to escalate concerns, leaders didn’t receive crucial information that, in turn, predisposed their own decision-making. Firms accepted small deviations and misconduct as inevitable risks, assuming that if they didn’t result in a major negative event in the past, they might not cause one in the future ■■ Governance frameworks Tested under pressure and without candid support from the top, frameworks revealed their weaknesses. Unclearly defined roles and responsibilities led to unaccountability, feeble escalating channels to dangerous silence while financial incentives overpowered insufficiently strong or independent control functions. Even when frameworks proved to be robust and well-designed enough to operate under stress, their input was overruled at the top. The WGGF notes that Lehman Brothers had sophisticated policies and metrics in place to estimate risk, as well as extensive staff dedicated exclusively to risk management. However, Lehman’s leaders relied more on their experience and successful track record, leading their company into default and triggering a global crisis in the process
From an economic point of view, trust reduces costs and increases the speed of social interactions generating tangible benefits for all: a ‘trust dividend’. When present, trust allows us to make decisions without having to renegotiate with and/or reassure our counterparts at each interaction www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 49
Board Governance | Trust
Role of culture
The FSB’s WGGF report concluded noting the symbiotic relation between governance frameworks and corporate culture, which it defines as ‘an institution’s shared assumptions, values, beliefs and norms’. An effective framework can nurture the right culture in a firm, but a corrupt culture can significantly undermine efforts to set up an effective framework running against its current. In a July 2017 post on the UK’s Financial Conduct Authority (FCA) website, former FCA senior advisor John Sutherland argues that for a new culture to emerge, staff members need to understand that the new governance framework will expect them to start behaving differently. 5 Sutherland warns that old habits die hard, but suggests there are four drivers of behaviour that can influence cultural change: trust and trustworthiness, communication, decision-making and incentives (both financial and non-financial). He cautions that leaders can damage internal trust by responding to pressure with objectives that differ from firm values. He quotes employee surveys reporting they ‘don’t always trust senior leaders’, or that they feel it is expected they will ‘have to trade ethics for business’, as evidence of this. To foster a well-working governance framework, Sutherland argues, all four behavioural drivers must be aligned, understood and ideally overseen or controlled by the board.
Leadership in practice
This is also the view of some enforcement agencies. A July 2017 interview of Hui Chen, former US Justice Department (DOJ) compliance counsel, highlights how relevant this relationship between frameworks and the organisational culture is for prosecutors charged with evaluating corporate compliance programmes.6 Ms Chen describes how investigated companies tend to present binders full of their compliance
CULTURE IN GOVERNANCE There is a better understanding of how frameworks can fail or succeed 50 Ethical Boardroom | Autumn 2017
policies, although DOJ prosecutors don’t really care about what the policy says, but rather about how they actually operate: ‘we want to see evidence; we want to see data of effectiveness’. She goes on to advise firms to make sure their programmes produce actual results that are measured thoughtfully and to assume that prosecutors will see through ‘a programme that’s designed to satisfy them versus a programme that’s designed to work’. The 2017 DOJ’s manual for evaluating corporate compliance programmes offers a useful guide to corporate leaders committed to building an effective governance framework.7 The manual lists difficult questions covering issues from ‘analysis and remediation’ to ‘incentives and disciplinary measures’, including ‘autonomy and resources’ as well as ‘continuous improvement, periodic testing and review’ among others. On the role of the leadership, it covers three crucial issues: ■■ Conduct at the top How have senior leaders, through their words and actions, encouraged or discouraged the type of misconduct in question? What concrete actions have they taken to demonstrate leadership in the company’s compliance and remediation efforts? How does the company monitor its senior leadership’s behaviour? How has senior leadership modelled proper behaviour to subordinates? ■■ Shared commitment What specific actions have senior leaders and other stakeholders (e.g. business and operational managers, finance, procurement, legal, human resources) taken to demonstrate their commitment to compliance, including their remediation efforts? How is information shared among different components of the company? ■■ Oversight What compliance expertise has been available on the board of directors? Have the board of directors and/or external auditors held executive or private sessions with the compliance and
control functions? What types of information have the board of directors and senior management examined in their exercise of oversight in the area in which the misconduct occurred?
The rear-view mirror
Habitual readers of Ethical Boardroom may recall that the Spring 2015 issue hosted an editorial about a then-recent OECD project exploring what corporate governance frameworks could do to mitigate the risk of corporate misconduct.8 The piece described the integrity recommendations of the G20/ OECD Principles of Corporate Governance and asked, rhetorically, what those recommendations meant in practice for boards that take their responsibilities to heart. It concluded by outlining plans the OECD had to better understand why some companies fail to prevent misconduct and how to build effective compliance into corporate governance. It also promised to report back on the findings. Looking back, it seems fair to say that we now have a wealth of knowledge and some robust findings from diverse sources at our disposal, which have enriched our understanding of how governance frameworks can succeed or fail. We can argue that we have better assessed the crucial role of trust and its drivers; we have carefully studied the conclusions from previous corporate failures and extracted valuable lessons; we have come to grips with the role of culture in governance and we have sharpened our tools to facilitate meaningful implementation of best practices. We can declare we are better equipped to balance the many governance challenges, but this is, of course, no guarantee of success. As Tolstoy or anyone who has been in a relationship could attest, the path to success doesn’t only demand learning to juggle the moving parts, but also to find the commitment to keep doing it as consistently as possible for the long run. OECD (2017), Trust and Public Policy: How Better Governance Can Help Rebuild Public Trust, OECD Public Governance Reviews, OECD Publishing http://dx.doi. org/10.1787/9789264268920-en. 2See the 2015 revised version of the G20/OECD Principles of Corporate Governance at: http://www.oecd.org/daf/ca/principlescorporate-governance.htm. 3See IMF (2016) Corporate Governance, Investor Protection and Financial Stability in Emerging Markets, available at: https://www.imf. org/~/media/Websites/IMF/imported-flagship-issues/ external/pubs/ft/GFSR/2016/02/pdf/_c3pdf.ashx. 4See FSB WGGF (2017) Stocktake of efforts to strengthen governance frameworks to mitigate misconduct risks, available at: http://www.fsb.org/wp-content/ uploads/WGGF-Phase-1-report-and-recommendationsfor-Phase-2.pdf. 5 See the FCA’s post at: https:// www.fca.org.uk/insight/gettinggripsculture. 6See the full interview at: https://www.bna.com/exjusticecompliance-guru-n73014462127 7See DOJ’s Criminal Division (2017), Manual for the Evaluation of Corporate Compliance Programmes, available at: https://www. justice.gov/criminal-fraud/page/file/937501/download 8 See http://www.oecd.org/daf/ca/trust-business.htm for a description of the OECD Trust and Business project and its 2015 report: Corporate Governance and Business Integrity: A Stocktake of Corporate Practices 1
www.ethicalboardroom.com
PROVEN LEADERSHIP FOR COMPLEX LEGAL CHALLENGES FIRST-TIER NATIONAL RANKING IN CORPORATE LAW — U.S. News – Best Lawyers® “Best Law Firms” Survey 2017
Sophisticated advice for the full spectrum of corporate governance issues. Ever-evolving laws and regulations, coupled with heightened scrutiny into corporate governance and compensation practices, have created an increasingly complex environment for publicly traded corporations, privately held entities and their individual executives and directors. We offer our clients advice on a range of issues impacting their business, including board management, financial reporting compliance, risk management and crisis preparedness, takeover defenses, proxy contests, shareholder relations and executive compensation. TALENT. TEAMWORK. RESULTS.
Holly J. Gregory holly.gregory@sidley.com +1 212 839 5853 John P. Kelsh jkelsh@sidley.com +1 312 853 7097
AMERICA • ASIA PACIFIC • EUROPE
sidley.com Attorney Advertising - Sidley Austin LLP, One South Dearborn, Chicago, IL 60603. +1 312 853 7000. Prior results do not guarantee a similar outcome. MN-5240
Board Governance | Remuneration
A cross-border analysis reveals increasing shareholder support towards management compensation, but issues do persist Executive remuneration is increasingly perceived by stakeholders as a window into how the board sets the strategy and how it motivates management. The say-on-pay votes have thus assumed greater importance. Remuneration policies and practices are required to be in line with the business strategy and not encourage risk-taking. The engagement between companies and investors is still a key driver for the development of sustainable remuneration practices and long-term value creation.
USA and Australia
For companies belonging to the S&P 500, support levels in 2017 remained consistent with 2016 – 91.8 per cent average in 2017 (v. 91.4 per cent in 2016) and a median of 95.2 per cent in 2017 (v. 95.3 per cent in 2016). Pay for performance misalignment, magnitude of pay and ‘rigour’ of performance goals (i.e. how the compensation committee sets performance targets) under incentive schemes are the predominant themes for adverse proxy advisory firm vote recommendations and low support on 2017 say-on-pay. A total of 449 proposals had been voted up to 31 July 2017 and only four proposals failed (0.9 per cent in total). While the average support level on the proposals that passed was 91.8 per cent, the median was notably higher at 95.2 per cent.
FIGURE 1: SAY-ON-PAY IN THE US 2016
91.40%
2017
91.80% ■ Average level of support
Comprehensive disclosure on shareholder outreach, engagement discussions, actions taken (or to be taken) in response to ‘low support’ are expected to avoid potential negative vote recommendations against compensation committee members. If the issue persists, the full board may be held accountable. With the exception of blind followers of ISS and Glass Lewis, institutional 52 Ethical Boardroom | Autumn 2017
Fabio Bianconi
Director at Morrow Sodali voting on say-on-pay is usually case-by-case. Early planning, year-round engagement to foster relationships with shareholders whose support may be needed in the future, comprehensive disclosure and effective communication of a company’s business strategy and its link to executive compensation and corresponding pay decisions are essential in garnering support. Historically, proposals on incentive plans typically have not received the same level of attention, scrutiny or opposition as say-on-pay proposals – and that continued to hold true in 2017. A total of 120 proposals have been voted upon through to 31 July 2017. Proxy advisory firm evaluations and vote recommendations are driven primarily by the size of the new share request and associated cost to shareholders, along with a company’s three-year average burn rate. Despite ISS adopting the Equity Plan Scorecard model beginning with the 2015 proxy season in an attempt to make the evaluation process more ‘holistic’ (i.e. take plan features and grant practices into consideration in addition to cost and burn rate), the primary driver for negative vote recommendations continues to be predominantly based on the shareholder value transfer cost and three-year historical share utilisation rate. Companies typically engage with shareholders on use of equity in the context of executive compensation and say-on-pay rather than exclusively on a company’s equity plan. In Australia, the ‘two-strikes’ rule was introduced in 2011 to increase directors’ accountability beyond executive pay. The entire company board can face re-election
INFLUENCES ON REWARDS Say-on-pay has prompted many companies to improve shareholder engagement
(within 90 days) if the remuneration report receives two strikes in a row (at least 25 per cent level of discontent). Among the top 180 Australian listed companies only 12 companies did not exceed the 75 per cent hurdle.
Europe
The United Kingdom is the highest performing country in which the average level of approval of the remuneration report is 92.9 per cent and reaches the 94.9 per cent threshold in relation to the www.ethicalboardroom.com
Remuneration | Board Governance binding vote on policies (that takes place every three years). In France, as a result of the enforcement of the Sapin 2 Act, an increased level of transparency and explanations from issuers on executive remuneration has been noticed, notably pay-mix, benchmarks and rationale for the choice of the performance metrics driving variable remuneration components. However, this headway on transparency did not lead to a significant improvement in the average ex-post say-on-pay scores at SBF120 companies (average approval of 89.1 per cent v. 88.7 per cent in 2016). We even noticed a reduction of the average approval score at CAC40 companies compared to 2016. Indeed, proxy advisors and institutional investors have taken stricter stances on executive remuneration packages, placing greater focus on pay for performance alignment. In the opposite direction, there is an increasing trend in the average scores of equity incentive schemes (authorisations to issue stock-options and performance shares). This development is likely due to greater transparency from issuers on the performance conditions tied to the equity awards in response to institutional investors and proxy advisors’ requests. While ex-ante disclosure on the performance targets is still scarce, issuers are becoming more explicit on the performance targets tied to past equity awards, or at least on the level of achievement thereof. The 2017 scores also show that proxy advisors and institutional investors’ requirements on post-mandate arrangements in favour of executives are
Early planning, year-round engagement to foster relationships with shareholders whose support may be needed in the future, comprehensive disclosure and effective communication of a company’s business strategy and its link to executive compensation and corresponding pay decisions are extremely essential in garnering support becoming stricter. The higher level of dissent may notably be explained by proxy advisors’ growing scrutiny of the methods used for the computation of rights under defined-benefit pension schemes, and continued concern regarding the performance conditions triggering executives’ entitlements to severance payments, on a ‘no pay for failure’ basis. In Spain this year, the median investor support for remuneration reports across the IBEX 25 is 86 per cent, broadly in line with 2016. LTIs are increasingly better-aligned with international best practice and, therefore, institutional investors and proxy advisors are focussing more on specifics. But issues persist and namely pertain to
% Level of support
FIGURE 2: VOTING RESULTS IN AUSTRALIA <75%
6%
75-90%
20%
>90%
74%
0%
10%
20%
30% 40% 50% % of total companies
60%
70%
80%
FIGURE 3: SAY-ON-PAY IN EUROPE 94.90%
92.90%
88.10%
85.88%
84.99%
84.06%
80.73% 69.30%
FTSE 100 REM policy
FTSE 100 REM report
FTSE Mib
www.ethicalboardroom.com
IBEX 35 CAC 40 REM REM report policy % Level of support
CAC 40 REM report
SMI
DAX 30
disclosure on peer group composition for relative (e.g. TSR) metrics, targets and degree of achievement thereof. The implementation of qualitative metrics lead to another common issue related to discretionary power of boards in awarding bonuses. Investors are increasingly placing more attention on targets that are claimed to be ‘sufficiently challenging’. This is especially the case with relative metrics (e.g. TSR), which entail peer groups, normally expecting that there is no vesting/pay out in the case of performance below the median. Among the 25 FTSE/ATHEX large cap companies in Greece, say-on-pay still remains relevant only to the very few companies headquartered outside of Greece. Of those having dual listings in the UK and/or Switzerland, we note a slight increase in approval (from 92.5 per cent in 2016 to 98.8 per cent and 99.2 per cent in 2017), suggesting an increased awareness of issuers in aligning their pay for performance practices. Germany is the lowest performing country where there is still no obligation to present the say-on-pay resolution for shareholders’ vote. The average support for those companies that voluntarily submitted the remuneration policy in 2017 was 69 per cent. In Italy the level of support for remuneration policies slightly decreased from 91.5 per cent in 2016 to 88 per cent in 2017. A more in-depth analysis, which refers only to minority shareholders, however, reveals that in 2017, only 70.6 per cent approved remuneration policy reports, while the remaining voters dissented. The major issues identified in 2017 essentially referred to the level of severance payments and the absence of transparency in the definition of the performance metrics for variable incentive plans. The main companies have undertaken structured engagement programmes (with proxy advisors and institutional investors) in order to understand their evaluation metrics to the fullest and to improve alignment with international best practice where needed. The involvement of HR departments in engagement can be now considered a solid practice and contributed to a better understanding of institutional investors on the peculiarities of local compensation practices.
Conclusion
While shareholder engagement on compensation resolutions has historically come into play during proxy campaigns only as a result of negative voting recommendations from proxy advisory firms, good disclosure and early communication with top holders should be set as a company’s strategy to demonstrate alignment with long-term shareholder interests and to mitigate future shareholder concerns. Autumn 2017 | Ethical Boardroom 53
Board Governance | General Counsel
Legal assessments benefit the bottom line Staying ahead of the competition, combined with ever-changing priorities, regulations and technology, requires a legal department able to adapt to evolving company strategy and be responsive to the needs of its constituents.
Navigating this challenging business climate calls for frequent course correction and a business-minded general counsel (GC) at the helm. The rise of the business-minded GC represents a new wave of leadership within organisations, reflecting the value and increased responsibilities of in-house counsel. At public companies, the GC’s responsibilities have grown tremendously, playing an integral role in strategic planning, especially as it relates to risk management and determining competitive advantages in the market. Multinational companies require their GC to understand the complex and various economic, social and political climates around the world, in addition to a myriad of legal issues. To be effective, a general counsel must be: ■■ An expert in various areas of law that are core to the business enterprise ■■ A skilled manager of a professional staff and outside legal counsel ■■ A respected member of the C-Suite executive team ■■ An important face of the company to external audiences ■■ An efficient administrator of legal and related operations ■■ An individual with a keen sense of the business, an effective negotiator and a diplomat who is adept at dealing with a variety of inside and outside constituents, from shareholders and directors to regulators, litigants and risk managers
The GC now has a broader leadership role
Benjamin W. Heineman Jr, former GE senior vice president for law and public affairs and current senior fellow at Harvard University’s schools of law and government, sums up the
An outside perspective can address gaps in resources or a misdirection of efforts Robert Barker
Managing Director, BarkerGilmore new standing of the GC within the corporate hierarchy in his book The Inside Counsel Revolution: Resolving the Partner-Guardian Tension. He states: “The general counsel now often has a broad leadership role and final decision-making authority beyond the legal department, heading such areas as tax, trade, environment, security, real estate, customer care, community relations and public affairs. The general counsel is now often seen as having importance and stature comparable to that of the chief financial officer by directors, CEOs and business leaders because the health of the corporation requires that it navigate complex and fast-changing law, regulation, litigation, public policy, politics, media and interest group pressures across the globe.” In addition to the intellectual contributions that they make to the executive team and board, the areas where GCs add most value are related to corporate governance, compliance, risk management and mergers and acquisitions. As guardians of the company, it is imperative that they build, motivate and manage highperformance departments, implementing programmes that help identify and even reduce regulatory and reputational risks by having the requisite expertise to spot issues, trends and solutions, as well as the advocacy skills to implement the steps necessary to mitigate, if not eliminate those risks. The most successful organisations are conducting more frequent performance reviews as a means to record and track the development and effectiveness of employees. This big-picture approach provides the data needed to know how the team is operating and where they are excelling, as well as where they are struggling.
Assessments can be focussed on a single aspect of legal department performance, cost-effectiveness or responsiveness, for instance, or can involve a more comprehensive review of the overall health and effectiveness of the entire department, especially when measured against other similarly situated legal departments, whether by size, industry or speciality. Boards and senior management are subject to increased scrutiny by shareholders, the public regulators and rating agencies. To one degree or another, all of these constituents have higher expectations of performance, insight and control by the leaders of the firm. A comprehensive, objective assessment of the legal function, including some of the common ancillary roles with which it is often charged (i.e. the corporate secretary’s office, licensing, government relations and compliance), is the best way to check the overall quality, effectiveness and efficiency of the department, while also providing the salutary benefit of protecting the board and others from possible later challenges to their decision-making. If nothing else, the ‘business-judgement’ rule that underlies director exculpation from most shareholder liability claims is enhanced by this prophylactic action. I spoke with some of BarkerGilmore’s most highly accomplished senior advisors on the subject of legal assessments and the rise of the GC’s role within successful organisations. These impressive individuals from across the country have managed the legal departments for some of the largest and most widely respected corporations in the world. Their insights on the importance and effectiveness of legal assessments and enhancing communications with the C-Suite and board affirms the importance of outside perspective and an impartial eye.
Reducing costs, not quality
Legal operations leadership is an expanding function within organisations, that continually monitors and drives efficiency standards throughout the law department. Michelle Banks, former GC of Gap Inc and a senior advisor at BarkerGilmore, was tasked
IN THE EYES OF THE LAW Holding frequent legal assessments is key to staying on track 54 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
with cutting costs by 20 per cent during her first year as GC. This was an acrossthe- board directive at Gap and certainly a challenge for any legal department. Conducting a legal department assessment gave her the data she needed to create a cost reduction strategy, without compromising legal services and provided the springboard for conducting semi-annual stakeholder interviews and annual spending reviews. “A best-practice company does this all the time,” Banks advises. It should be an integral component of regular department reviews. As GC of The J.M. Smucker Company, Ann Harlan used both formal and informal assessments to plan the legal integration of newly acquired businesses. Evaluating the past legal issues, as well as where there may be risks and opportunities as the business is folded into the existing operations, allows the legal department to deploy already thin resources in the most effective and efficient manner. We are all asked to do more with fewer resources and an assessment of and, if necessary, reallocation of, talent and expertise allows the legal department to be proactive in addressing changes in workload and requisite expertise. “The idea is to create a culture of continuous improvement, not merely a reaction to a problem,” said Harlan. And an assessment held at regular intervals provides an opportunity to recognise and reward outstanding performers while also identifying gaps in service.
www.ethicalboardroom.com
The most successful organisations are conducting more frequent performance reviews as a means to record and track the development and effectiveness of employees. This big- picture approach provides the data needed to know how the team is operating and where they are excelling, as well as where they are struggling.
Autumn 2017 | Ethical Boardroom 55
Board Governance | General Counsel “It helps ensure that the department is doing the most valuable work as defined by business needs,” says senior advisor Marla Persky, who began making personnel and strategy changes at Boehringer Ingelheim within three months of joining the company as its GC. Regular law department assessments are a kind of ‘wellness check-up’ for a healthy law department. Even if a problem isn’t immediately apparent, a check-up verifies that things are running smoothly and gives your law department a clean bill of health, or, conversely, allows you to diagnose any problems. Persky adds that proactively undertaking assessments and resolving inefficiencies in workflow, as well as clarifying individual roles and responsibilities, ‘helps to establish your leadership as strategic and business oriented. It also helps a newly appointed GC’s onboarding process’.
AN OUTSIDE PERSPECTIVE Work with an advisor to assess your legal team
Where the business enterprise is one that is highly regulated and regularly examined, such as banking and financial services, the demands on management and especially the board of directors, have increased significantly since the last ‘Great Recession’. Bill Solomon, the former long-time general counsel of Ally Financial (formerly GMAC) reports that bank regulators have ‘piled on’ requirements of directors to know, manage and do more than just act in their traditional role as policymakers and overseers of senior management, to the point where the customary and legal construct of a director’s limited duties and responsibilities may be at risk of changing and not necessarily for the better. The Wall Street Journal recently published a lengthy article questioning why any prudent businessperson would ever want to be a director on the board of a bank or financial institution, given the increased demands and expectations of state and 56 Ethical Boardroom | Autumn 2017
federal regulators, the always imminent challenge of plaintiff’s attorneys and shareholder ‘activists’. One clear, simple way for boards and senior management to mitigate these risks is to conduct a thorough and comprehensive assessment to ensure that its internal legal function is operating in accordance with industry best practices and to remediate those areas – whether with changes in process, technology, scope, strategy, structure, or staff – as needed to redress the shortcomings. Enabling alignment between the legal department and company strategic goals as set by the C-suite and board is a tangible advantage of the assessment process. Roya Behnia, who was Pall Corporation’s GC, says the assessments can provide ‘a roadmap for goal-setting in a multi-year period’. A deep-dive review of the legal and compliance function can identify gaps in resources or
and effectiveness of the legal department by identifying areas for improvement and engaging the entire department in implementing change. Building positive benefits directly into the assessment for your employees, as well as the business at large, will make regular assessments a welcome activity. The keys to a successful assessment implementation as recommended by BarkerGilmore’s advisors include: ■■ Outside perspective and an impartial eye ■■ Industry leadership and expertise ■■ Consistency – timing, methodology, etc ■■ Benchmarking against industry standards ■■ Tailoring your assessment to your specific goals
These tools and methodologies take careful planning for successful implementation. In a changing legal environment, benchmarking against industry standards is increasingly complicated. Engaging industry experts allows Regular law for an unbiased and nimble department approach to benchmarking that considers the most assessments are current and successful a kind of ‘wellness legal departmental standards and services. check-up’ for Legal departments are a healthy law in a state of flux. Leadership expectations for GCs are department. to include a wider Even if a problem changing range of responsibilities and isn’t immediately influence; this in turn changes the way that departments are apparent, a run. The legal profession itself check-up verifies is evolving amid increased regulation. Awash in new that things are and technological running smoothly technology threats, including privacy and cybersecurity concerns, and gives your departments can drift and law department misdirection of effort lose sight of focus of business a clean bill resulting from a lack of goals. While the legal communication with the profession continues to of health, or, business or understanding innovate, legal management conversely, allows and culture has not. of business goals. With these gaps identified, an Of this phenomenon, you to diagnose assessment can help the Roya Behnia observes: “Our legal function dynamically any problems colleagues in operations, sales allocate resources and marketing have used these according to company goals and identify and kinds of assessment tools for years. Isn’t it implement process tools that would allow about time the legal department catches up?” the function to serve company strategy. A good start is an objective legal The assessment process, in its highest assessment process that identifies strengths form, can lead to ‘a defined strategic plan and weaknesses and clarifies communication and cascading goals’ on a multi-year basis. throughout the business. While business leaders have traditionally set their sights Compiling a successful on the marketing department to reduce legal assessment spending, there is growing recognition What makes an assessment successful? among the most innovative companies that Ultimately, the goal of a legal assessment is a legal assessment can be a highly effective to recognise talent, streamline workflow, means to ensuring quality of products and reduce costs and improve the overall quality services while benefiting the bottom line. www.ethicalboardroom.com
LOOK TO THE IIA FOR RESOURCES ADDRESSING ETHICS, GOVERNANCE, BOARD-LEVEL CONCERNS, AND MORE
Visit The IIAâ&#x20AC;&#x2122;s new Stakeholder Resource Exchange to gain an in-depth understanding of internal audit best practices. Sign up for a free subscription to Tone at the Top, a bimonthly publication with concise information and perspective on top-of-mind issues and guidance for boards, audit committees, and senior management.
2017-0871
www.theiia.org/StakeholderResources
Board Governance | Enterprise Risk Management US APPROACH TO RISK-BASED CULTURE The new COSO guidance could be extended into a more global framework
COSO ERM 2017
Why should boards around the world care about the 200-page US guidance? The answer might surprise you Boards can be excused if they are growing increasingly weary of the exponential explosion of new things they are being told they should read and do. The list seems to grow each year as regulators and standardssetters tell boards they must oversee yet another dimension of business more rigorously, more transparently, more aggressively or, simply put, better.
The enactment of the Sarbanes-Oxley Act (SOX) in 2002 in the US is a classic example of this trend. Following a perfect storm of corporate failures and scandals, US Congress concluded boards were not doing enough to oversee risks to the goal of reliable financial statements. The Dodd-Frank act in the US was added shortly after SOX. It runs to more than 800 gruelling pages. The global financial crisis of 2008 resulted in regulators around the world concluding boards were still not doing enough to oversee financial risk. This conclusion 58 Ethical Boardroom | Autumn 2017
Tim J. Leech
Managing Director at Risk Oversight Solutions Inc resulted in enactment of thousands of pages of new laws and regulations with a heavy focus on board oversight of risk and, more recently, oversight of what is increasingly referenced as culture risk.1,2 Now boards are being bombarded with messages indicating they need to do a better job overseeing cyber risk. 3 More high-profile governance disasters, such as Target and Equifax, will likely result in a new round of regulatory intervention to address cyber risk as yet another silo with a heavy focus on the importance of board oversight.
How can boards and directors cope with expectations? COSO (Committee of Sponsoring Organisations), a US-based committee comprised primarily of accounting and auditing association members, decided three years ago that an update to its 2004 Enterprise Risk Management (ERM) guidance was needed to help boards and companies discharge rapidly expanding
ERM and board oversight expectations.4 After two years of research, consultations, deliberations, debates, criticisms and a June 2016 exposure draft that was followed by another year of revisions, COSO released its newest guidance Enterprise Risk Management: Integrating With Strategy And Performance in August of 2017. The executive summary is 16 pages long but not particularly helpful to boards that want to know specifically what needs to change. The full COSO ERM guidance is a daunting 200-plus pages in length. This article focusses on a simple question: In a world where board oversight expectations and guidance are proliferating exponentially, should boards know and care about this new and lengthy COSO ERM guidance? The short answer is YES – but perhaps not for the reasons many directors might think. A positive endorsement of a COSO work product is not a conclusion I have arrived at lightly. I have been highly vocal and critical of COSO outputs in the past, particularly COSO’s 1992 and 2013 internal control frameworks. I have often and very publicly called COSO’s internal control frameworks sub-optimal at best, even potentially dangerous. 5 www.ethicalboardroom.com
Enterprise Risk Management | Board Governance The real reason boards should care about the new COSO ERM guidance is that important institutional investors controlling many trillions of dollars are increasingly saying they want evidence that companies and CEOs are defining strategic objectives that will drive long-term value and, most importantly, demanding evidence that boards are overseeing risks to those strategies. Simply put, how institutional investors perceive a company’s risk management framework and the board’s oversight of risk management is now significantly influencing share price. COSO ERM 2017 is the first authoritative framework to focus and provide some guidance on the critical role of risk management to long-term value creation and preservation. Many ERM frameworks that companies have implemented globally have not done a good job of focussing on strategic value creation objectives – objectives many highly influential institutional investors now consider key to long-term success. Unfortunately, in addition to not putting much focus on top strategic objectives, many risk-centric/risk-register based ERM initiatives have also failed miserably at identifying key risks to topvalue preservation objectives, including reliable financial statements, compliance with the law and data security. A letter from Larry Fink, CEO of BlackRock – the largest money manager in the world with more than $5.1trillion assets under management – sent on 1 February 2016 to thousands of CEOs of the biggest companies in the world is a good proxy for the movement.6 It read: “We are asking that every CEO lay out for shareholders each year a strategic framework for long-term value creation. Additionally, because boards have a critical role to play in strategic planning, we believe CEOs should explicitly affirm that their boards have reviewed these plans. BlackRock’s corporate governance team, in their engagement with companies, will be looking for this framework and board review.” In August of 2017 a similar letter to CEOs was issued by F. William McNab, CEO of Vanguard, another investment management behemoth. In that letter McNab states: “We
believe that well-governed companies are more likely to perform well over the long run. To this end, we consider four pillars when we evaluate corporate governance practices: (1) The board: A high-functioning, well-composed, independent, diverse and experienced board with effective ongoing evaluation practices. (2) Governance structures: Provisions and structures that empower shareholders and protect their rights. (3) Appropriate compensation: Pay that incentivises relative outperformance over the long term. (4) Risk oversight: Effective, integrated and ongoing oversight of relevant industry- and company-specific risks”7
More high-profile governance disasters, such as Target and Equifax, will likely result in a new round of regulatory intervention to address cyber risk as yet another silo with a heavy focus on the importance of board oversight McNab goes on to state: “Directors are shareholders’ eyes and ears on risk. Risk and opportunity shape every business. Shareholders rely on a strong board to oversee the strategy for realising opportunities and mitigating risks. Thorough disclosure of relevant and material risks – a key board responsibility – enables share prices to fully reflect all significant known (and reasonably foreseeable) risks and opportunities.”
COSO gets it right — this time
As someone who has worked with organisations globally to implement ERM frameworks for more than 30 years and invested more than 40 hours authoring a highly critical response to COSO’s June 2016 ERM exposure draft, I have very publicly endorsed this new COSO ERM release in a growing number of presentations, articles and social media posts – to the surprise of many, including Institute of Internal
Auditors CEO Richard Chambers,8 as he openly declared in this Tweet:
A summary of the 20 principles contained in the new COSO ERM framework is reproduced below. Readers can get the executive summary as a free download. The full COSO ERM framework guidance is a hefty $150.
What I like most about COSO ERM 2017
The main theme of the report is that an effective ERM framework should start by defining an organisation’s most important business objectives after evaluating alternative strategies (principles 8 and 9); then identify and assess risks to those objectives, including identifying and evaluating the full range of risk responses (principles 10-13); and, perhaps most importantly, link risk assessment to the best available performance information (principle 16). Institutional investors around the world are increasingly demanding evidence of top strategic value creation objectives are being defined, assigned, risk assessed and overseen by the board of directors. I believe, based on my 30-plus years of global experience, that many organisations that have claimed to have effective ERM frameworks have not focussed on strategic long-term value creation objectives or linked their risk assessments to objectives and performance. After watching how hundreds of thousands of organisations globally have publicly claimed to have implemented ERM by creating and maintaining risk registers/risk lists, the COSO shift to more clearly endorsing ‘objective-centric’ ERM and supporting the view that all risk assessments should be linked to objectives and performance, is such an important development that it causes me to give COSO ERM 2017 my endorsement,
COSO’S 2017 ERM GUIDANCE: THE 12 GOVERNING PRINCIPLES Information, communication & reporting
Governance & culture
Strategy & objective-setting
Performance
1. Exercises board risk oversight 2. Establishes operating structures 3. Defines desired culture 4. Demonstrates commitment to core values 5. Attracts
6. Analyses business context 7. Defines risk appetite 8. Evaluates alternative strategies 9. Formulates business objectives
10. Identifies risk 15. Assesses substantial change 11. Assesses 16. Reviews risk severity of risk and performance 12. Prioritises risks 17. Pursues improvement 13. Implements risk in enterprise responses risk management 14. Develops portfolio view
www.ethicalboardroom.com
Review & revision
18. Leverages information and technology 19. Communicates risk information 20. Reports on risk, culture and performance From the COSO Enterprise Risk Management Framework, ©2017 COSO. Used by permission. All rights reserved.
Autumn 2017 | Ethical Boardroom 59
Board Governance | Enterprise Risk Management
What I dislike most about COSO ERM 2017
1
No guidance how to transition from risk-centric to objective-centric ERM COSO has done little to define how the large majority of organisations that have been risk centric and have used risk registers as their ERM foundation, should transition to the objective-centric approach to ERM that COSO now apparently favours. Ironically, COSO ERM 2004 is very likely one of the primary causes of global adoption of risk registers as a foundation, for ERM. There are hundreds of thousands, perhaps even millions of organisations, that claim to be using COSO ERM 2004 and/or ISO 31000 global risk management standard that have held annual or semi-annual interviews and/or risk workshops, populated and maintained risk registers, and provided periodic risk profiles and risk maps to senior management and the board with little linkage to the objectives most key to top long-term value creation objectives or actual performance that call their approach ERM and claim they use COSO ERM guidance. We reference methods that use risk registers as a foundation for their ERM framework as being risk centric. In spite of many denials from the authors/sponsors, I believe COSO’s 2004 ERM framework and ISO 31000 2009 have caused many to believe that these risk registers/risk lists and risk heat maps, largely drawn from simply asking people what they see as the biggest risks to something, qualify, at least for regulatory purposes, as having an effective ERM framework. Unfortunately, or fortunately, depending on your perspective, many securities and financial sector regulators around the world also appear to have agreed and allowed these
60 Ethical Boardroom | Autumn 2017
FIVE LINES OF ASSURANCE
The Five Lines of Assurance model significantly elevates the role of CEOs and boards of directors in risk governance
Board of directors
The board has overall responsibility for ensuring there are effective risk management processes in place. The other four lines of assurance are effectively managing risks within the organisation’s risk appetite and tolerance. The board also has responsibilty for assessing residual risk status on board level objectives (CEO performance and succession planning, strategy, etc)
Internal audit
CEO & C-Suite
Internal audit provides independent and timely information to the board on the overall reliability of the organisation’s risk management processes and the reliability of the consolidated report on residual risk status linked to top value creation and potentially value-eroding objectives delivered by the CEO and/or his or her designate
CEO has overall responsibilty for building and maintaining robust risk management processes and delivering reliable and timely information on the current residual risk status linked to top value creation and potentially value-eroding objectives to the board. This includes ensuring objectives are assigned owner/sponsors who have primary responsibility to report on residual risk status. Owner/sponsors often include C-Suite members
Specialist units
These groups vary but can include ERM support units, operational risk groups in financial institutions, safety, environment, compliance units, legal, insurance and others. They have primary responsibility for designing and helping maintain the organisation’s risk management processes and working to ensure the frameworks and the owner/ sponsors of individual objectives produce reliable information on the residual risk status linked to the top value creation and potentially value risk register/risk heat map approaches to risk management to get a passing grade as effective ERM frameworks. Unfortunately, many of these risk-centric/risk-register based approaches endorsed by regulators have failed massively in thousands of high-profile cases resulting in trillions of dollars of damage to investors and other stakeholders. guidance about what the 2 No role of the internal audit should
be and what internal audit needs to do differently to fill that role The new COSO guidance says little about what the role of internal audit should be in an effective ERM framework, in spite of pleadings in my September 2016 comment letter to COSO for more guidance on this dimension.9 Objective-centric ERM, at least as we envision it with active involvement of the C-suite and board, unlike the very popular and dangerously incomplete three lines of defence approach, defines five key roles. The focus of effective ERM should not be fixated on defence but a balanced focus on how to better achieve top value creation and preservation objectives while still operating
© Risk Oversight Solutions Inc.
in spite of still having some major unresolved concerns. COSO, although heavily influenced by consultants that have made billions of dollars helping to install riskregister/risk-list based ERM around the world and senior management that want less regulatory intervention not more, has stated, for the record, that risk-centric/risk-register approaches to ERM are the least integrated and, arguably, least effective form of ERM. For those that want to know more about the business case for the objective-centric approach to ERM we promote, see my Ethical Boardroom Spring 2017 paper Building Businesses For The Long Term: Focussing ERM and Internal Audit On What Really Matters – Long Term Value Creation And Preservation and the July 2017 conference Board Directions notes Board Oversight Of Long-Term Value Creation And Preservation: What Needs To Change?. The ERM approach recommended in these papers is aligned with the core theme of COSO ERM 2017, but goes well beyond it.
Work units
Business unit leaders are assigned owner/sponsor responsibilty for reporting on residual risk status on objectives not assigned to C-suite members or other staff groups, such as IT. These may be sub-sets of top level value creation/strategic objectives and high level potential value erosion objectives within the organisation’s risk appetite/ tolerance.10 A visual depiction of roles when ERM focusses on both top value creation as well as value preservation objectives is shown above in the Five lines of assurance diagram above. Unfortunately, I believe that the vast majority of internal audit departments are not currently equipped to provide boards with reliable opinions on the effectiveness of management’s ERM frameworks. The reason is simple: the vast majority of internal auditors today cannot themselves complete reliable risk assessments that consider the full range of risk responses/risk treatments and many have believed and reported to their boards that having/using a risk-centric/risk-register approach that has not put much focus on top strategic objectives constitutes having an effective ERM framework.11 I recently asked a room full of senior level risk specialists and internal auditors how many in the room have had even one day of formal training on risk financing/insurance coverage or using contract clauses to transfer/share risk. The answer: none. How can internal audit be expected to grade how well management is doing risk management www.ethicalboardroom.com
Enterprise Risk Management | Board Governance when they lack the knowledge to do it themselves? Most internal auditors have only been trained on internal controls. Internal controls are only one form of risk response/risk treatment, a response that focusses on risk mitigation with little regard for risk transfer/share/ avoidance/acceptance. Many internal auditors don’t know how, or even think it is important, to link risk assessments to top value creation and preservation objectives or performance. COSO has acknowledged that its internal control framework is only a subset of the full range of risk responses and is not suitable risk response guidance in an effective ERM framework. The new COSO guidance states on page 36 of 202: “Enterprise risk management incorporates some concepts of internal control. ‘Internal control’ is the process put into effect by an entity to provide reasonable assurance that objectives will be achieved. Internal control helps the organisation to identify and analyse the risks to achieving those objectives and how to manage risks. It allows management to stay focussed on the entity’s operations and the pursuit of its performance targets while complying with relevant laws and regulations. Note, however, that some concepts relating to enterprise risk management are not considered within internal control (e.g. concepts of risk appetite, tolerance, strategy and objectives are set within enterprise risk management but viewed as preconditions of internal control).”12 COSO, in spite of some very significant conflicts of interest, needs, as the expression says, to ‘come clean’ and go much further. COSO needs to state that internal control assessments that focus only on risk mitigation as a mechanism to treat/respond to risk are technically flawed and potentially dangerous. Traditionally, many internal control assessments have focussed heavily on mitigating risks, often skipping the step of actually identifying relevant end result objectives; seriously identifying and analysing using multiple fact-based methods identifies significant risks to those objectives and related risk likelihood and risk consequence; linking significant risks to the
full range of risk treatments in place/use; describing a picture of the current residual risk status; and identifying the best available performance data linked to the current risk treatment/response design.
3
COSO claims ERM covers all forms of objectives and related risks but not risks to the objective of reliable financial statements or other value preservation objectives where traditionally internal controls assessments have been used. In response to numerous calls for clarity on the relationship between ERM frameworks and internal control frameworks and why ERM cannot/should not be used for objectives like reliable financial statement, IT security and other traditional audit focus areas, COSO ERM 2017 authors (PwC) provide a rationalisation on The Relationship Of Enterprise Risk Management To Internal Control (see the panel below).13 I am sorry to say, but as an attempt to provide a reasonable and well-supported rebuttal of why ERM can and should be used by organisations around the world, but not for certain types of objectives that have traditionally been the subject of internal and external audit evaluation (such as SOX section 404 and other areas where internal and external auditors have conducted internal control assessments) this explanation is nonsensical at best, ridiculous at worst. I can only conclude that conflicts of interest are preventing COSO from clearly stating that the core ERM framework can and should be used for all types of important value creation and preservation objectives, including the important value preservation goal of producing reliable financial disclosures. Only then can the goal of ERM driving better and more efficient resource allocation be achieved. Refusing to admit corporations around the world all regularly take risks linked to the goal of publishing reliable financial statements is ludicrous. ERM-based approaches, particularly ERM that links objectives, risks, risk treatment/ responses and residual risk status, has potential to produce much more reliable
conclusions from external auditors and management on reliability of financial statements and security of data than the current internal control assessments.
What CEOS and boards need to do now
In the wake of the issuance of the new COSO ERM guidance, CEOs and boards need to be ask two simple questions. Are we using an integrated/strategic ERM framework focussed on our top strategic value creation and preservation objectives consistent with the vision COSO ERM 2017 has painted? And, of even greater importance, is it the type of enterprise risk management framework major institutional investors now expect? Even if that is the only thing COSO ERM 2017 accomplishes with this new guidance, it is a major step forward in the pursuit of better risk governance globally. See Conference Board Director Notes article The Next Frontier For Boards: Oversight Of Risk Culture, Parveen Gupta and Tim Leech, 2015. 2See new NACD Blue Ribbon Commission report Culture As A Corporate Asset (https://goo.gl/F7VhQt) 3See Board Cyber Risk Oversight: What Needs To Change? Lauren Hanlon and Tim Leech, 2016 Wiley Handbook of Board Governance. 4 COSO is comprised of five members – Association of Certified Public Accountants, Institute of Management Accountants, Institute of Internal Auditors, Financial Executives Institute, American Accounting Association. 5 For an example, see COSO: Is ‘It’ Fit For Purpose?, Tim Leech, Wiley, Governance, Risk And Compliance Handbook: Technology, Finance, Environmental and International Guidance And Best Practices 6Text of Larry Fink’s 2016 Corporate Governance Letter to CEOs, February 1, 2016, https://www.blackrock.com/ corporate/en-ca/literature/press-release/2016-larry-finkceo-letter.pdf 7Text of a August 31, 2017 letter from F. William McNabb, CEO of Vanguard Investments to CEOs (https://about.vanguard.com/investment-stewardship/ governance-letter-to-companies.pdf Oct 10, 2017 8 Comments on the June 2016 COSO draft Enterprise Risk Management: Aligning Risk With Strategy And Performance, Tim J. Leech, September 7, 2016 (http:// riskoversightsolutions.com/wp-content/uploads/2011/03/ ROS-TL-Response-To-COSO-Sept-7-2016.pdf as at Oct 10 2017 9Ibid, page 8 of 9. 10Three Lines of Defense vs Five Lines of Assurance: Elevating the Role of the Board and CEO in Risk Governance, Lauren Hanlon and Tim Leech, Handbook On Board Governance, Richard Leblanc editor, Wiley 2016 11Note: COSO uses the term ‘risk responses’ and ISO 31000 and ISO GUIDE 76 use the term ‘risk treatments’ 12From the COSO Enterprise Risk Management Framework, ©2017 COSO. Used by permission. All rights reserved. 13Enterprise Risk Management: Integrating Strategy and Performance, COSO June 2017, Page182/202 1
THE RELATIONSHIP OF ENTERPRISE RISK MANAGEMENT TO INTERNAL CONTROL There was diverse feedback on the relationship between enterprise risk management and internal control. Some respondents requested clarification of the structural aspects of the two frameworks (e.g. where there is overlap) and the conceptual linkages of these two topics. Some suggested COSO merge the two frameworks into one, while others preferred two separate and distinct frameworks. Still others suggested including the entirety of the internal control conversation in the
www.ethicalboardroom.com
framework rather than referencing internal control–integrated framework. The new framework now clarifies the relationship between enterprise risk management and internal control and identifies those instances where it relies on concepts established in internal control–integrated framework. Since internal control–integrated framework is used as a regulatory standard and to avoid inadvertently expanding the scope of that framework for regulatory application, the COSO board decided to
maintain two separate and distinct frameworks. Therefore, the COSO board did not include components in this update that are common to both frameworks (e.g. control activities) to avoid redundancy and to encourage users to become familiar with both. However, some concepts introduced in internal control–integrated framework, such as governance of enterprise risk management, are further developed in this framework. These additions limited the ability to shorten the document. Autumn 2017 | Ethical Boardroom 61
Global News Asia China Jinmao CFO assists HK anti-graft probe The chief financial officer of Chinese state-owned property developer China Jinmao Holdings is assisting Hong Kong’s anti-graft body with an investigation following a search of the company’s offices. Jiang Nan, the company’s CFO, was asked to visit Hong Kong’s Independent Commission
India eyes corporate governance reforms The Securities and Exchange Board of India (SEBI) has closed its consultation on recommendations for corporate governance put forward by a committee chaired by banker Uday Kotak. Recommendations by the SEBI panel, set up in June, are designed to radically improve corporate governance practices at listed companies in India. Proposals include the separation of chairman and chief executive roles, as well as increasing the presence of independent directors and strengthening their obligations.
The Kotak committee also recommends strengthening oversight by requiring a minimum of five board meetings a year, including one dedicated to long-term strategy and related matters, such as succession planning. The proposals have received a mixed reaction across the industry. Umakanth Varottil, associate professor of law at the National University of Singapore, said: “While the committee’s efforts are laudable, it remains to be seen whether, and the extent to which, they are implemented by the regulators and accepted by corporate India.” 62 Ethical Boardroom | Autumn 2017
Against Corruption (ICAC) after the anti-graft agency had carried out its search. In a statement, Jinmao said that the investigation ‘has not had and is not expected to have any adverse effect on the business’. According to Reuters, the ICAC had searched the company’s office in Hong Kong as part of an investigation into bribery.
Flexible working highly valued in diversity report Flexible working policies are highly valued by men in Asia and nearly as much as women, according to new research by recruitment company Hays. The 2017 Asia Gender Diversity Report surveyed men and women from more than 30 industry sectors across China, Hong Kong, Japan, Singapore and Malaysia. Almost half of female respondents (45 per cent) said promoting shared parental responsibilities would ‘very much’ boost efforts to address unconscious bias in the workplace and improve gender diversity. Just over a third of men agree. “Flexible working is still seen very much as something that benefits working mothers but our latest research shows that companies developing flexible work policies have to take a broader view,” says Lynne Roeder, managing director of Hays Singapore.
‘Back to school’ for Sunac chairman The chairman of one of China’s largest real estate developers, Sunac China Holdings, has been ordered to take re-education classes on corporate governance. Sun Hongbin (pictured) and another director were ordered ‘back to school for 26 hours’ by Hong Kong’s stock exchange operator after it ruled the pair had failed to meet full disclosure rules during a takeover deal in 2015. Mr Sun, one of China’s wealthiest men, was censured by Hong Kong Exchanges and Clearing for ‘failing to apply such degree of skill, care and diligence required and expected of him’. The directors have been given 90 days to complete the training, which must take place at the Hong Kong Institute of Chartered Secretaries, the Hong Kong Institute of Directors or another body approved by the stock exchange.
Better governance at Thai listed firms
Thai listed companies have showed an improvement in corporate governance practices, according to a report conducted by the Thai Institute of Directors. The 2017 CGR (corporate governance report) findings on 620 listed companies showed an overall score of ‘very good’ at 80 per cent, marking the highest level since 2010 — up from 78 per cent last year. The improvement in the overall result derives mainly from two key categories — board responsibilities and the role of stakeholders — demonstrating a stronger board leadership in governing significant issues and an emphasis on all stakeholders playing their part to ensure sustainable growth. www.ethicalboardroom.com
Asia | Gender Diversity
Vladislava Ryabota
Regional Corporate Governance Lead, IFC South Asia
Hairline cracks in the glass ceiling More board diversity is needed in South Asia but there are signs that women are rising through the ranks Many studies show the clear and positive correlation between increased gender diversity at top levels of corporate leadership and better company performance. The fundamental business case for more women on boards and in senior leadership positions is fast becoming undeniable: reduced risk, better decision-making, increased collaboration and broader market perspective, among many other benefits. South Asian markets are slowly warming to this message. In India, 75 per cent of listed companies have one female director. Of Sri Lanka’s 20 largest listed companies, 14 have company boards that include one female director – up from nine just a few years ago. That said, the overall picture is still not great. While the increased percentage of South Asian companies that have a female board member represents a step in the right direction, the fact is that one woman in an otherwise all-male board is usually not enough to drive meaningful change at her company. And, in the aggregate, it is not enough to drive change in the country or the region. It does beg the question: with so much evidence pointing to the value of increased women’s participation on boards and in senior leadership, why aren’t there more women serving in these positions? Well, it’s complicated. Many factors are at play, especially in this vibrant, diverse and rapidly developing region. Moving towards a more gender-inclusive corporate leadership approach involves changing a complex and 64 Ethical Boardroom | Autumn 2017
entrenched social and business dynamic. Working in South Asia as part of IFC’s corporate governance group, I have seen that such seismic shifts require multipronged efforts at many levels.
At the societal level: knowledge, information and change in mindset
Social change can be slow, particularly in a region characterised by contradiction when it comes to women’s advancement. Consider that women comprise nearly 60 per cent of Sri Lanka’s university graduates, yet they make up only 32 per cent of the labour force and a tiny four per cent of the nation’s top management cadre. Only 28 per cent of India’s women work – one of the lowest percentages of working women in the world – even though nearly 50 per cent of its university students are women. The talent pool is clearly growing. Even in business schools, where the number of female students has typically been low, women are catching up. In at least one of India’s graduate business programmes, the Goa Institute of Management (GIM), women and men are enrolled in equal numbers, according to GIM professor Divya Singhal, who has studied gender diversity in graduate degree programmes. But somewhere along the way, too many smart and capable women are dropping out of the workforce and not ascending the ranks of corporate leadership. Typically cited reasons for this fall off include a need to care for children, family expectations to run the household and lack of ambition. I strongly disagree with this last presumption, which smacks of unfair stereotypes and flies in the face of reality. There are many highly capable women who have the drive and determination to make it to the top in these markets.
BREAKING DOWN THE BARRIERS Promoting gender diversity is bringing added value to South Asian boardrooms
Given the opportunity, they could become true agents of change. Conferences, public events and positive media coverage can help to empower and encourage women to continue their climb up the corporate ladder. They also serve to educate men on the benefits of gender diversity in the workplace. For instance, at one event in Colombo, a panel of experts explored the reasons why there are fewer women in Sri Lanka’s corporate sector, even as women have achieved prominent leadership positions in the country’s professions, academia and judiciary. The back-and-forth focussed on the question of whether men in Sri Lanka were ready for women on boards. Co-hosted by IFC and the Sri Lanka Institute of Directors, the event was well attended by both women and men. In India, last year’s www.ethicalboardroom.com
Gender Diversity | Asia
Women in Leadership Conference drew more than 500 mid-career businesswomen, all of whom are being mentored by top business leaders. It’s another way to inspire women and encourage them to reach ever higher, beyond mid- and senior-level management and into the C-suite and boardroom. We have also seen that widely publicised global events, such as the Ring the Bell for Gender Equality event held every year at stock exchanges around the world to mark International Women’s Day, have helped raise awareness, trigger discussion and spread the word on the business case for gender diversity. In South Asia, the exchanges in Dhaka, Colombo and Mumbai are all in on this initiative, hosting sessions aimed at spurring greater women’s participation at all levels of the economy. www.ethicalboardroom.com
contacts and share knowledge. Mentorships, through programmes such as the one SLID recently launched, connect senior executives with early- and mid-career professional women, offering an important source of support. Databases of qualified female director candidates are making it easier for companies to find appropriate nominees. And then there is training, an all-important way to fill critical skills gaps. Recently, IFC piloted a global board training programme specifically aimed at female directors, with sessions focussing on soft skills, such as projecting confidence, negotiating and resolving conflicts. In post-event feedback, participants said that they welcomed the opportunity to learn in a safe environment, together with other women. By contrast, the male and female participants of the technical board skills programmes we run for new and potential directors of South Asian companies have said that they liked the exchange of ideas and perspectives that comes from being in a mixed environment. The lesson here is that it can be effective to provide women-only training on board dynamics and interpersonal relations, With so much covering such sensitive evidence pointing topics as how to insert yourself into a to the value of discussion and make increased women’s sure your voice is being heard, even when you participation on are in the minority. boards and in But for general skills senior leadership, training, there is a strong argument for why aren’t there mixed participation. more women In IFC’s own investee companies, we have serving in these seen the positive impact positions? of all of these efforts as we aim for better gender balance in the boardroom. We are drawing from ever-growing databases of capable candidates, appointing board directors who At the market level: networking, graduated from mentorship and training mentoring and training programmes. Already they have shown South Asian women who are poised for themselves to be well prepared and ready corporate leadership roles sometimes to tackle the challenges ahead. face significant barriers to entry. They At the regulatory level: laws, have not been part of the traditionally corporate governance codes male-dominated peer networks from which and non-financial reporting new board directors are often chosen. They Legislation and regulatory action can may not know anyone who can provide incentivise progress on the gender front. guidance as they navigate their career For example, employment laws that require path. And they may lack board skills equal pay for equal work, enable more and confidence in their own abilities. liberal family leave, or support flexible work IFC works in tandem with institutions, schedules can help break down some of the such as the Federation of Indian Chambers obstacles that are keeping more women from of Commerce and Industry, the Bangladesh remaining in the workforce. Over time, this Enterprise Institute and the Sri Lanka could help create a larger pipeline of women Institute of Directors (SLID), to address who have the expertise to take on senior these issues. New networks and platforms executive positions and directorships. now enable women to build their business Autumn 2017 | Ethical Boardroom 65
Asia | Gender Diversity Some countries, such as India, have gone the legal route in a push for increased women’s representation on boards. India’s Company Act of 2013 requires all publicly listed companies to appoint at least one female director. The law has definitely made an impact. According to a 2017 KPMG study, India saw a 180 per cent increase in the number of women on boards of its listed companies between 2013 and 2016. In the early years, it seemed that many companies sought to comply by appointing family members of controlling shareholder families, but more recently, Indian companies have reported fewer such appointments. According to the IiAS, FICCI and Prime Database Group study, Corporate India: Women On Boards, today family members comprise only 16 per cent of female directors of NIFTY 500 companies.
region are moving on this front. For example, Bangladesh’s Securities and Exchange Commission is in the process of revising its corporate governance code to include a requirement for at least one female director in listed company boards. In India, IFC partnered with the Bombay Stock Exchange on a first-ever corporate governance scorecard. The scorecard, which includes a gender dimension, helps companies identify areas of improvement against generally accepted good practices. As South Asian companies draw the attention of international investors, the regulatory push is becoming increasingly relevant. These investors, many of which have fully embraced the business case for diversity, are asking more questions about board composition as part of their due diligence. So, the availability of information
programmes can help build skill sets for all new directors, male and female alike, to ensure they are ready for the boardroom. This will enhance overall board effectiveness, supporting improved decision-making and stronger strategy. Companies also can appoint gender champions and institute women-friendly work policies to make it easier for women to continue their careers while balancing responsibilities at home. They can generate a deeper and wider pipeline by promoting competent and capable women. They can set up networks and encourage women to join. And they can nurture top talent through internal mentoring programmes that pair younger female professionals with more experienced executives. At the board level, companies can ensure that nomination committees value gender
TONE AT THE TOP Including female directors on boards has a direct and positive impact
One woman, alone, sitting on an all-male board, is not enough to drive change at her company The law may have made a difference in the Indian context, where women held only five per cent of board seats prior to the law’s enactment. Yet Bangladesh, with no quota system, actually has a higher percentage of female directors: 19 per cent, compared to India’s 13 per cent. Still, a look beneath the numbers reveals that many of Bangladesh’s female directors are wives or daughters of the controlling shareholder families, an indication that there is a room for improvement. Regulatory interventions, in the form of corporate codes or guidelines that encourage greater board diversity and increased disclosure on non-financial issues, such as gender balance, also have proven an effective way to incentivise companies to take action. Regulators in several countries across the 66 Ethical Boardroom | Autumn 2017
– and demonstrated progress towards greater female representation – will be a critical factor for companies as they compete for investment.
At the company level: tone at the top trickles down
Companies can do a great deal to promote gender balance throughout their organisations. Primary responsibility for demonstrating commitment to diversity lies with the board and senior executives. “The tone at the top is crucial in enhancing gender diversity not only in the boardroom but at all levels of the organisation,” notes the KPMG study. Actions companies can take include instituting formal on-boarding programmes for new directors – or setting aside funds to send nominees for such training. These
diversity, with specific terms of reference on gender balance. Boards also can include an indicator to measure support for gender inclusiveness on board and senior management performance evaluations. Indeed, there is no limit to what companies can do in support of better gender balance. The rate of continued development in the nations of South Asia depends on how effectively resources are used. And that includes drawing from an ever-growing pool of competent, highly educated women, creating an enabling environment that encourages their rise through the ranks into the boardroom. There is a clear need to build a critical mass of male and female champions who can move this agenda forward, because the region’s long-term economic health depends on it. www.ethicalboardroom.com
MORE THAN JUST FACTS & FIGURES YOUR GLOBAL PARTNER EVERYWHERE
#Independence #TechnicalExcellence #Integrity #Responsibility #Stewardship
79 COUNTRIES
www.mazars.com
ONE TEAM
18 000 PROFESSIONALS
AUDIT I ACCOUNTING I ADVISORY I TAX I LAW
Asia | Investment in Japan
Boardroom investment and engagement in Japan Japan has the third largest economy in the world and its stock markets account for about eight per cent of global equities, the second largest after US markets. On one hand, the country might be known for its slowness to change and its sluggish growth over the past 20 years. However, on the corporate governance and investor stewardship fronts, Japan has been through drastic changes since Mr Abe became the Prime Minister in 2012. Investor stewardship and corporate governance reforms have been one of the top economic agenda items under his administration and one of the most successful that he has implemented in recent years. The government introduced the Stewardship Code in February 2014 and the Corporate Governance Code in June 2015. The Stewardship Code was then revised in May 2017 to further promote investor stewardship. These initiatives are framed in the context of promoting sustainable growth of Japanese companies. It’s a unique aspect of the reform in Japan as in other countries corporate governance and stewardship reforms are often implemented against the background of corporate scandals.
Outside influence
This series of policy measures had significant impacts on Japanese corporates and investors. For example, 45 per cent of companies listed on the First Section of the Tokyo Stock Exchange had no outside directors on their boards in 2012. Currently, nearly all companies in the section have adopted outside representation on their boards and on average around 30 per cent of the board members are outsiders. Another example is that the number of companies removing poison pills each year is increasing. There are clear signs that companies are responding to investors’ engagement and the Corporate Governance Code. In the meantime, investors are stepping up stewardship activities in response to the Stewardship Code. More than 200 institutional investors have now signed up for the code and disclose their statement on stewardship responsibilities on their websites. Our firm, Governance for Owners 68 Ethical Boardroom | Autumn 2017
Companies with actively involved share owners perform better over the long term Yoshikazu Maeda
Head of Responsible Investment, GO Japan Japan (GO Japan), has been engaging with Japanese companies on behalf of institutional investors since 2007 and is one of those signatories.1 Our first-hand experience over 10 years is that the environment of investor engagement has never been more favourable for investors; companies are more open to dialogue with investors and the two codes provide a common ground for dialogue. At the same time, investor engagement sheds light on some challenges and opportunities for investor stewardship in Japan. This article elaborates on the capability of investors to conduct investor engagement as a challenge and the use of collective engagement as an opportunity.
Institutional investors
While Japan’s Stewardship Code has many principles in common with the UK Stewardship Code the Japanese version has its uniqueness in principle seven. This says ‘institutional investors should have in-depth knowledge of the investee companies and their business environment and skills and resources needed to appropriately engage
There has been a huge demand particularly from non-Japanese institutional investors for collective engagement in Japan and the revised Stewardship Code now makes it clear that collective engagement can be beneficial under certain circumstances
with the companies and make proper judgments in fulfilling their stewardship activities’. In short, it requires investors to achieve a deep understanding of the company’s business and business environment. However, statistics show that there is a large gap between what the code envisages and the reality. According to a survey done by the Life Insurance Association of Japan, where the association sent questionnaires to 1,088 listed companies and received responses from 572 of them, 37.4 per cent of respondents said that investors’ analysis and understanding of the company is shallow.2 The survey also found that 53.8 per cent of responded companies thought that investors’ dialogues are based only on short-term themes. Investor engagement is expected to contribute positively to the sustainable growth of investee companies, but a large number of companies see the expectation as unmet. This is a flipside of the reality that investors are not experts in managing businesses and their knowledge about each business is always less deep than that of corporate managers. Also, stewardship and engagement activities only started for many investors around three years ago. The investor community should be able to do better with more experience. We believe that investors can provide a different perspective to corporate management given that they look into companies across different sectors. In our experience, companies often appreciate those different perspectives if they are keen to learn about good practices in other companies and if those suggestions are made in a supportive way. Now onto the opportunity. There was one aspect that the original Japan Stewardship Code omitted that is included in the UK Stewardship Code; it is that UK investors are encouraged to engage collectively. On the other hand, there has been a huge demand particularly from non-Japanese institutional investors for collective engagement in Japan and the revised Stewardship Code now makes it clear that collective engagement can be beneficial under certain circumstances. In fact, collective engagement has not been prohibited. However, under Japanese financial regulations, if institutional investors together make important suggestions to www.ethicalboardroom.com
A DIFFERENT PERSPECTIVE Investors can provide companies with advice on good practices
companies in carrying out an investor engagement or in exercising their vote and if they are regarded as a concert party, they as a group will face stricter disclosure rules in reporting large shareholdings. Therefore, if large investors intend to engage with companies collaboratively, they risk being subject to the more stringent disclosure requirement. It therefore appears to be practically prohibitive for institutional investors to carry out collective engagements at the present time.
Get involved
Governance for Owners Japan has provided an engagement platform for institutional clients so that they can implement quasi-collective engagements within the current regulations. We therefore understand from our experience that it is sometimes beneficial to engage with companies on behalf of multiple investors. In my view, it is desirable for collective engagement to be more practically usable. Asian Corporate Governance Association releases its CG Watch Report to summarise www.ethicalboardroom.com
the corporate governance environment across Asian countries every two years. In its latest publication in 2016, the association described the Japanese situation as ‘the hard work begins’. 3 I presented above a challenge and an opportunity that investor stewardship in Japan faces among others. These are still work in progress and we have yet to see how they develop. As to the challenge, investor stewardship and engagement have just started and if investors can add to their experience, the challenge can be resolved; in other words, time may ease the current difficulty. This is consistent with our experience as our capacity to gain trust from corporate management and to achieve engagement objectives has increased gradually over around five years in a J-shaped curve. As to the opportunity, it requires much harder work by investors if it is to be captured. The stricter disclosure regulations in place were introduced because some activist funds had abused the then disclosure framework and surprised company managements when they suddenly appeared on the share register as a large shareholder. Thus, it is not easy for the regulations to be reversed, given
the expected negative reaction from companies to such a proposal. In fact, the challenge and opportunity might be closely linked. It is now investors’ turn to show that their engagement adds value to corporates and enhances sustainable growth of companies. Then, companies will view investor engagement and even collective engagement more favourably. Also, regulators could be more willing to make the regulations more practical if given evidence of the benefits of investor engagement. The government is pressing corporate governance reform and Government Pension Investment Fund, the world’s largest asset owner, encourages stewardship activities by its external asset managers; the trend of investor stewardship in Japan therefore appears irreversible. From now on, investors have to focus on improving the quality of their stewardship activities; this will create a virtuous cycle. I am optimistic that investor engagement in Japan can only get better and there is nothing to lose. http://goinvestmentpartners.com/wp-content/ uploads/2014/04/170720_E_Revised_Stewardship_ responsibilities_for_GOJ.pdf 2http://www.seiho.or.jp/ info/news/2016/pdf/20170321_3.pdf (Whole survey, available only in Japanese). http://www.seiho.or.jp/info/ news/2016/pdf/20170321_2.pdf (Overview of the survey in English) 3Asian Corporate Governance Association, CG Watch 2016, September 2016 1
Autumn 2017 | Ethical Boardroom 69
Asia | India Directors REBALANCING BOARDS Corporate governance experts in India want a stronger role for independent directors
India’s independence call Companies are still struggling to come to terms with the ‘outsider’ model of corporate governance Hailed as a watershed moment for India Inc, the Companies Act of 2013 (TCA, 2013) brought in sweeping reforms with the intention of modernising India’s corporate governance landscape and ushering in a new era of stakeholder democracy. From redefining board composition and legislature’s concept of corporate social responsibility to mandating the placement of women directors on boards, the act made a paradigm shift from the way Indian companies have been regulated over the previous six decades. The law improved many areas of governance, especially in recognising and beginning to address the issue of the ‘majority-minority’ agency problem but it still leaves a lot of room for improvement. Boardrooms across India are starting to recognise that good corporate governance is a necessary though not sufficient requirement for sustainable firm performance. The institution of independent directors, an idea transplanted from the US and the UK, is generally seen as a good mechanism to promote good corporate governance. Renewed attention on the institution of the independent director as being 70 Ethical Boardroom | Autumn 2017
Mahendra Swarup
Chairman, Association of Independent Directors of India instrumental in promoting a sound corporate governance framework has been a significant consequence of the Companies Act of 2013. The regulations have placed them on a pedestal which is equidistant from all stakeholders. They are, therefore, best suited to champion the interests of those stakeholders who are never represented in boardrooms. They have the power not merely to represent minority shareholders, but also the interests of the community at large: future generations, the environment and the vendors – stakeholders whose interests are often circumvented in the pursuit of increasing shareholder value. When the idea originally surfaced in India, promoters responded predictably by empanelling individuals with whom they have a closer and more long-term relationship. Consequently, independent directors themselves saw their role confined to making up the numbers to comply with board composition requirements. All of this roughly translated into passive independent directors and boardrooms where engaging the management itself was seen as a
challenge, leave alone the possibility of confronting them on policies and proposals.
Insider vs. outsider models
To understand why this happened in India, it is important to understand the role of independent directors in the US and UK where the concept originated and the fundamental differences between ‘insider’ and ‘outsider’ models of corporate governance. Outsider models, best represented by the US and UK, are characterised by dispersed share ownership with large institutional shareholdings. Corporate laws formulated in this system are primarily designed to address the ‘management-shareholder’ agency problem. In contrast, India is representative of the ‘insider’ model of corporate governance where family-owned businesses and concentrated stock ownership is more prevalent (no separation of ownership and control). Insiders often make up the single largest block of shareholders, with the remainder diffused among individuals or institutions that form the public interest. A large quantum of powers wielded by controlling shareholders naturally results in the management owing its allegiance to the majority shareholders with minority shareholders enjoying very little involvement in company affairs. www.ethicalboardroom.com
India Directors | Asia It goes without saying that India suffers from the majority-minority agency problem as opposed to the manager-shareholder agency problem that an ‘outsider’ model might be more concerned with. As the Indian corporate governance landscape develops, the effects of transplanting the legal and regulatory framework of an ‘outsider’ system will continue to become more and more apparent.
Their role defined in India
Prior to TCA, 2013, an independent director in India was simply defined as a non-executive director who ‘apart from receiving director’s remuneration, does not have any material pecuniary relationships or transactions with the company, its promoters, its directors, its senior management or its holding company, its subsidiaries and associates which may affect independence of the director’. This definition and subsequent provisions only dictated the terms that outline who did not qualify as independent directors. This total lack of positive qualifiers coupled with inadequate post-induction training intended to familiarise independent directors with the domain, sector and the company- resulted in companies appointing individuals who merely satisfy the compliance requirements, but were otherwise unsuited for the job. Many of these deficiencies have been addressed by the Companies Act of 2013 which defined entry requirements and mandated the creation of a central database of individuals eligible and willing to act as independent directors. The institution of independent directors in India underwent a radical transformation with the introduction of the Companies Act of 2013 which significantly expanded the roles, responsibilities and liabilities of independent directors in India. Charged with being the conscience keeper of the company and with being a moral gatekeeper defending the public stakeholder, suddenly, there was a price to pay for non-performance and passive presence, Criticism about the over-prescriptive nature of TCA, 2013 regulations aside, independent directors in India are arguably more empowered now than ever. The role of independent directors is to protect the interests of all stakeholders, particularly the minority stakeholders. They are the arbitrators in cases of conflicts, between management and stakeholders and between stakeholders themselves. They are expected to actively participate and guide the strategic direction of the company, particularly in the areas of corporate social responsibility, risk management, and workplace safety and security.
Independence of independent directors
Good corporate governance is about no more than doing the right thing at the right time. www.ethicalboardroom.com
It isn’t a series of box-ticking compliance exercises or a set of requirements enforced by regulators to reduce instances of malfeasance. It was the emergence of the ‘monitoring board’ concept in the US that brought forth the institution of independent directors; individuals who are meant to bring objectivity to the oversight function of the board in order to improve its effectiveness. For independent directors to play an active role in the protection of interests of the minority shareholders, the key issue is how independent they are when a situation arises. Considering the shareholding pattern, it is worth noting that the vast majority of independent directors in India are beholden to the promoters and the management for their empanelment into corporate boards. Considering that the role of independent directors in India is to mitigate the ‘majority-minority’ agency problem, it would make sense for their appointment process to take this into account. But this isn’t the case at all. Independent directors are chosen by a committee where the chair (promoter) wields an inordinate amount of influence when it comes to the appointment and removal of independent directors. It is highly unlikely that promoters will sanction the empanelment of any individual who will place the interests of minority shareholders over that of the management.
It is highly unlikely that promoters will sanction the empanelment of any individual who will place the interests of minority shareholders over that of management The presence of controlling shareholders on board significantly alters boardroom dynamics and decision-making. More often than not, controlling shareholder opinion takes primacy over all else.
Liability risk
It is clear from the current position in law that the independent directors do not exercise direct control over either the day-to-day operations of the business or the company’s whole-time directors’ actions. Independent directors are persons of high repute and stature, who due to their previous contributions and track record are appointed onto the boards of public service utilities and other companies. Yet, lenders take action against independent directors in case of a default by any company and even publish their names and photographs in newspapers as ‘wilful defaulters’, along with the promoters/owners/whole-time directors/
management of the defaulting company without instituting a proper inquiry. In view of such inclement conditions, independent directors, fearful of becoming soft targets, are shying away from taking seats on company boards, while the lenders in their attempt to make recoveries somehow (or to cover up their own inefficiencies resulting in rising NPAs) continue to misuse this provision (weapon) of declaring the independent directors as wilful defaulters. Some of the regulatory body’s actions in relation to wilful defaulters are laudable, such as in case of SEBI, which as per its board meeting held on 12 March 2016, published a press release restricting the companies and their promoters/directors declared as ‘wilful defaulter’ to access capital markets to raise funds or to take control over a listed entity. It also restricted any fresh registrations to any such entity or its promoters or directors. Having said that, such regulatory direction without making any exception for the independent directors would inhibit its implementation In order that the benevolent institution of independent directors survives and supports the healthy culture of governance, it will have to be protected and safeguarded from arbitrary and mechanical actions and approaches. Such actions from the leading industry if not curbed and effectively regulated, would defeat the purpose of bringing independent directors on the board of a company. Any person with requisite knowledge and experience would be deterred and would not come forward to take the responsibilities of an independent director.
Conclusion
Regulatory interventions in India have become more in-depth and inquisitive and there is an increased faith placed in the institution of independent directors. But a key problem in India is the director’s ability to act independently from the promoter. In the context of an inability to define independence as a state of mind, independent thought isn’t commonly observed in traditional board settings. The success or failure of the Indian growth story is contingent on the trust and quality of governance that safeguards capital. Over time it is likely that India Inc. will witness a dilution of controlling shareholding across the board. The importance of ensuring independent directors are empowered to discharge their duties is now more important than ever. What is urgently required is a complete overhaul of the institution of independent directors and the systems designed to facilitate effective execution of their duties. Recent recommendations by the 21-member Kotak Committee are a step in the right direction and we can be hopeful that successive reforms will seek to address the spirit of independence over all else. Autumn 2017 | Ethical Boardroom 71
Corporate Governance Awards | Introduction
Ethical Boardroom Asia & Australasia award winners 2017 Good corporate governance enhances and underpins a company’s long-term sustainable performance and is critical to long-term value creation and economic growth.
Meaningful engagement with shareholders is one of the key aspects of corporate governance, especially for discussions on strategy, succession planning and remuneration. In Japan, there have been concerns that companies are failing to restructure and innovate because managers’ interests may not always coincide with shareholders’ interests. Economists have warned that to improve Japanese companies’ growth and efficiency, the country needs to ‘release shareholders against hidebound management’. Researchers at the Tokyo Institute of Technology found that without shareholder pressure, managers will avoid big decisions and let their companies stagnate. And companies with more cross-shareholding spend less on both capital investment, research and development and engage less in corporate restructuring. Interestingly, Prime Minister Shinzo Abe has embraced shareholder activism in a bid to encourage the adoption of his corporate governance reforms, a central part of his economic policy platform. In Australia, the Australian Council of Superannuation Investors (ACSI) – a group
72 Ethical Boardroom | Autumn 2017
representing some of the nation’s biggest superannuation funds – has argued that shareholders need greater powers to ensure their concerns are heard at company AGMs, especially on environmental and social issues. The ACSI’s calls for shareholders to have the ability to put non-binding, advisory resolutions on the agendas of company AGMs has been described as ‘a missing part of the corporate governance landscape in Australia’ and will give Australian shareholders a better way to express concerns about ESG issues. In India, a newly established committee on corporate governance formed by the country’s market regulator, Securities and Exchange Board of India (SEBI), has highlighted the importance of protecting the interests of shareholders. To improve corporate governance at listed companies, the SEBI panel has
recommended that certain payments should need approval from the majority of non-promoter shareholders. The committee noted various cases of disproportionate payments made to executive promoter directors as compared to other executive directors and felt that this issue should be subjected to greater shareholder scrutiny. If the salary paid to a single non-executive director exceeds 50 per cent of the pool being distributed to the non-executive directors as a whole, then the company has to take shareholder approval with the promoter getting the right to vote, it said. The Ethical Boardroom Corporate Governance Awards recognise and reward outstanding companies who have exhibited exceptional leadership in the area of governance. The awards highlight the important role that corporate governance plays in dictating a company’s success and a board’s contribution to the creation of long-term value. Ethical Boardroom is proud to announce its Corporate Governance Awards Winners in Asia and Australasia.
www.ethicalboardroom.com
AWARDS WINNERS 2017 AW ARDS MIDDLE EAST
The Winners | Corporate Governance Awards
WINNERS 2017
ASIA 2017 FINANCIAL SERVICES CIMB GROUP HOLDINGS BERHAD TELECOMMUNICATIONS SINGAPORE TELECOMMUNICATIONS LTD CONGLOMERATE AYALA CORPORATION UTILITIES TENAGA NASIONAL BERHAD MEDIA MEDIA PRIMA BERHAD INSURANCE AIA GROUP LTD REAL ESTATE DEVELOPER CAPITALAND LTD REAL ESTATE INVESTMENT TRUST FRASERS COMMERCIAL TRUST AGRI-BUSINESS INDOFOOD AGRI RESOURCES LTD FOOD & BEVERAGE DEL MONTE PACIFIC LTD CONSTRUCTION CHINA OVERSEAS LAND & INVESTMENT LTD LEISURE & ENTERTAINMENT BANYAN TREE HOLDINGS LTD AUSTRALASIA 2017 FINANCIAL SERVICES AUSTRALIA & NEW ZEALAND BANKING GROUP LIMITED (ANZ) UTILITIES AGL ENERGY LTD TELECOMMUNICATIONS TELSTRA CORPORATION LTD CONSTRUCTION LAND LEASE GROUP INSURANCE INSURANCE AUSTRALIA GROUP LTD FOOD & BEVERAGE COCA-COLA AMATIL (CCA) LEISURE & ENTERTAINMENT CROWN RESORTS LTD REAL ESTATE INVESTMENT TRUST GPT GROUP AGRI-BUSINESS GRAINCORP LTD REAL ESTATE DEVELOPER STOCKLAND
www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 73
Corporate Governance Awards | Media Prima
Media Prima: Tuned in to good governance Ethical Boardroom talks to Datuk Kamal Khalid, the company’s Group Managing Director, about a commitment to good governance
AWARDS
WINNERASIA 2017
MEDIA SERVICES Datuk Kamal Khalid
Group Managing Director, Media Prima
Ethical Boardroom: Corporate
governance in Malaysia is constantly evolving; what is Media Prima doing to stay ahead of the curve? Datuk Kamal Khalid: Media Prima is proactive in ensuring compliance to both statutory requirements and the Malaysian Code of Corporate Governance. We work closely with regulatory, enforcement and related NGOs (non-governmental organisations), such as the Minority Shareholders Watchdog Group to enable us to meet the governance standards expected by our stakeholders.
74 Ethical Boardroom | Autumn 2017
EB: How are environmental, social and governance practices being strategically integrated into Media Prima’s operations? DKK: We are continuously encouraging our employees to practice good corporate governance while carrying out their duties through our training programmes. This is done through our structured employee development programmes and continuous staff engagement activities. Regular, planned audits and assessments are also conducted across the organisation. EB: Diversity is one of the pillars on which long-term value creation is built; would you say that is the case at Media Prima? As with any other organisation, we value diversity and its long-term benefits to the company. The Media Prima board’s composition is very diverse in respect of ethnic backgrounds, skills and age, which is extremely important and necessary in ensuring a high-performing board culture. Having gender diversity at the board adds value. Media Prima is one of the companies that has achieved the 30 per cent women
www.ethicalboardroom.com
Media Prima | Corporate Governance Awards
KUALA LUMPUR HEADQUARTERS Prima Media is Malaysiaâ&#x20AC;&#x2122;s leading fully-integrated media company
Media Prima has consistently been ranked among the best in Malaysia and the region for good corporate governance by the financial community
www.ethicalboardroom.com
on the board target. Three out of nine of our board members are women. In addition, Media Prima has also started to focus on its subsidiary boardâ&#x20AC;&#x2122;s diversity. Three of our six main operating subsidiaries are now chaired by women â&#x20AC;&#x201C; our out-of-home advertising arm Big Tree Outdoor, our content creation arm Primeworks Studios and our digital company Media Prima Digital. Fostering a culture of diversity and inclusion has played a key role in ensuring sustained success of our workforce. Valuing diversity refers to respecting and supporting the uniqueness of each individual. Diversity includes attributes, such as gender, age, ethnicity, language, cultural background, physical ability, religious beliefs and lifestyle choices. Media Prima is working hard to ensure a more balanced ratio of diversity in its Group.
EB: Media Prima has now been listed in the FTSE4Good Bursa Malaysia Index (F4GBM) for two and half years. Would you say this is a testament to your commitment to responsible business practices and good governance? DKK: Media Prima has consistently been ranked among the best in Malaysia and the region for good corporate governance by the financial community. In 2016, we were ranked number one in Malaysia for Best Disclosure and Transparency and Corporate Social Responsibility in a governance poll conducted by regional financial publication Asiamoney. The recognition received in 2016 polls, Ethical Boardroom and FTSE4Good validates the hard work and commitment of our board, management and employees. We remain committed to implementing and practising the very best standards of corporate governance and responsibility while addressing the needs of our business ecosystem through various social responsibility-based programmes. EB: What does it mean to Media Prima to be recognised as a regional winner in your respective industry? DKK: It is a great honour and privilege for Media Prima to be acknowledged by Ethical Boardroom. The company places great emphasis on ensuring governance, transparency and implementation of industry best practices while we continue delivering value to our shareholders. So it is wonderful to be recognised for our efforts. Despite the increasingly challenging operating environment faced by the media industry as a result of digital disruptions, our company has continued to be forthright and transparent in our reporting. We want to be open in explaining the challenges we are currently facing and our strategic plans to address them moving forward.
Autumn 2017 | Ethical Boardroom 75
Global News Australasia Reputational risk a ‘major threat’
NZ airline focusses on sustainability Air New Zealand’s management has called on the country’s government to take climate change and sustainability more seriously. CEO Christopher Luxon and Sir Rob Fenwick, a member of the airline’s sustainability advisory panel, said there is a ‘very urgent need for government, business and civil society to work together in an integrated way’.
The pair were speaking at the launch of Air New Zealand’s 2017 Sustainability Report in early October, where the airline also outlined its plans to reduce carbon emissions and raise its level of sustainability ambition. In the report, Air New Zealand also made clear its commitment to establishing metrics for ethnic diversity, as part of its talent development and employee participation in its sustainability agenda.
CEO whaling attacks on the rise Some of Australia’s biggest CEOs have been tricked out of millions of dollars after criminals studied their personal social media for information, a report claims. According to News Corp Australia, whaling attacks — a targeted attempt to steal sensitive information from a company’s senior management — are a growing trend. Such attacks use fraudulent emails that appear to be from trusted sources to try to trick victims into divulging sensitive data over email or visiting a spoofed website that mimics that of a legitimate business and asks for sensitive information, such as payment or account details. News Corp Australia reports that a ‘confidential brief to the federal government’ has warned of a burgeoning trend in CEO whaling, with vast amounts of money lost through an average of just three to six plain text emails.
Australia tackles boardroom bullies Executive teams, shareholders and boards that fail to identify and address bullying behaviours could cost their companies millions, Australian lawyers have warned. Board directors can now make bullying claims against each other following a landmark decision that has opened up anti-bullying laws to senior board members. Trevor Adamson, chairman of Anangu Pitjantjatjara Yankunytjatjara Lands lodged a successful stop bullying order against deputy chairman Bernard Singer and general manager Richard King, alleging they refused to deal with him, denied him minutes, prevented quorums and defamed him. In a separate case, the Supreme Court of Queensland recently awarded an executive employee AUD$1.4million in damages after finding that she had been subjected to ‘repeated managerial mistreatment’ by her boss. Paul O’Halloran, partner at law firm Colin Biggers & Paisley, said recent cases are a warning to ‘organisations who have poorly behaving executives‘.
76 Ethical Boardroom | Autumn 2017
Australian organisations are extremely sensitive to reputational risk, although 76 per cent are aware of their main risks, according to a new report. The Reputational Risk Australia 2017 Survey Report by Norton Rose Fulbright found that eight out of 10 Australian organisations have purchased insurance coverage for certain risks. Board members and C-level executives believe that the top three risks most likely to have an impact on a company’s reputation are regulatory investigations, cyber risk/ data privacy breaches and intellectual property and brand management. The report advises companies to organise regular training for exposures that can result in reputational damage in order to embed organisational values and foster a culture of compliance.
NZX aims for better investor engagement
New Zealand’s stock exchange NZX has called on listed companies to adopt a new corporate governance code to broaden their reporting to inform and attract investors. The NZX’s Corporate Governance Code is a set of guidelines based on eight principles, such as board composition and performance, reporting and disclosure and risk management. NZX general counsel Hamish Macdonald said the code, which is not mandatory, is aimed at promoting stronger corporate governance and driving transparency. “The intention is to provide better information to the market, so the market can make informed decisions about how they feel about particular practices of a company and whether they want to invest in that,” said Macdonald. www.ethicalboardroom.com
If the board is thinking about it, we’re talking about it. Since 1999, KPMG’s Audit Committee Institute has been helping boards and audit committees focus their agendas on what matters most. For timely insights and informed, board-level perspectives on top-of-mind issues, visit kpmg.com/globalaci Audit Committee Institute
© 2015 KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved. The KPMG name and logo are registered trademarks or trademarks of KPMG International.
Activism & Engagement | Australia
Charting rise of shareholder activism in Australia Activists are transforming the Australian corporate landscape While the impact of shareholder activism in Australia hasn’t yet been as seismic as predicted, its steady increase, growing sophistication and the breadth of companies being targeted is transforming our corporate landscape.
In October 2016, Arnold Bloch Leibler released the first-ever detailed analysis of activist investing trends and insights in the Australian context. Based on the firm’s experience in advising both activist investors and non-executive directors in responding to activist demands, we commissioned global data specialist Activist Insight to undertake the research. Its report found that at least 50 Australian listed companies a year had received a public demand from investors since 2013 and activists had won 113 board seats – or around two-fifths of the total sought. While the vast majority of equity activism in Australia (86 per cent) had been locally driven, we were squarely on the radar of
Jeremy Leibler
Partner at Arnold Bloch Leibler major global activists looking to diversify their portfolios beyond the US. And while the analysis indicated that Australia’s limited capital pool had targeted the smaller end of town, with 85 per cent of activist attention focussing on companies with a market cap of less than AU$331million, the data only tells half the story. The report pointed to high-profile cases that had hit the headlines, such as Brickworks and Antares Energy, while explaining that activists were still exerting most of their muscle behind the scenes. Fast-forward 12 months and the Australian business
media is rife with stories of under-performing boards being put under intense pressure by increasingly savvy activists. Major strategic announcements, which we’re now seeing on a regular basis, have been triggered by pressure from activists, including asset disposals at top-50 companies. Which is why every competent ASX 200 board is preparing its company and management team for this potential and the inevitable consequences to business operations and reputation,
A market ripe for the taking
Boards that are not anticipating and preparing for activist activity are ignoring the legal and structural reasons why the Australian market is so conducive to it. Features of Australia’s regulatory framework that make it ripe for activism include:
ACTIVISM IS ON THE RISE Activists have targeted 50 Australian listed companies in the past four years 78 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
Australia | Activism & Engagement ■■ The ‘two strikes rule’ that allows just 25 per cent of shareholders to vote down a company’s remuneration report and, ultimately, spill the board of directors (there is no such tool for activists in the US) ■■ The relatively low threshold (five per cent of issued equity) required to call an extraordinary general meeting ■■ Recent amendments to regulatory guidelines, clarifying that shareholders can communicate with each other about company performance ■■ The relatively high degree of institutional shareholdings due to the large superannuation fund pool The equally influential flipside of this regulatory incentive is the lack of regulation over proxy advisers in Australia, which has emboldened activists and provided them with disproportionate control over company decision-making. Calls are building for greater oversight of the power being wielded by Australia’s proxy advisory industry, in line with external regulation enacted or proposed in jurisdictions including Britain, the US, Canada and the European Union. Clearly, proxy advisers have a role to play in our corporate landscape but it’s time they were scrutinised by regulators, just like every other provider in the financial services industry. Regulation would help address issues of competence and conflicts of interest. And more explicit voting guidelines, similar to those in the United States, would discourage investors from abrogating their responsibility by simply ticking the box
www.ethicalboardroom.com
provided to them by proxy advisers with their own opaque agendas. Free of any regulation or mitigating guidelines, proxy advisers are influencing shareholder voting, with scant regard for a company’s particular circumstances. They are incentivising shareholder activists to leverage off the two strikes rule and remuneration reports at a level that’s disproportionate to their shareholding and that has nothing to do with remuneration. The impact of proxy advisers is too often demonstrably not in the interests of companies or the Australian economy. A case in point is how these advisers continue to rail against boards that have directors who are substantial shareholders, ignoring the reality that directors with nothing other than reputation riding on the success of a company are less likely to challenge out-dated business models, take necessary risks and innovate. The current context, which reflects a shift from director-centric governance to shareholder-centric governance creates a weighty challenge for these directors. How
Calls are building for greater oversight of the power being wielded by Australia’s proxy advisory industry, in line with external regulation enacted or proposed in jurisdictions including Britain, the US, Canada and the European Union
do they resist the temptation to spend all their time and resources focussed on preparing for and responding to activists and proxy advisers instead of the broader, long-term strategic direction of company? Which brings me to another aspect of Australia’s corporate jigsaw that creates an environment ripe for activist intervention… the ‘NEDs (non-executive directors) club’. The latest data from the Australian Institute of Company Directors boasts that ‘only’ four directors held four board seats in ASX 200 companies in 2016, only two held five board seats. Across all ASX 200 companies, 182 people held 418 seats – or just more than a third of non-executive directorships. And this data doesn’t reflect the traffic of directors who flow from one board to another. Reputation means everything when these directorships are the main source of people’s incomes, particularly as they move into retirement from more strenuous executive roles. A NED of an ASX 200 company, who typically attends a dozen or so meetings a year, takes home an average of $170,000 a year in cash (plus superannuation), regardless of the company’s performance. An independent director’s reputation is key to his or her ability to obtain the next board appointment. This delivers a powerful tool to the activist. A director with reputational risk is far more likely to engage and submit to an activist’s demands than a director who represents the interests of a major shareholder. Australian research undertaken by Professor Peter Swan at the University of New South Wales suggests that the trend towards independent directors in Australia over the past 15 years has destroyed at least $20billion of shareholder value. It’s no coincidence that over the same period proxy advisers have become de facto decision-makers for many institutional investors.
Autumn 2017 | Ethical Boardroom 79
Activism & Engagement | Australia
Lessons learned
If we take the role of regulation and the consequences of insufficient regulation as a given, what are the core lessons Australian boards should have learned about activism to date? Let me draw on three recent examples to offer three topline responses – and none of it is rocket science.
1
Know and engage with your shareholder: BHP
A responsible board needs a plan for dealing with the inevitable activist shareholders that will target an underperforming company and BHP, once known as ‘The Big Australian’, was caught out. After a torrid 10 years, even by comparison with its also-suffering peers in the resources sector, BHP dealt with two separate but related campaigns. The first was driven by high-profile US activist investor Elliott Management, whose campaigns have a long track record of unlocking latent shareholder value. Elliott’s laundry list of demands included abandoning BHP’s costly dual-listing structure, ditching its failed US shale experiment and increasing returns to shareholders. In a victory of sorts for Elliott, BHP has since announced a plan to dispose of its US shale activities and pledged to adopt more rigorous capital management. The second campaign involved a number of high-profile shareholders who took aim at incoming director Grant King, former CEO of Origin Energy and the current president of the Business Council of Australia, the country’s peak industry body representing big business. King’s appointment to the board of BHP was announced by outgoing chairman Jac Nasser in February this year, just one day after projects initiated at Origin on his watch were written down by $1.9billion - in addition to a $1.2billion write-down made six months earlier. With significant shareholder concern around BHP’s poor historical capital allocation decisions (including in respect of US shale), the timing of Grant King’s appointment rankled with fund managers, proxy firms and shareholders alike. Ultimately, King succumbed to the pressure and withdrew his nomination for re-election at this year’s AGM. As a result of the two campaigns and with BHP finally stepping up its public relations efforts, chairman-elect Ken MacKenzie has reportedly taken more than 100 meetings with investors.
the activist’s 2 Consider track record: Ardent
An activist shareholder with an impeccable track record and a strong and detailed plan for the future of a company is difficult to thwart. A little closer to home than the BHP example, we acted for Dr Gary Weiss’s Ariadne in its campaign against Dreamworld owner Ardent Leisure. 80 Ethical Boardroom | Autumn 2017
Weiss, a close business associate of retail magnate Solomon Lew and well-respected in the Australian business community, had seen enough of Ardent Leisure’s underperformance over the last three years and engaged in a public campaign to appoint four directors to the board. Typically, an activist shareholder would require the company itself to call and hold a general meeting at the company’s cost to have the activist’s preferred directors appointed. The company would draft and distribute the notice of meeting, which would set out at length the incumbent board’s position in relation to the activist proposal. The activist’s statutory 1,000-word statement would be relegated to the final paragraphs of a 20-page document. In this case, however, Ariadne called Ardent’s general meeting itself. This gave Ariadne complete control over the notice of meeting and, crucially, the messaging. Ariadne was ready with a detailed, complex and considered turnaround strategy for Ardent and, in the notice of meeting, directed all proxies be sent to a share registry it had engaged. This meant that Ariadne had visibility over the proxies it had collected, while Ardent remained in the dark until 48 hours before the general meeting.
For shareholders, directors, commentators and lawyers, increased activism has us all speculating on what’s coming next? Currently, all eyes are on the response of superannuation funds and hedge funds Despite proxy advisors recommending a vote against the activist directors, by the time Ariadne shared the proxies showing strong institutional support with the incumbent board, the current directors knew they had been defeated. As a last-minute compromise, Ardent agreed to appoint Gary Weiss and Brad Richmond to its board and the general meeting was called off. The final triumph in a campaign described by Australian Financial Review as the ‘biggest win by activist investors in decades’, Weiss was this month (October) appointed chairman of Ardent.
try to pull a shifty on 3 Don’t shareholders: Praemium
We also acted for Praemium’s sacked CEO Michael Ohanessian in his successful spill of the entire Praemium board.
Ohanessian had overseen five years of strong growth and shareholder returns, when eight days after announcing record half-year results, he was abruptly fired by the Praemium board. Major shareholders had not been informed and the lack of transparency irreparably damaged the board’s reputation and relationship with those shareholders. Three major shareholders (Australian Ethical, Paradice and the Abercrombie Group) were so incensed by the board’s actions that they joined Ohanessian to form a shareholder bloc to spill the incumbent board. The shareholder bloc sought to replace the board with three new, highly qualified and independent directors. Despite irresponsible proxy advisers recommending against the shareholder bloc without attempting to engage with it, and the incumbent board airing a lengthy, damaging and one-sided account of the CEO’s sacking in its notice of general meeting, the shareholder bloc’s resolutions were passed and Michael Ohanessian reinstated as CEO.
Where to next?
For shareholders, directors, commentators and lawyers, increased activism has us all speculating on what’s coming next? Currently, all eyes are on the response of superannuation funds and hedge funds. While superfunds/institutional investors are unlikely to become activists themselves in the classic sense, they recognise that in order to create value for their investors, they may need to pick sides in activist campaigns and/or seek out activists to drive campaigns they will support. Australian Ethical is a conservative institutional investor that wouldn’t normally engage in activist activities. The fund was so aggrieved that shareholders weren’t consulted before Praemium’s high-performing CEO was sacked, it felt obligated to resort to activism to protect its clients’ investment. Hedge funds are a perfect match for activists and, having seen multiple hedge funds obtain control of Australian listed companies via debt to equity swaps in the distressed debt space, more of them will engage in classic activism to obtain controlling stakes or board seats. The jury is still out as to whether activism is helping or harming companies and the Australian economy and, most likely, the reality is a bit of both. Detractors say activists reinforce short-termism and excessive attention on financial metrics rather than long-term growth and strategy. Supporters believe activists are necessary to shake up underperforming companies and overly cosy boards. Whatever the case, activism has well and truly arrived Down Under and it’s contributing to a far more complex, unpredictable corporate landscape. www.ethicalboardroom.com
Activism & Engagement | Canada
Promoting good governance in Canada Shareholder engagement is key, says the Canadian Coalition for Good Governance The Canadian Coalition for Good Governance (CCGG) is a non-profit corporation whose members are institutional investors that together manage more than C$3trillion in assets. CCGG promotes good governance practices in Canadian public companies and the improvement of the regulatory environment to best align the interests of boards and management with those of their shareholders and to promote the efficiency and effectiveness of the Canadian capital markets. CCGG, which celebrates its fifteenth anniversary this year, accomplishes its mission by creating policies, by responding to requests for comment from regulators and governments, by making various submissions to have laws enacted or changed and by carrying out a board engagement programme on behalf of members, which is the focus of this article.
Helping boards to communicate better In 2009, CCGG began a programme of engaging directly with the independent directors of Canadian public companies on governance matters of interest to our members. Currently, CCGG meets annually with independent directors of 45 to 50 issuers that represent a range of industries and market capitalisations. These meetings provide a private forum for dialogue and an exchange of views between independent directors and institutional investors. They also provide an efficient means for boards to communicate with many of their largest shareholders. In the 2016 engagement season, CCGG held meetings with the independent directors of issuers that collectively represented more that 21 per cent of the total market capitalisation of the S&P/TSX Composite Index. Over the past six years, CCGG has held one or more meetings with the independent directors of 152 of the 250 companies that comprised the S&P/TSX Composite Index as at December 2016. That group represents more than 60 per cent by number and close to 85 per cent by market capitalisation of the index and includes companies from all 11 industry sectors. 82 Ethical Boardroom | Autumn 2017
Stephen Erlichman
Executive Director, Canadian Coalition for Good Governance The scope of CCGG’s dialogue with independent directors has expanded from an initial focus on governance policies and executive compensation practices to a broader discussion of board composition and the board’s approach to providing effective oversight and input in critical areas such as risk management, strategy setting and board and management succession. A study of CCGG was carried out by four university professors resulting in a publication in 2015 that made the following conclusion about CCGG’s board engagement programme: “CCGG engagements had a statistically significant and economically meaningful impact on the likelihood of subsequent adoption of majority voting, say-on-pay, on compensation disclosure and structure and on incentives… Through board interlocks, we find the CCGG’s influence extends beyond the engaged firms. “Our evidence suggests that a collective action organisation can have an impact on governance through activism. The CCGG’s structure facilitated activism by all types of domestic institutional investors, including those that are traditionally expected to be more passive. The factors that contributed to CCGG’s effectiveness may have relevance elsewhere. These include forming a powerful group with a small number of members by focussing on investor scale rather than type and harnessing social incentives, in addition to economic incentives, to improve group functioning and firms’ responses.”1
How it works
How does CCGG carry out its board engagement programme? In deciding with which companies to engage in a particular year, CCGG looks at various factors, including our members’ percentage ownership of a company (generally our members own between 15 to 30 per cent of the shares of engaged companies), the industries that we wish to focus on and the market capitalisation of the companies. Whether a company has ‘bad’ or ‘good’ governance is not a primary consideration; CCGG engages with many companies
that have good governance because we believe that we can learn from those companies and even well-governed companies still can still improve. CCGG advises its members in advance of upcoming engagements and invites their input on potential discussion topics. We review the company’s public disclosure materials and prepare a summary that primarily considers the company’s governance practices relative to guidance provided in two of CCGG’s major publications, namely Building High Performance Boards and Executive Compensation Principles. CCGG’s analyst, as well as the CCGG staff member and the CCGG board member who will be attending the engagement, then discuss the summary and finalise the agenda for the meeting. In advance of the engagement meeting, the independent directors are provided with an outline of the intended topics for discussion and are invited to raise additional matters of relevance to their board. The CCGG attendees read the company’s proxy circular and other relevant public documents to prepare for the meeting. The meeting is held with the chair of the board (or if the chair is not independent, then with the lead independent director) as well as the chair of the compensation committee and/or the governance committee. All other independent directors of the company are invited to attend if they wish. CCGG does not ask questions that elicit material, non-public information. During an engagement, CCGG will urge the independent directors to improve proxy circular disclosure in certain areas and to make substantive changes to improve aspects of their governance. CCGG meets with independent directors only, without company management present, because our institutional shareholder members elect directors (not management) and because our questions often deal with management issues, such as CEO compensation and succession planning. www.ethicalboardroom.com
Canada | Activism & Engagement Following the meeting, CCGG will prepare a confidential summary of what transpired, send the summary to the independent directors for their review and comments, finalise the summary after receiving those comments and then post the final summary on CCGG’s website for members only to assist members in carrying out their stewardship obligations. A copy of the final summary is also provided to the independent directors. If the engagement meeting was the first one with a company, CCGG generally will ask for a meeting the subsequent year in order to see whether the changes CCGG suggested were accepted. To the extent changes were not accepted, CCGG will ask why and, if we disagree, we again explain why we believe the changes should be made. We also will ask new questions based on the company’s latest public disclosure.
Best practices
Based on the numerous proxy circulars that CCGG reviews every year in connection with the board engagement programme, CCGG prepares an annual publication entitled Best Practices For Proxy Circular Disclosure to assist boards in preparing a proxy circular. Closely tied to CCGG’s board engagement programme is our ‘governance gavel’ awards, whereby CCGG annually recognises excellence in corporate governance and disclosure. Governance gavels are awarded to issuers that best meet the guidelines set out in CCGG’s various governance policies, develop exceptional disclosure practices and actively engage with shareholders. On an ad hoc basis, CCGG also may recognise issuers that make significant year-over-year improvements in governance and disclosure practices as well as best practices in shareholder engagement. CCGG recently published its updated stewardship principles. In these principles, CCGG states that institutional investors should engage with portfolio companies, either directly, or by collaborating with other institutional investors or by joining investor associations, such as CCGG. Thus, CCGG’s board engagement programme is a way in which Canadian institutional investors can fulfill one aspect of their stewardship obligations.
Making progress
Governance gavels are awarded to issuers that best meet the guidelines set out in CCGG’s various governance policies, develop exceptional disclosure practices and actively engage with shareholders www.ethicalboardroom.com
Companies now sometimes ask CCGG to have an engagement, thus turning full circle from the initial hesitance that independent directors had when CCGG first commenced its board engagement programme. 1 Can Institutional Investors Improve Corporate Governance Through Collective Action?, Professors C. Doidge, A. Dyck, H. Mahmudi and A. Virani, April 2015
Autumn 2017 | Ethical Boardroom 83
Activism & Engagement | Divestitures
HOW THE BEST DIVEST Breaking up doesn’t have to be so hard to do
Successful divestitures
When a piece of your company no longer fits: what boards should know Focussing on growth is a given when it comes to increasing value for a company’s investors. That can mean exploring an acquisition or a strategic alliance. But expanding isn’t the only way to unlock shareholder value.
Some companies have businesses that don’t contribute to core capabilities or fit with their current strategy. Perhaps a previously acquired company wasn’t integrated successfully. Perhaps a business is a drag on earnings because its financial performance lags other businesses. Or a thriving business may have outgrown the parent company and could be more valuable either on its own or as part of another 84 Ethical Boardroom | Autumn 2017
Paula Loop & Catherine Bromilow
Paula is a PwC partner and the leader of PwC’s US Governance Insights Center. Catherine is a PwC partner in PwC’s Governance Insights Center company. By removing nonconforming businesses, a company can create a more focussed portfolio for shareholders. Shareholder activists also often urge target companies to divest parts of their businesses. In 2016, activist hedge funds had US$176billion in assets under management and publicly targeted 329 public US companies, according to Activist Insight Annual Review 2017. As of July 2017, there were 91 US activist campaigns that called for companies to explore some type of sale process, more than double the number called for in the previous year.1 See chart opposite
(note, all deals of more than $100billion have been excluded). And with the money that has been flowing into activist hedge
Directors may be taking their eye off the ball In 2017, 27 per cent of directors said their boards had reviewed areas of weakness in company strategy that could be targeted by activists, down from 55 per cent who said their boards did so in 2015. Source: PwC, 2017 Annual Corporate Directors Survey, October 2017; PwC, 2015 Annual Corporate Directors Survey, October 2015
www.ethicalboardroom.com
Divestitures | Activism & Engagement funds – at least in the United States – we expect such pressures to continue. Any potential divestiture should be aligned with a company’s overall strategy and plans to create long-term value. Boards that understand the strategy and how each part of the company does or doesn’t contribute to it will better serve their shareholders. Divestitures can be challenging. A company must identify the business unit to be separated, decide on the type of separation and either prepare it for sale or develop a standalone entity that will function outside of the parent. A divestiture ultimately is a surgical procedure, with a degree of complexity that demands careful planning and caution. Boards should discuss with management the goal of any major proposed divestiture. That should include how removing a business unit will allow the company to do something it can’t do today. Once directors are satisfied with the strategic reasons for divesting, they can consider other important questions for the board, including: ■■ What kind of divestiture should we consider? ■■ How important is timing? ■■ How are we handling talent? ■■ What should our board watch out for after a deal is done?
What kind of divestiture should we consider?
Companies have multiple options for divesting a business unit and may choose to either maintain some type of connection with the divested unit or sever all ties. Depending on the exit structure, the regulatory, tax and financial reporting requirements can vary significantly and usually involve different timetables.
■■ In a carve-out IPO, a company separates a business unit or subsidiary but offers only a minority interest in the new entity to outside investors. The result is two separate legal entities, each with its own financial statements, management team and board of directors. The parent company retains a controlling interest in the new company ■■ A spin-off creates an independent company with its own equity structure, with shares in the new company typically distributed to the parent company’s shareholders. Unlike a carve-out IPO, the parent company doesn’t have a controlling interest and instead holds no equity or possibly a minority stake ■■ A split-off is similar to a spin-off in that it also creates a new entity with its own equity structure and the parent company doesn’t have a controlling interest. The difference is that shareholders can essentially exchange shares in the parent company for shares in the new company. A split-off can have a less dilutive effect than a spin-off on the parent company’s earnings per share ■■ A trade sale typically is the cleanest type of divestiture. A company completely turns over a subsidiary or business unit to another company, a private equity firm or some other buyer. A sale is usually easier and faster to complete than the other types of transactions ■■ A parent company may contribute a portion of its business to form a joint venture (JV), with or without control. This kind of transaction can unlock synergies with a partner and provide access to other assets when other transactions may not be available. For board considerations when management is considering an alliance, see PwC’s paper Building Successful Alliances And Joint Ventures
How important is timing?
Different types of divestitures typically take different lengths of time to complete. That matters if a company needs to separate a business quickly because of broader company concerns or market issues. A sale usually takes the least amount of time – anywhere from a few months to a year. If a company needs to secure capital, reduce expenses or make some other financial or strategic move in the short term, it may be limited to contemplating a sale because other deals would take too long. A sale still raises key considerations for the board – notably, how to maximise value for shareholders. Management should tell directors if there’s a specific buyer in mind or if the business unit will be marketed to a wide range of possible buyers. Private equity buyers may have different requirements or conditions than corporate buyers. If the
Different types of divestitures typically take different lengths of time to complete. That matters if a company needs to separate a business quickly because of broader company concerns or market issues potential buyer is another company, the board should know if it’s in the same industry and be able to share any concerns it might have with management. Carve-out IPOs, spin-offs, split-offs and JVs take longer to finalise – sometimes more than a year. Forming a new entity involves legal, regulatory and other requirements that simply selling a business to a buyer doesn’t. Without adequate resources, the transaction could become a distraction that affects day-to-day operations – and the board should discuss this with management ahead of time.
AROUND THE WORLD, COMPANIES USE DIVESTITURES REGULARLY 1,800
18,000
■ Divestiture value ($ in billions) ■ Number of divestiture deals $1,672
1,600
$1,587
1,200 1,000
12,004
13,780
13,724 13,295
12,537 $1,173 $1,035
$1,096
$1,084
14,582 12,761
13,893
14,000
$1,347
12,000
$1,142
10,000
800
8,000
#of Deals
Deals value in $billions
1,400
16,000 15,247
$754
600
6,000
400
4,000
200
2,000
0
2008
2009
2010
2011
2012
2013
2014
2015
2016
0
Source: Thomson Reuters, with PwC analysis. US divestitures represent approximately 30 per cent of global activity, on average, from 2012 - 2016.
www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 85
Activism & Engagement | Divestitures Before the company embarks on a divestiture, directors should ensure management has or will hire the right people to handle the heavy lifting. The board also should be confident in management’s plan to keep the rest of the company running effectively and employees engaged in their work.
Average time between announced spin-off and closed deal
Spin-offs typically take months to complete 2014 — 7.2 months 2015 — 7.7 months 2016 — 9.4 months 2017 — 9 months (through May 2017)
Source: PwC analysis
How are we handling talent?
Depending on the type of divestiture, talent can be a relatively small issue or a more complex concern. In a sale, the business unit’s employees and leaders often stay in their existing roles as the business moves to new ownership. But the divesting company may want to retain certain talent, such as executives with senior leadership potential. Board members should be aware of those conversations and make sure such pursuits don’t jeopardise the transaction. Once the sale is completed, personnel and development issues become matters for the new owner. Talent decisions are typically more complicated with carve-out IPOs, spin-offs, split-offs and JVs. Because parent company shareholders typically still have some level of investment in the new entity, boards should have a stronger interest in decisions about employees and leaders. The board should ask management if the managers of the business unit being separated are willing and able to lead an independent company. If not, directors should discuss how new talent will be brought in. Talent migration is complex, particularly for employees working outside the separating business unit, such as finance or IT. People attached to the divested business can expect to be affected. The transaction also could pull employees from these enterprise functions. Management needs to be strategic about who stays and who goes. Employees in these functions may question management’s decision to shift their employment to the new entity and some could choose to leave for jobs elsewhere. To retain them, management may need to offer compensation, career development opportunities and other incentives, such as stay bonuses. Management will also have to address deferred compensation for the individuals who are going to the new entity. The parent company board should ensure that leaders are equipped to communicate the rationale behind talent decisions. Understanding at the start of the process where talent gaps will exist – both in 86 Ethical Boardroom | Autumn 2017
the parent and separating companies – provides for more time to plan for the necessary incremental hiring from outside the companies. A divestiture also can affect employees and managers who aren’t directly involved in the transaction. The board should confirm that management is keeping the entire company in mind and has a comprehensive communications plan for the entire deal cycle. For example, in some deals the selling company signs a transition service agreement (TSA) to provide certain services and support for a certain period after the deal closes. A seller with a TSA may need to maintain the resources to provide essential services in areas, such as finance and accounting, human
With the right understanding and planning, companies that are considering a divestiture in a dynamic market can achieve strategic goals and ultimately deliver greater value for their shareholders resources (HR), legal, information technology (IT) and procurement. In some cases the TSAs may last more than a year.
What should our board watch out for after a deal is done?
A successful divestiture means going beyond executing the details of the transaction and taking the necessary legal steps to separate a business from the company. It requires putting both companies on the right trajectory for profitability and growth in the years following the deal. This means striking the right balance when it comes to changes post-deal. If the new entity and parent company make only slight adjustments in strategy and operations, they run the risk of simply being smaller versions of the formerly combined company, with stranded costs and few, if any, new advantages. But if the two entities go to the other extreme and make drastic shifts, it could make the divestiture process even more complex and overwhelm the companies. The board can help by engaging management on the divestiture plan and, if it’s not a full sale, ensuring that it will leave both companies in competitive market positions. One short-term challenge for the new entity after the transaction closes is the cost of establishing and managing processes and personnel that had been covered by the parent company. Those costs could be high, especially in the early months. The board should make sure there’s a cost-mitigation plan in place before the split. The board also can help shareholders in the carve-out IPO,
spin-off, split-off or JV understand how those added costs ultimately will be offset over time. Directors should understand how the divestiture may create opportunities for long-term value in both companies. A divestiture can impact the original company, especially groups that support the enterprise. Large divestitures can leave the remaining company with more personnel than needed in some areas (e.g. HR, legal, IT). The board should discuss with management if the company will need to restructure to stop paying for services that are no longer needed once the TSA term is over. The board should also discuss with management whether the divestiture process could make the company vulnerable to competitors. With highly visible and/or complex separations, other companies could see an opportunity to disrupt customer relationships and grab market share. Management should explain to the board how the company will provide business as usual for customers.
In conclusion
Done right, a divestiture can maximise shareholder value for all companies involved. The board of directors can play an important role in providing guidance at different stages of these complex transactions. With the right understanding and planning, companies that are considering a divestiture in a dynamic market can achieve strategic goals and ultimately deliver greater value for their shareholders. For deeper insights into the board’s role in divestitures, read PwC’s full publication When A Piece Of Company No Longer Fits: What Boards Should Know.3 1 Michael Flaherty, Activist Hedge Funds Pull Hard On The M&A Lever, Reuters, July 2017 (the data excludes companies worth $300million or less); https://www.cnbc. com/2017/07/25/reuters-america-activist-hedge-fundspull-hard-on-the-ma-lever.html. 2http://www.pwc.com/us/ en/governance-insights-center/the-boards-guide-to-deals/ jv-or-alliance-pros-cons.html 3https://www.pwc.com/us/ en/governanceinsights-center/ the-boards-guideto-deals/boardsand-successfuldivestitures.html
www.ethicalboardroom.com
KEEPING IT ABOVE BOARD
PLACE YOUR ADVERT HERE It’s the best way to
reach your audience that is spread over
60 countries to know the latest in
Board Leadership • Board Governance Technology • Activism & Engagement Regulatory & Compliance • Risk Management “Essential reading for boards who want to stay ahead of the governance curve”
Contact: Guy Miller email: guy@ethicalboard.com twitter.com/EthicalBoard
www.linkedin.com/in/ethicalboardroom/
Activism & Engagement| Climate Change GROWING SUSTAINABILITY Environmental and social issues need to be tackled by competent boards
From risk to opportunity How corporate boards can build competence to address the financial risks of climate change
The devastation that two recent record-shattering hurricanes trailed in their wake is a blunt reminder that climate change poses real financial risks.
Disasters like these make the recent release of the recommendations from the G20â&#x20AC;&#x2122;s Task Force on Climate-related Financial Disclosures (TCFD), with its focus on financially relevant climate risk disclosure, even more important. And they explain why a heavy-hitting line-up of global business leaders
88 Ethical Boardroom | Autumn 2017
Veena Ramani
Director of the Capital Market Systems programme at Ceres immediately voiced their backing for the TCFD guidelines, including a group of investors and businesses with $4.9trillion in assets and $700billion in revenues that are members of the World Economic Forum and nearly 400 financial firms managing $22trillion that work with Ceres.1 Climate risk disclosure is important for one game-changing reason â&#x20AC;&#x201C; it gives companies and investors practical analysis
they can use to make decisions on everything from where they invest capital to how they adapt business models to a low-carbon economy. Corporate boards will drive these decisions. Which is why, to make smart decisions, boards need a core understanding of what climate change means, why it matters to them and what they can do about it. They need to be competent for climate change. In fact, given that climate change is material to so many companies, boards have a responsibility to oversee these issues in a thoughtful manner.
www.ethicalboardroom.com
Climate Change | Activism & Engagement But what does it mean for boards to be competent in climate change – or indeed on any sustainability issue? Ceres recently released its Lead From The Top report that answers that question. Based on interviews with nearly three dozen corporate directors, investors and other governance experts, the report revolves around one key point – that there is a difference between a director who is competent in climate change or sustainability and a board that is competent for sustainability.2 ■■ A sustainability-competent director has expertise in the relevant issue and can engage on issues in a way that is linked back to the business itself ■■ A sustainability-competent board, on the other hand, is able to engage on climate change or other sustainability issues, as a cohesive, deliberative bodyeffectively integrating these issues into the decision-making on the strategy, risk and revenue issues that impact every aspect of a company’s operations To help boards build up their climate change competence, our report outlines three broad strategies, along with practical steps companies can choose to implement them:
1
Climate change needs to be integrated into the board nomination process
Recruiting climate competent directors who can bring their expertise and exposure to bear on relevant board deliberations is the first step. Companies can recruit the right people by approaching this systematically as a part of board nominations process.
■■ Create regular opportunities to bring new directors with pertinent expertise onto corporate boards To stay relevant, especially when it comes to climate and sustainability, boards need to be regularly refreshed. This helps strike a balance between tapping the institutional expertise of long-serving directors and making room for new perspectives. Research shows that modest turnover leads to improvements in shareholder value. Between 2003 and 2013, S&P 500 companies that replaced three to four of their directors over a three-year period demonstrated higher shareholder returns than their peers. 3 Mechanisms, such as periodic director performance evaluations, can help the board assess the effectiveness of individual directors and highlight gaps for the board to fill. ■■ Include climate change in qualifications for board candidates Nominating committees can make
www.ethicalboardroom.com
experience or exposure to climate change issues important qualifications that they consider when recruiting new directors, especially where climate change is identified as an organisational priority. Board skills matrices that map director qualifications with needed qualifications or skills can be an effective way to get a holistic view of the board’s existing capabilities and where gaps exist. ■■ Find directors who can make the connections between climate change and the business context It’s important to recruit directors who can analyse and ‘translate’ the potential impact of climate and other sustainability issues on business for the rest of the board. Business savvy and financial acumen are essential skills for any director, but they are particularly important when discussing sustainability issues and their impacts on the health of a business. ■■ Directors who aren’t able to explain how climate change could be material in a business context risk marginalising themselves and the issues. “At the end of the day, sustainability must be integrated into core business strategy,” says Karina Litvack, a director at Italian energy producer Eni, who we interviewed for our report. “Sustainability competent directors need to be bilingual: able to speak the language of both sustainability and business.”
Climate risk disclosure is important for one gamechanging reason — it gives companies and investors practical analysis that they can use to make decisions on everything from where they invest capital to how they adapt business models to a low-carbon economy ■■ Cast a wider net to consider candidates with diverse backgrounds and skills Seeking out candidates with a broad range of expertise and skills and who represent a mix of gender, ethnicity, nationalities and backgrounds can help a board avoid ‘group think’. Although many boards say they want to be more diverse, most corporate boards remain very homogeneous. As many as 94 per cent of all nominees to S&P 500 company boards have professional or personal connections to an existing director at the company.4
Yet, research shows that diverse boards are better boards. And boards are best able to make informed decisions and carry out their fiduciary duties when they contain a diverse mix of business attributes, backgrounds and skills. Consider that companies with more women on their boards have better financial results. From 2011 to 2016, US companies that reached the ‘tipping point’ of having three female directors posted median gains in return on equity of 10 per cent, compared to minus one per cent at companies with no women on boards.5
whole board 2 The needs to be educated
on climate change
For smart thinking on climate change (or other sustainability issues) to become a part of board decision-making, the entire board has to have a well-informed understanding of climate change so it can ask the right questions, support or challenge management and make informed decisions that affect strategy and risk. ■■ Integrate new directors with climate competence into board deliberations, especially on strategy and risk Getting individuals with the right expertise on corporate boards is important, but for them to be effective and for climate issues to be integrated into decision-making, these directors have to take part in relevant board functions, structures and processes. Boards should assign new directors to roles that leverage their expertise, which gives them the opportunity to share their knowledge with their peers and build their credibility as experts deserving a seat at the table. For example, on Coca-Cola’s board, the three board members who sit on the committee that handles sustainability also sit on other key committees. This cross-pollination of expertise across board committees means that sustainability issues can be brought up regularly across multiple committees and woven into larger decisions on risk, governance and compensation. Mentoring by existing directors is another effective way to help new directors succeed. Mentoring is especially important for new directors who have different backgrounds to their peers, including women, ethnic minorities or people from the sustainability world. In a study of 2,000 of the largest US companies, researchers found that a lack of mentoring could significantly affect the reception of new directors by other board members and company executives, especially for minorities and women.6
Autumn 2017 | Ethical Boardroom 89
Activism & Engagement | Climate Change ■■ Require regular education on climate change for the whole board A clear mandate that directors need to be kept up-to-date on all material issues – including climate change where appropriate – sends the message that these topics are important to the company. For instance, in General Motors’ 2017 proxy statement, the company specifically identifies sustainability within its Director Orientation and Continuing Education section as a topic that new directors need to understand.7 Education, training programmes and site visits throughout the year will help build up directors’ knowledge and help them identify the connections between sustainability risks and operational or management realities.
committee every 18 months to demonstrate how their units contribute to the company’s overall sustainability goals.8
should listen 3 Boards to a wide spectrum of
stakeholders, especially investors Conversations between directors and others – including investors, customers, suppliers and community partners – can paint a fuller picture of the pitfalls and possibilities that companies face in today’s disruptive business environment.
■■ Find regular opportunities for boards to engage stakeholders on climate change Regular, ongoing engagement with stakeholders can give the board a more holistic view of the key issues that are impacting their business.
A generation ago, few executives or board directors believed that sustainability could be financially material to a company. Times have changed. Nothing makes that clearer than the announcement in June that more than 1,500 businesses and investors and hundreds of US governors, mayors, colleges and universities were still abiding by the Paris Climate Accord, regardless of the US government’s intention to leave ■■ Educate the board on the connections between climate change and material impacts and the connections to risk and strategy Boards need information that will help them understand the materiality of climate change to their business. Materiality analyses can help directors understand why climate and related issues are linked to business strategy and how they may materially affect business operations. That will help the board drive discussions about how climate change could impact corporate risk, strategy and business models. Business line leaders can play an important role in providing the context between sustainability and strategy. At Nike, business line executives appear before their board’s sustainability 90 Ethical Boardroom | Autumn 2017
This will help a company not simply anticipate problems, but also pinpoint opportunities where it can create long-term value. “Boards need directors that know when to seek external expertise, given that it is impossible for them to be an expert in everything,” says Peggy Foran, chief governance officer, senior vice president and corporate secretary at Prudential Financial, Inc and board member at Occidental Petroleum Corporation, who we interviewed for the report. ■■ Leverage sustainability advisory councils as a critical board resource To increase communication between a sustainability advisory council and a company’s board, board members could get involved in the deliberations
of these councils on a more regular basis. Sustainability advisory councils – formal groups of senior sustainability experts or representatives from sustainability organisations – can give board members a valuable opportunity to track external perspectives on environmental and social issues, such as climate change, that impact a company. These councils can also provide recruitment opportunities for new board members. ■■ Incorporate climate change into board-investor dialogues A growing number of investors care about climate change. During this past proxy season, 20 per cent of all shareholder resolutions focussed on environmental issues including climate change.9 Dialogue between the board and investors is an ideal way to get ahead of these resolutions and create a partnership that will help companies not simply prepare for material risks but also take advantage of the $12trillion market opportunity created by tackling sustainability.10 Specifically, boards should be involved in discussions about sustainability with their largest shareholders and investors who are focussed on long-term performance in addition to those who have dedicated expertise in this issue area. Investors understand this and we see a growing call for boards to be climate competent. In 2016, both the California Public Employees’ Retirement System and the California State Teachers’ Retirement System updated their global governance principles, calling on the boards of their portfolio companies to bring on climate competent directors.11 State Street Global Advisors and BlackRock, two of the world’s largest asset managers, have taken similar steps.12
Time to step up
A generation ago, few executives or board directors believed that sustainability could be financially material to a company. Times have changed. Nothing makes that clearer than the announcement in June that more than 1,500 businesses and investors and hundreds of US governors, mayors, colleges and universities were still abiding by the Paris Climate Accord, regardless of the US government’s intention to leave.13 Corporate boards have to step up to the challenge of climate change. Lead From The Top gives directors concrete recommendations that they can act on to help their businesses navigate the risks – and the opportunities created by climate change in the short and long term. Now is the time for boards to rise to the challenge and be the leaders their positions give them the opportunity to be. Footnotes will be run in full when published online.
www.ethicalboardroom.com
What are your shareholders looking at?
More and more institutional investors are integrating ESG factors into their investment processes and creating ESG investment products. MSCI ESG Research provides in-depth research, ratings and analysis of the environmental, social and governance-related business practices of companies worldwide, including: • More than 6,000 publicly traded companies • Over 8,300 corporate, sovereign and government-related issuers • 23,000 mutual funds and ETFs
MSCI ESG Research is committed to robust and transparent engagement with all corporate issuers in our coverage universe. Contact us: esg_corporate_communications@msci.com
© 2017 MSCI Inc. All rights reserved.
Activism & Engagement | Climate Change
Climate enters the boardroom
What business leaders need to know about climate reporting and staying ahead of the game Climate change poses the most significant material risk to the corporate sector yet remains largely misunderstood and under-reported at board level.
The final recommendations from a climate taskforce, led by financial heavyweights Mark Carney and Michael Bloomberg, set about changing this.1 With the support of the G20, the Task Force on Climate-related Financial Disclosures (TCFD) laid out a universal framework for reporting climate-related financial risks and, crucially, recommending that all companies disclose climate-related financial information together with their mainstream financial filings. It is a move that aims to elevate climate risks and opportunities to the board agenda. The need for clear and consistent reporting of climate risk is increasingly the message of shareholders, too. In recent months, we have seen landmark investor votes such as that at Exxon Mobil, which saw 62 per cent of shareholders call for disclosure on climate risk. We have also seen the world’s largest asset manager, BlackRock, make it a top engagement priority to ask companies how they are assessing the risk that climate change may pose to their operations.2 Investors increasingly expect C-level executives and boards to demonstrate company governance, strategy and risk management of climate change and want to know which metrics and targets are used to track environmental performance. These developments are particularly important in light of the recent announcement from the US government to withdraw from the Paris Agreement. There is still irreversible global momentum to keeping global warming below two degrees centigrade, particularly as a large number of US states, China and the EU have indicated their willingness to take the lead going forward. However, losing the world’s leading economy means the onus is, more than ever, on the private sector, both business leaders and financial institutions, to keep the momentum behind the low-carbon transition alive and to take action to futureproof their companies and portfolios. Thus, for many executives, the question has become not whether to manage climate risk, but how to do it. What is the process 92 Ethical Boardroom | Autumn 2017
Dr Tony Rooke
Director of Reporting, CDP and what metrics and targets will companies be expected to report? It is these questions that the TCFD report sets out to answer.
Setting the global standard
The TCFD framework, which CDP will integrate in full on its climate disclosure platform from next year, is designed to be adoptable by all kinds of sectors and businesses – from mining to media, multinationals to medium-sized enterprises. Its key recommendation is that all companies and investors report against the same four core areas: 1) governance, 2) strategy, 3) risk management and 4) metrics and targets. The rest of this article offers thoughts on what responses to these four areas will look like in practical terms.
1
Governance TCFD argues that all companies must show that their board can competently supervise climate-related issues. This is likely to include information such as: ■■ The processes and frequency that the board or its committees are informed about climate-related issues ■■ Whether the board or its committees take climate into consideration when reviewing, guiding and building strategy, risk management policies, annual budgets, corporate performance objectives, acquisitions and divestments and major capital expenditures ■■ How the board monitors and overseas progress against climate-related goals and targets Good practice will also mean ensuring that board members are sufficiently informed on climate topics and have the expertise required to be climate competent. The second TCFD 2 Strategy recommendation requires companies to
evidence their strategy to manage climate risk. In practice, this means that boards will be expected to explain what climate-related risks the company has identified as issues to
ENGAGING WITH ENVIRONMENTAL RISK Attention is now focussed not on whether to manage climate risk but how to do it
www.ethicalboardroom.com
Climate Change | Activism & Engagement the business over the short, medium and long term, the extent to which they are likely to impact revenue and their plans for continuing to thrive as these issues have Investors impact. This is likely increasingly to pull in factors such as price volatility, expect C-level changing government executives policies or shifts in consumer product and boards to preferences. demonstrate Perhaps the big development in company practice here is the governance, recommendation strategy and risk for companies to â&#x20AC;&#x2DC;scenario management of undertake analysesâ&#x20AC;&#x2122;. This refers climate change to disclosing the extent of financial and want to planning (for example, know which by using an internal carbon price) for metrics and the potential impact targets are of different climate used to track scenarios such as 1.5 degree and two environmental degree temperature performance rises on the business. In short, Carney and Bloomberg are saying that climate change must be budgeted for. We are already seeing several companies responding to these challenges. For example, the global mining giant BHP Billiton has published a climate change portfolio analysis examining demand for the companyâ&#x20AC;&#x2122;s commodities in a two degree centigrade world. management The third 3 Risk TCFD recommendation is that all
companies must know and show how they are managing the complex set of climate risks and opportunities that might affect their business from a ROI, brand reputation and regulatory perspective. In practice this means that in the coming years companies will be expected to publicly describe their processes for identifying, assessing and managing climate-related risks. The good news for risk management teams is that the tools and processes required to help CFOs are already widely available. Two good examples are internal carbon prices and science-based targets. Internal carbon prices Putting a price on carbon is an essential part of many corporate climate risk management plans. Already, nearly 60 states and regions are participating or preparing for a carbon price. According to the World Bank, if the likes of China, South Africa and Chile implement it, 25 per cent of all emissions could be covered by carbon prices next year. www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 93
Activism & Engagement | Climate Change It is little surprise then that corporate use of an internal price on carbon nearly tripled in 2015/2016 to 437 companies and more than 500 additional companies plan to implement a price in budgeting and strategic planning by the end of 2017. 3 A recent CDP report backed by industry heavyweights – including leaders from Bank of America, Barclays, Engie and Iberdrola – further builds on the TCFD’s recommendations by providing a metric for companies and investors to integrate carbon pricing into their climate-related financial disclosure and stress test their portfolios against a two degree scenario. and targets TCFD 4 Metrics recommends that companies should
disclose the metrics and targets they are using to assess how their corporate progress in managing climate-related risks and opportunities. In practice this will mean reporting on the following areas: ■■ Disclosing the indicators used by the organisation to assess climate-related risks and opportunities in line with its strategy and risk management process ■■ Disclosing Scope 1, Scope 2 and, if appropriate, Scope 3 greenhouse gas (GHG) emissions and the related risks4 ■■ Describing the targets or goals used by the organisation to manage climate-related risks and opportunities and performance against these targets
Science-based targets
Science-based targets (SBTs) are a way to set meaningful carbon emissions reduction programmes that align with the Paris Agreement. For example, a company may have adopted a target to ‘halve its greenhouse gas emissions by 2020’ but may not have considered whether this target actually aligns with the scientific requirements needed by their company and sector to ensure that global warming remains below two degrees centigrade. SBTs aim to ensure targets are not arbitrary but effective. They also enable companies to better understand where they are vis-a-vis their competitors and how they are progressing against the targets set. More than 305 companies, including household names such as Kellogg’s and Tesco, have already set SBTs report benefits including increased innovation, reduced regulatory uncertainty, strengthened investor confidence and credibility and improved profitability and competitiveness.
Other metrics
Some of the most common other metrics used by companies that report to CDP and areas that can help form corporate environmental targets include: 94 Ethical Boardroom | Autumn 2017
■■ Total capex in low carbon investment: providing a relatively easy-to-quantify way to measure progress towards decarbonisation ■■ Operational efficiency measures: improvements in areas such as energy efficiency and water use provide a material and quantifiable way to measure progress ■■ Percentage of production in waterstressed areas: an important target for companies in water-risk areas, especially in sectors with high-water use, such as extractives, apparel or beverages ■■ The impact of the availability or quality of forest-risk commodities on corporate growth strategies: as drought and deforestation affects the availability of forest commodities, this become a material risk for many companies, particularly in the consumer goods sector Carbon footprinting is another metric sometimes used, despite a number of questions marks over how useful a carbon footprint really is to a business. To the extent that a carbon footprint is meaningful, it should be forward- and backwardlooking, activity-based (e.g. normalised by products or services sold) and reference SBTs.
The benefits of climate metrics and targets
The metrics and targets that the TCFD recommends all tend to link closely to clear business benefits, including cost savings, better investor and customer relations and a healthier working environment. Most of all, they are about showing how a company is futureproofing its growth ahead of likely future policies and regulations to limit GHG emissions. All this leads to better overall performance; in 2016 companies on CDP’s ‘Climate A List’ outperformed the market by six per cent over four years. Meanwhile, the price of inaction could be eye watering. A recent study estimated that up to $43trillion of assets globally will be at risk because of climate change by 2100.5 A recent warning from Aviva Investors highlighted the need for businesses to start using these metrics and targets now. Aviva recently told more than 1,000 companies globally that they face shareholder backlash at next year’s annual meetings if they fail to publicly disclose the risks posed to their business models by climate change. The UK fund house has more than $430billion in assets under management and has announced that it will vote against the
annual reports and accounts of companies that fail to incorporate the recommendations set out by the TCFD.6 Thus, it is increasingly paramount for companies to demonstrate that they are aware of the risks presented by climate change and that there is a strategy in place to manage them.
A new normal
Recent hurricanes, such as Irma, and subsequent floods in the Caribbean, Texas and South Asia, have killed thousands of people and left hundreds of thousands homeless. These events provide only a glimpse of what is to come. In addition to the human suffering, storms in the US have caused an estimated $70billion in damage,7 while the World Resource Council warns that South Asia faces $215billion in costs per year from flooding by 2030.8 Scientists are in agreement; storms will become even more fearsome, destructive and frequent as global temperatures continue to rise. The time to act is now. In addition to pressure from investors, NGOs and consumers, in the long-term the TCFD recommendations are bound to accelerate existing regulatory trends towards mandatory corporate reporting requirements. This September, the UK Government officially endorsed the recommendations, the French government called for them to be mandatory and in New York the recommendations were endorsed by a number of leading global companies. Preparation and readiness to disclose will position business leaders at the forefront of this change in attitude. As the importance of assessing environmental risk continues to gather momentum and the cost of not doing so becomes clearer, companies that begin the process now will be the best placed to mitigate the risks and take advantage of the opportunities. 1 www.fsb-tcfd.org 2http://uk.reuters.com/article/ us-blackrock-climate-exclusive-idUKKBN16K0CR 3 https://www.cdp.net/en/campaigns/commit-toaction/price-on-carbon 4Scope 1 — Emissions from fuel combustion, company vehicles and fugitive emissions, Scope 2 — Emissions from purchased electricity, heat and steam, Scope 3 — Emissions from both upstream and downstream value chains, i.e. purchased goods and services, customers’ use of sold products, transportation and distribution, waste disposal etc. 5The Economist’s Intelligence Unit: https://www.eiuperspectives.economist.com/sites/ default/files/The%20cost%20of%20inaction_0.pdf. 6 https://www.ft.com/content/69daf7c6-67e3-11e79a66-93fb352ba1fe 7https://www.theguardian.com/ business/2017/sep/12/hurricane-harvey-irma-damagesinsurance-claims-hiscox-natural-disasters 8https:// www.bloomberg.com/news/articles/2017-09-12/southasia-cities-face-215-billion-worth-extreme-rainfall-risks
www.ethicalboardroom.com
Global News Middle East Moumina wins ‘best CEO’ award
Corporate governance deal inked in Abu Dhabi UAE-based Hawkamah Institute For Corporate Governance has signed an agreement with the Saudi Governance Centre aimed at enhancing corporate governance in the region. The memorandum of understanding is aimed at developing training programmes, research projects and sharing information to enhance
corporate governance across companies and organisations in both countries. “The UAE and Saudi Arabia are the biggest economies in the region, so it is important for both nations to find ways to improve corporate governance in the region as a whole,” said Dr. Ashraf Gamal El Din, CEO of Hawkamah (pictured), according to news agency Zawya.
HSBC praised for hiring female executives
Iran looks to boost foreign capital The low level of foreign direct investment in Iran has been addressed at a conference hosted by the Tehran Stock Exchange (TSE) in October. At the Attracting Foreign Capital To Iran 2017 event, held at Tehran’s Espinas Hotel, the TSE outlined ‘key obstacles’ in the way of Iranian firms looking to attract foreign capital. According to TSE, Iranian firms need to be more aware of the prerequisites for attracting foreign investments, such as financial transparency, compliance standards, feasibility studies, business plans and risk ratings. The conference also addressed the issue of corporate governance in a bid to improve the standards of Iranian firms and preparing them for taking part in foreign markets. 96 Ethical Boardroom | Autumn 2017
Women occupying five top positions on the executive floor of HSBC’s headquarters in Dubai has been hailed as a ‘huge achievement’. In an interview with Gulf News, Eman Abdul Razzaq, regional head of human resources and chief of staff to the regional CEO, said that HSBC has taken a leading role in employing women. Razzaq revealed that women hold the roles of regional HR, chief information officer, chief financial officer, chief operation officer and regional head of corporate real estate in the office, which covers Middle East, North Africa and Turkey. She told Gulf News: “If I take you five years back, [on] this floor, which is the most senior executive for the region, only 10 per cent were women. Five years forward, nearly 42 per cent are women. So, in almost every other office you will walk into a female colleague. This is a huge achievement for us in the region.”
Anees Moumina, chief executive of SEDCO Holding Group, has been presented with the Best Family Business CEO Award at the 2017 CEO Middle East Awards. SEDCO is a private wealth management organisation that conducts its business according to Islamic guidelines known as Shari’ah. Moumina, who became CEO of SEDCO in January 2013, was recognised in the awards for ‘his excellent and innovative actions across the organisation with the goal of offsetting market headwinds through new business developments and improved synergy within the group’.
Family businesses need to focus on governance Prioritising governance and succession planning are critical to shaping the future of family businesses in the Middle East, according to a survey by KPMG. KPMG released the preliminary findings of its annual Middle East & South Asia (MESA) Family Business Survey at a two-day conference at the Meydan Hotel in Dubai at the start of October. Harish Gopinath (right), partner and head of family business & enterprise covering KPMG Middle East and South Asia, said: “Family businesses are undoubtedly coping with leaner economic times yet they recognise that it is not enough to only focus on growth. Prioritising governance and succession planning are also critical to shaping the future of their business. In our increasingly connected world, our survey shows that business leaders are looking to capitalise on opportunities, such as technology advancement and globalisation.” www.ethicalboardroom.com
Celebrating Regional Commitment to Sustainability: Enviromental, Social and Governance 12 December 2017
Hawkamah Institute for Corporate Governance will be honoring the top regional companies who have shown commitment to good environment, social and governance practices. The Hawkamah-S&P Pan Arab Environment, Social and Governance Index is a trailblazing initiative to elevate the quality of ESG practices amongst regional listed companies. The Index identifies leading regional listed companies that show commitment to ESG and sustainable development. Reserve your place today to take part in the event and network with business leaders, institutional investors, and other corporate governance practitioners.
For more information and registration, contact: asmahan.hamaid@hawkamah.org
MIddle East | Compliance
Governance and compliance management in utilities Thriving in todayâ&#x20AC;&#x2122;s closely regulated environment requires companies to move with the pace of their industry and society Utilities are organisations that produce and, in some cases, also distribute essential services for society, such as electricity and energy in the form of gas or fuel and water. The term utility organisation is ideal, as most are not formed as companies, nor are they listed on any exchanges. Given the large investments required for setting up the infrastructure for production and distribution of utilities, such as electricity and water, most around the world are government-owned. The ownership is either 100 per cent or majority-owned (51 per cent) or, as in some countries, the shareholding can be in partnership with businesses. In some countries utility producers or distributors can be entirely privately owned with the government laying down the regulations for the entities. The major utilities providers will also be serving a quasi-regulatory function by either laying down the regulations
Ashok Kumar Anjan Chief Compliance Officer, Dubai Electricity and Water Authority (DEWA)
themselves or providing advice to the government body laying down regulations.
Guiding tenets
For state-owned enterprises that are neither incorporated as companies nor listed, the governance codes set in place by stock exchanges and capital market regulators may not apply. In such cases, the best practice is to lay down a governance charter and policy and then frame procedures accordingly. It is a practiced, good-governance model. The model should, however, incorporate all the guiding tenets of good governance, namely trust, accountability, transparency and fair practices. A well-designed vision, mission, values, motto and logo, along with a clearly
articulated strategy are all essential for this. Utility organisations should also clearly identify their stakeholders, such as shareholders, investors and lenders, customers, partners, associates, employees and the societies in which they function. Stakeholdersâ&#x20AC;&#x2122; happiness should be a core objective of the organisation. A well-documented incorporation document that sets out the scope of activities and board composition is essential to establish the utility organisation within the government and infrastructure framework of the state. Governance benchmarks exist in most countries for utilities. The British Standards Institution (BSI) published its code of practice for delivering effective governance of organisations BS13500 in 2013, which provides guidelines for corporate governance. But over the last decade, governance has taken on new mantles. It now includes board governance,
UNIVERSAL REGULATION Governance benchmarks exist in most countries for utilities 98 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
Compliance | MIddle East
internal governance, IT governance, project governance, sustainability governance and water governance, among others. Governance has now evolved across organisations to become the â&#x20AC;&#x2DC;governance of everythingâ&#x20AC;&#x2122;.
International standards
The Organisation for Economic Co-operation and Development (OECD) published the OECD Guidelines on Corporate Governance of State Owned Enterprises in 2015, which serves as a broad compass for state-owned utilities. The International Organisation for Standardisation (ISO) has a wide suite of ISO standards that cover various elements of corporate governance for utilities to adopt and implement. Corporate governance has evolved from being tone at the top and boardroom governance to encompass all aspects of existence and functioning of organisations. For utility organisations, compliance has a very broad bearing. Mapping all the legal, regulatory and industry-standard compliance is a task that should be taken up early in the life of the organisation and it should be revised and updated constantly to keep the utility in compliance at all times. Any non-compliance or breach of law and regulations as well as standards could have not only legal consequences but could also cause reputational damage. Health and safety standards are
www.ethicalboardroom.com
strictly to be followed and there can be no compromise on compliance with these standards. Environmental safety and protection should be the priority in all the activities in the utilities industry. A well-designed compliance charter, compliance monitoring programme, adequate resources, well-designed training programmes and a compliance risk self-assessment framework should be implemented. A dedicated governance and compliance department would also be key to good compliance in utilities.
Management plans
Transparency of policies and performance and a good stakeholder communication process should be one of the key pillars of the organisation. A well-designed business continuity plan, disaster recovery plan and a crisis management plan with the attendant groups set up to manage these events should be ready on 24/7 basis. Risk management has now become essential for organisations and it is imperative for utility providers to understand risk management in perspective. An enterprise-wide risk management framework and programme are essentials for the functioning of a utilities provider.
The three lines of defence model should be implemented, the management being the first line, the control functions, such as legal, compliance and risk management, being the second and the internal audit and external audit being the third line of defence. The lesson that comes up from the evolving theory and practise of governance and compliance in utility organisations is, fundamentally, agility. And what is agility? It is to meet changing requirements in a technology-driven world, where every day is a new day for good governance. This means governance professionals are not people who stick to tradition, but rather keep their fingers on the pulse of their industries, market conditions and the societies in which they operate.
For utility organisations, compliance has a very broad bearing. Mapping all the legal, regulatory and industrystandard compliance is a task that should be taken up early in the life of the organisation and it should be revised and updated constantly to keep the utility in compliance at all times
Autumn 2017 | Ethical Boardroom 99
Regulatory & Compliance | Ethics
While the cat’s away When I was 10 years old, my mother took a full-time job in a nearby office so that she could provide a second source of income for our family. My siblings and I were old enough not to need a babysitter, so every day after school we became ‘latch-key’ kids – at home without supervision.
We were never big troublemakers as children, so there was no great risk that we would set the house on fire or cause some other calamity. Nevertheless, without fail, every afternoon the phone would ring at some point while we were home alone. When one of us would answer, my mother would inevitably be on the other end of the line explaining that she was calling ‘just to say hello’. Now, we might have been young kids, but my siblings and 100 Ethical Boardroom | Autumn 2017
Building and sustaining high-quality ethics and compliance programmes is an essential strategy Patricia J. Harned
Chief Executive Officer, Ethics & Compliance Initiative I all knew what she was really doing. She wanted to check up on us. Nowadays, I meet leaders who have a similar perspective as my mom did, way back when. I have met CEOs who routinely call their offices while on travel, simply to be sure that their employees are actually working. I have heard other executives confess that they occasionally call remote employees, just to be sure that they are not ‘working’ while on the golf course. As leaders, we tell ourselves that
it is all part of the effort to ‘trust but verify’ that the organisation is operating according to plan. However, on some deep level, I suspect that every one of us cannot help but wonder whether there is also some truth to the adage that, no matter how kind-hearted and trustworthy our employees may be, ‘when the cat’s away, the mice will play’. We are not completely crazy to think that way. Despite the fact that most organisations today have established codes of conduct to set out their policies and standards for workplace conduct, and even though most supervisors say that their employees are committed to ethical conduct, each year an average of 44 per cent of workers at all levels say that they still observe at least one act that violates those standards, or the law. Thus it seems that, even if the cat is present in the workplace, the mice still play. Importantly, however, levels of workplace misconduct have decreased by 25 per cent in the United States since several prominent regulations have been enacted; namely www.ethicalboardroom.com
Ethics | Regulatory & Compliance MISCHIEF MANAGED Having a robust ethics and compliance programme in place reduces misconduct
■■ So far, the Trump administration has collected about 60 per cent less money in fines from companies for violating pollution-control regulations compared to the same period of the past two presidential administrations ■■ The only regulatory settlement that one of the biggest corporate scandals this year – Wells Fargo – has faced out of legal claims totalling $3.3billion has been a $185million settlement with Consumer Financial Protection Bureau (lead regulator), the Office of the Comptroller of the Currency and the LA City Attorney ■■ The House of Representatives passed a bill in March that would substantially reduce private litigation by consumers against corporations and another bill in June that could undo significant portions of Dodd-Frank Taken together, it comes to mind that once again, we are all concerned that we might be witness to the proverbial enforcement cat going away – and the likelihood that the corporate mice will begin to play in ways that we do not want them to. That worry may be well-founded. After all, the majority of these regulations were established as a result of corporate misdeeds. Sarbanes-Oxley didn’t exist until a rash of corporate scandals took
Sarbanes-Oxley, Dodd-Frank and a number of industry-specific requirements for corporate compliance programmes. Prior to the passage of those regulations, as many as 55 per cent of employees said they observed some type of wrongdoing in a given year. What has mattered is not that the regulations existed, but that companies established the systems and controls that are linked to the reduction of workplace wrongdoing. Those systems were prescribed by regulatory requirements and enforced when violations occurred. So, there is also some truth to the idea that we need the regulatory and enforcement cats to stay.
Is the cat going away?
Lately, I have received a number of calls from journalists asking me about the implications of what, so far, appears to be a loosening of US enforcement against corporate violations and the potential for the repeal of some of the legislation that has clearly influenced corporate conduct. There are some legitimate reasons for eyebrows to be raised. For example: ■■ Wall Street regulators have imposed far lower penalties in Trump’s first six months of office than the Obama administration’s initial six months www.ethicalboardroom.com
From a board perspective, it is easy to prioritise regulatory requirements and enforcement activities. Yet it is important for leadership to not lose sight of the importance of ethics and compliance programmes and strong cultures, simply on their own merits place (Enron, Tyco and Comcast among them). Thanks to the financial crisis, the same was true for Dodd-Frank. Even Chapter 8 of the US Federal Sentencing Guidelines – the framework that has in many ways become the de facto standard for ethics and compliance programmes – did not exist until judges were in need of guidance in sentencing of corporations that had been convicted of a crime. So, it begs a few questions: if the tides are turning and regulatory and enforcement efforts continue to recede, how should boards think about ethics and compliance in their organisations? Should they shout for joy and count the cost savings for lack of a need of internal controls? Or should they double down on their programmes for fear that if the cat is going away, the mice will begin to play?
Double down
One need only think of Uber, Rolls-Royce or Volkswagen to appreciate the need for boards to remain vigilant in insisting upon strong ethics and compliance programmes in the organisations they govern. In each of these instances, we have yet to see what will come from enforcement actions for alleged wrongdoing. But already we are witness to the significant reputational loss from which these organisations now need to recover. And sadly, directors of these organisations discovered far too late that their corporate compliance programmes and cultures were not what they thought them to be. ECI’s research has shown that when an organisation has a high-quality ethics and compliance programme in place, acts of misconduct are reduced by as much as 34 per cent. These programmes include the following: ■■ A code of conduct, or other form of written standards ■■ Training of employees on what actually constitutes corruption ■■ Risk assessment to determine areas of greatest exposure ■■ Systems for employee reporting/raising of concerns ■■ Protections for employees who take steps to report (internally or externally) ■■ Disciplining of employees who violate the code of conduct These efforts must be accompanied by a focus on building and sustaining a strong ethical culture in an organisation, too. Culture is not influenced by regulation; it is the result of several activities and commitments by management to: ■■ Communication of a set of core values that are intended to guide employee decisions and actions ■■ Leadership efforts to consistently talk about the importance of integrity and to model the conduct they expect from the workforce ■■ Supervisors’ reinforcement of the core values and the messages senior leaders are communicating ■■ Encouragement and reinforcement that management wants employees to raise concerns and reports of suspected corruption ■■ Systems in place to fairly and consistently investigate reports of wrongdoing ■■ Accountability of employees, regardless of the level, when they engage in corruption From a board perspective, it is easy to prioritise regulatory requirements and enforcement activities. Yet it is important for leadership to not lose sight of the importance of ethics and compliance programmes and strong cultures, simply on their own merits. Autumn 2017 | Ethical Boardroom 101
Regulatory & Compliance | Ethics These values pay dividends. It’s been show that:
receive metrics demonstrating employee sentiment. Ask management to utilise:
■■ Employee pressure to compromise standards is reduced by 76 per cent ■■ Misconduct is reduced by 66 per cent ■■ Employee reporting rises by 31 per cent ■■ Retaliation against whistleblowers is reduced by 54 per cent
■■ Surveys of employees ■■ Focus groups ■■ Ambassador programmes (employees embedded in operations who serve as sounding boards) ■■ Internal social media sites ■■ External social media sites (e.g. LinkedIn) ■■ 360 degree evaluations and other feedback loops (e.g. evaluations of training programmes)
Additionally, employee engagement increases and their overall satisfaction with the organisation rises when high-quality programmes are in place. All of these outcomes are well worth the investment of an organisation in ethics and compliance.
Become the cat
Boards should begin to think of their company’s ethics and compliance programme as being essential to business strategy, regardless of what happens with regulation and enforcement. In other words, the board should be the cat that ensures that the mice stay in line. How can they do that? If you are a director and you want to monitor the well-being of your organisation’s ethics and compliance programme and culture, you should not allow any board meeting to adjourn unless the following metrics have been provided to your satisfaction.
1
Communication of values and standards Boards should expect that multiple efforts are underway to communicate the importance of organisational values and standards in everyday business activity. Directors should ask for metrics showing: ■■ Direct mention of the organisation’s core ethical values in most formal and informal communications by the CEO and other C-suite executives ■■ Visibility of the code of conduct and reference to policies that relate to key risk areas ■■ Use of multiple methods of communication to promote helplines (and other reporting mechanisms) ■■ Encouragement of employee reporting of concerns ■■ Use of incentives to recognise employee performance that aligns with the organisation’s values perspectives of 2 Employee the organisational culture
Ask management to regularly gather information from employees to gauge their perceptions of the workplace from an ethics and compliance perspective. When significant shifts occur, management should be able to explain root causes and address efforts underway to resolve any issues. Methods for this data collection can vary, but directors should be able to regularly 102 Ethical Boardroom | Autumn 2017
Reports and investigations
When cultures begin to erode, employees stop reporting wrongdoing to management. Or if they do come forward to raise a concern about observed misconduct, employees in weakening cultures often say that they experience retaliation for having done so. This is a very serious risk to an organisation. Once retaliation begins to occur, there is a silencing effect overall. The worst thing that can happen is for the organisation to become a place where wrongdoing is taking place and employees are afraid to make problems known. Management should be able to provide the board with a high-level summary report
place. Ask management to regularly provide an in-depth report on a few randomly selected cases. Pay attention to the: ■■ Length of time from the receipt of a report to the closure of an investigation ■■ Treatment of the employee who reported and the employee who was alleged to have committed a violation ■■ Consistency of the process from one case to another ■■ Extent to which employees involved report that they experienced retaliation for having come forward ■■ Root cause analysis of the problem, lessons learned by the company and changes being implemented as a result
Turnover rates
When employees are dissatisfied with their jobs, they leave the organisation. When the culture becomes toxic and trouble is brewing, they leave in droves. Ask management to provide regular reports of employee turnover, especially in key operations where performance pressure is higher. Perhaps most importantly, as a director, the message that ethics and compliance
Boards should begin to think of their company’s ethics and compliance programme as essential to business strategy, regardless of what happens with regulation and enforcement. In other words, the board should be the cat that ensures that the mice stay in line
on a regular basis, listing the concerns that are being raised. Additionally, directors should be aware that, on average, only five per cent of reports of alleged violations are made to a formal company helpline. If business leaders are not providing insight into the reports that are made directly to supervisors or other members of management, ask them to do so. It is equally important to monitor the investigations and disciplinary processes in
programmes and culture are important begins with you. It is your job to insist that management continually finds new strategies, better benchmarks, or additional sources of information to satisfy the board that your organisation is aware of the observance of standards and the well-being of its ethical culture. After all, when the cat’s away, the mice will play. www.ethicalboardroom.com
Resident in our offices in both Rio de Janeiro and São Paulo, Hogan Lovells lawyers work together as one team, along with our global Brazil practice, to provide our clients sophisticated international legal advice with a highly refined local perspective. Our team has the experience, connections, and knowledge to advise domestic and foreign companies doing business in Brazil on the increasingly pervasive issues surrounding investigations, compliance, and corporate governance. 2,500+ lawyers. 45+ offices. 26 countries. www.hoganlovells.com Hogan Lovells is an international legal practice that includes Hogan Lovells US LLP and Hogan Lovells International LLP. Š Hogan Lovells 2015. All rights reserved.
Regulatory & Compliance | Training
The benefits of compliance training Why executive boards should invest in educating employees on company laws, regulations and policies The most visible and powerful support for corporate compliance training objectives comes from the boardroom. Executive boards should invest in and support compliance training as a priority.
In the complex and rapidly changing regulatory landscape of business today, the necessity for an informed approach to business strategy that complies with all applicable rules and regulations, to the letter and in spirit, is more important than ever. This approach takes a balanced view of both rules and values, from external forces and internal sources, in setting the tone at the top. For this, compliance awareness is highly valuable, but alongside commercial objectives and the daily concerns that drive business, training for it does not always end up top of mind. Despite this, board members should view this training as critical to the success and sustainability of the business.
Employee awareness means employee engagement
Organisations of all types and sizes are in pursuit of a culture of active employee
Sally Afonso
Is a compliance advisor within the financial services industry engagement and it is not hard to understand why. Engaged employees are focussed, on-message and productive. They are reliable performers as well as trustworthy stewards of corporate values. In order for employees to fulfil this role, though, they need incentive to engage. Compliance training can give them this by leveraging their content knowledge and understanding of good conduct expectations. Employees who are informed about compliance requirements and regulatory expectations will turn to their leaders as examples of accountability and integrity.
It is always a career positive to be seen as an example of someone who does the right thing at the right time for the right reason. All other things being equal, any manager would like to be remembered for his or her exemplary integrity, rather than thought of as someone lacking in a moral code. This serves as motivation to contribute affirmatively to the culture of compliance and to support a strong tone at the top.
The mitigation of reputational risk is key
Executive boards take the brunt of public scrutiny and criticism when events leading to reputational risk occur. If the organisation ends up on the front page of the newspaper in a critical light, board
Management feels the ‘warm glow’
Managers whose employees are aware of their compliance obligations can derive satisfaction from the ‘warm glow effect’; that their employees look to them as role models and standard-setters. The positive boost of this appreciation reinforces the power of integrity to act as one’s legacy in the workplace.
GETTING THE MESSAGE RIGHT Engaged employees are focussed and productive
104 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
Training | Regulatory & Compliance
members will be held accountable by the public and looked to in order to restore trust and suggest the path forward. Compliance training helps employees at all levels to understand the importance of noticing and reporting unethical or fraudulent behaviour when they see it. This is the first step in preventing and mitigating the risks to reputation that businesses face. For public companies,
enabling whistleblowers and, for private companies, avoiding a culture of fear, are key for the transparency thatâ&#x20AC;&#x2122;s required to avoid major exposure to reputational risk.
Effective governance relies on clarity and dialogue
Governance structures are only as good as the knowledge and compliance sensitivity of the employees working within them. Expectations must be clear and discussions about dilemmas, scenarios and strategic suggestions need to be the norm in the workplace. Boards can decide upon the most rigorous and carefully designed architecture for governance within their organisations, but if individuals do not know what they should do in order to be in accord with policies and regulations, then they are not prepared to succeed in making the right choices. Adequate training supports positive behaviour, which in turn makes control frameworks more effective.
Relevance supports risk management
Executive boards have complicated agendas when it comes to risk management. In many industries, such as financial services, these can be very technical and structured, requiring specialist expertise and constant discipline
www.ethicalboardroom.com
and attention. Compliance risk management likewise includes keeping up to date on an increasingly complicated and constantly changing regulatory and legal environment. But it can be made a part of business as usual in all areas of the organisation for all employees to take on personal accountability. Fostering relevance at all levels of the business helps employees to grow a fluency with compliance risk management and use their raised awareness to support the companyâ&#x20AC;&#x2122;s overall compliance programme objectives.
Compliance training can offer inspiring and demonstrable results for executive boards who wish to instil corporate values and promote social responsibility, sustainability and organisational and employee integrity in the companies they serve Compliance training can offer inspiring and demonstrable results for executive boards who wish to instil corporate values and promote social responsibility, sustainability and organisational and employee integrity in the companies they serve. Taking a practical, rules-based approach to risk management, which also pays close attention to corporate values creation will allow board members to steer their organisations to future longevity and success.
Autumn 2017 | Ethical Boardroom 105
Regulatory & Compliance | GDPR
Gearing for GDPR
The simple lack of a policy audit trail could cost dearly from May 2018 “The new Data Protection Bill will give us one of the most robust, yet dynamic, set of data laws in the world,” said Matt Hancock, UK Digital Minister in announcing the UK Government’s response to the EU General Data Protection Regulation (GDPR).
We have been living in a world where our data moves seamlessly and without our knowledge from one business to another. Marketing teams buy data lists, they upload them to online automated email systems, integrate them with their customer relationship management (CRM) systems and create call lists for telesales teams. All the while, we as consumers or businesses have no idea that our data is being bought, sold and targeted by sales and marketing teams across the EU. All this data is held on countless systems, accessed by swathes of giddy sales and marketing teams, all trying to work out how they can gain the greatest commercial benefit from their data investment. Then came the announcement of the new European General Data Protection Regulations (GDPR). So, what happens now? The rules of the game are changing and that means our behaviour and systems need to change to stay in line, or face the consequences. And the consequences are severe. How many data lists do you have squirrelled away in your organisation? How much personal data is being held and is it being held securely? Do you have a process to show an individual what data you hold on them and if necessary, can you delete that data? Designed as a counterweight for consumers against the increasing power of the internet giants, such as Google, Facebook and Amazon, the new GDPR is the topic that is resonating across boardroom tables and rightly so.
Fines for non-compliance
Possibly it’s the fines for non-compliance set at four per cent of global turnover or €20million (whichever is the greater) that means keen minds are working hard to avoid failures that could easily spell the beginning of the end both reputationally and financially for even a large, established organisation.
Julian Roberts
Chief Executive Officer, EssentialSkillz Ltd Perhaps the biggest threat for most organisations from GDPR is not in the headline four per cent fines for blatant non-compliance, but the two per cent or €10million fines that can be levied for less serious failures, including the failure to keep an up-to-date audit trail of your assurance policies and procedures. We all know creating them is one thing, but proving they have been read, understood and signed off across the business is quite another. To put it all in perspective, fines levied by the Information Commissioner’s Office against UK businesses in 2016 would have been £69million and not £880,500 had GDPR been in place, according to analysis by NCC Group. A sobering thought. As a business, you may already be feeling the initial impact of GDPR. I know we are in our business. The most visible sign is the weekly influx of supplier questionnaires that began with our larger clients but has increased to encompass nearly every organisation we are working with.
Tick the compliance boxes
Any reputable organisation will have recognised the need to get in line with the forthcoming legislation and should be doing their best to tick the main compliance boxes and show that they are not in breach of the main tenets of the legislation in time for May 2018. The threat of a four per cent fine of global turnover appears to have had the desired effect of focussing both time and resources on the issue. But for those who have not yet started the process, the big question is, where do you start? It’s like being presented with a bag of knotted wool and being asked to unravel it. You have to start somewhere. But where? Each organisation may face different priorities, depending on the sector you are in, but a good starting point is your data storage. Do you know where all your data is stored and, critically, who has access to it? Look at all departments across your organisation and assess the data that is stored across the systems used in those departments. Then, look at who has access to it and whether they should have access to it. Get everyone on board. This is a team effort. Your process may be led by your Data
Protection Officer (if you are required to appoint one under GDPR), but the whole organisation has to work together to ensure that new policies are adhered to and changes to working practices and systems are executed and maintained. It is also important to train all staff so they understand the importance of complying with GDPR and how their role is affected. Part of the process of getting everyone on the same page is ensuring good data governance, which includes a change in working practices and mindsets. No more random spreadsheets sat on laptops that could be left on a train. Look at the security of your data, remove potential data breach holes and put systems and processes in place that ensure data is only stored where you want it to be and that it is secure at all times. And once you have jumped the final hurdle and relax in your comfy chair with the cosy air of confidence in your compliance, don’t be complacent. GDPR is an ongoing process and must be maintained. Remind staff with re-training, have regular meetings to ensure policies and procedures are being followed and assess new systems and suppliers so they don’t trip you up.
Do you know where all your data is stored and, critically, who has access to it? Look at all departments across your organisation and assess the data that is stored across the systems used in those departments. Then, look at who has access to it and whether they should have access to it 106 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
GDPR | Regulatory & Compliance
ARE YOU READY FOR GDPR? Proper preparation could lessen the burden and boost the benefits of the EUâ&#x20AC;&#x2122;s new data regulations www.ethicalboardroom.com
Autumn 2017 | Ethical Boardroom 107
Risk Management | D&O Litigation
Is cyber risk a D&O risk?
Directors' and officers' litigation: the relative materiality of cyber exposures Kevin Kalinich, Jacqueline Waters and Chris Rafferty
Kevin is the Global Practice Leader, Cyber Insurance, Jacqueline is the Management Liability Legal & Claims Practice Leader and Chris is the US Sales & Growth Strategies Leader, Management Liability, Aon Risk Solutions
For years, insurance industry pundits predicted that cyber-related losses could lead to directors' and officers’ liability. Prior to 2017, that concern was largely overstated since most headlining cyber breaches resulted in dismissal of the related ‘follow on’ shareholder derivative directors' and officers' (D&O) litigation.
However, 2017 is a different story. The $350million Yahoo! purchase price reduction following its disclosure of massive breaches, the WannaCry ransomware incident, the NotPetya ransomware incident and the Equifax security breach have changed the paradigm. How do we know?
Prior to suffering a cyber incident, businesses should confer with knowledgeable counsel and technology consultants to implement cybersecurity measures and compliance procedures
1
Increased public company disclosures of cyber incidents that have a material impact on the organisations’ financial statements Increased public company disclosures of potential material cyber risks1 Increased regulatory scrutiny 2 Resignations of public company officers The $5billion drop in Equifax market capitalisation
2 3 4 5
Cyber events now rank among the top three triggers for D&O derivative actions (along with M&A activity and environmental issues).
What are a board’s duties with respect to cyber risk management and disclosure?
On 13 October 2011, the US Securities and Exchange Commission's (SEC) Division of Corporation Finance issued a non-binding guidance on reporting obligations for public companies regarding cybersecurity risks and cyber incidents (the Disclosure Guidance). The Disclosure Guidance recognised that the growing reliance of companies on digital technologies meant that such risks and
events could be sufficiently material to investors that they may be required to be disclosed in public securities filings. How much information is vital to investors depends a lot on who is defining what information is material and what is immaterial. Generally, according to the SEC, information is material if it ‘limits the information required to those matters to which there is a substantial likelihood that a reasonable investor would attach importance in determining whether to purchase the security registered’. In the US, directors are held to standards of fiduciary duty, loyalty and care, with the business judgement rule as a defence against many allegations of wrongdoing. The ability to demonstrate that directors have appropriately discharged their duties often dictates the ability to successfully rebut claims made against such individuals. Outside of the US, the standard to which corporate leaders are held in many cases is higher. For example, the European Union General Data Protection Regulation (GDPR) intends to strengthen and unify data protection for all individuals within the European Union, with potential penalties of up to four per cent of an organisation’s worldwide revenues for noncompliance. All of these factors lead to significant care required of directors and officers and ensure that appropriate cyber controls are in place. It is interesting to examine recent cyber incidents and the frequency of follow-on D&O litigation in the US.
Selected cyber breaches
A brief scan of notable cyber breaches3 in the public record includes the table (above right). Most of these matters have been dismissed with corporate defendants successfully rebutting the alleged wrongdoings. There are some lessons to be learned with regard to appropriate planning to reduce cyber risk and the successful defences asserted by corporate boards. One such example comes from the Wyndham cyber breach. In brief, a shareholder derivative suit was filed against Wyndham and its directors and officers in 2014. The suit alleged that Wyndham failed to implement adequate
108 Ethical Boardroom | Autumn 2017
www.ethicalboardroom.com
D&O Litigation | Risk Management cybersecurity measures and disclose the data breaches in a timely manner, which caused the company to suffer damages. Ultimately, the court disagreed with the plaintiffs, citing that Wyndham and its directors and officers utilised appropriate (un-conflicted) counsel, the board investigated and took reasonable steps to familiarise itself with the allegations of the derivative demand, the board had taken prudent steps to familiarise itself with cyberattacks and had discussed the attacks at multiple board and committee meetings. The Wyndham litigation provides several important lessons for businesses that may be subject to a cyber risk incident:4
1
Prior to suffering a cyber incident, businesses should confer with knowledgeable counsel and technology consultants to implement cybersecurity measures and compliance procedures. The board should document the steps taken to evaluate a company’s cyber exposures, the resulting recommendation, and, most importantly, the actions completed as a result Following a cyber incident, businesses must be prepared to respond to civil legal proceedings and government regulatory inquiries and investigations. The best protection from such challenges is having a documented deliberative process resulting in formal prevention and crisis response plans that were routinely monitored
2
Impact to business results and financial reporting
In most situations where personally identifiable information (PII) was a prime source of the alleged breach, there was generally limited actual damage to the value of the business at hand. As of 31 December 2016: ■■ 85 per cent < $1million damages ■■ 10 per cent between $1million to $20million damages ■■ 5 per cent > $20million damages While PII will continue to be a prime source of cybersecurity exposure, it is expected that business interruption (i.e. supply chain), bodily injury (i.e. transportation GPS), tangible property damage (i.e. manufacturing hack and Internet of Things) and actual diminution in financial results (and, therefore, business valuation) will increasingly arise from cyber exposures. According to the 2017 Ponemon Global Cyber Risk Transfer Comparison Report:5 ■■ The impact of business disruption to cyber assets is 72 per cent greater than to property, plant and equipment (PP&E) assets
www.ethicalboardroom.com
SELECTED CYBER BREACHES3 Company
Year of Breach(es) 2017 2016 Multiple 2014
Equifax Wendy’s Yahoo! Home Depot
Target 2013 Neiman Marcus 2013 Wyndham Multiple; 2008-2010 Heartland 2008 Payment TJX 2007 Choicepoint 2005
D&O Litigation Filed? Yes Yes Yes Yes Yes No Yes
D&O Litigation Status Pending Pending Pending Settled while on appeal Dismissed n/a Dismissed
Yes
Dismissed
Records Exposed Over 143 million personal records At least 1,025 retail locations Over 3 billion user accounts Over 56 million cards As many as 70 million customers 1.1 million credit/debit cards 619,000 customers
Tens of millions of debit card holders n/a Over 45 million credit/debit cards Settled ($10M) Over 500,000 individuals
No Yes
■■ Quantification of probable maximum loss from cyber assets is 27 per cent higher than from PP&E ■■ Organisations valued cyber assets 14 per cent more than PP&E assets ■■ Organisations insure on average 59 per cent of PP&E losses, compared to an average of 15 per cent of cyber exposures
Growing impact of cyber assets and exposures
YAHOO! The Yahoo! cyber breach, in which more than three billion user accounts were impacted, led to a material impact to deal valuation and significant repercussions for Yahoo! leadership: ■■ Verizon Communications Inc. acquired Yahoo! Inc.’s internet properties at a $350million discount after revelations of security breaches ■■ Yahoo! general counsel Ronald Bell has left the company after an investigation of security breaches ■■ It was found that the legal team had enough information to warrant further inquiry but didn’t sufficiently pursue it6 ■■ Yahoo! chief executive officer, Marissa Mayer, has foregone her annual bonus, due to the breach
NOTPETYA In June 2017, A.P. MollerMaersk,7 Mondelez, 8 Reckitt Benckiser,9 Merck,10 DLA Piper Law Firm11 and DT Express, a FedEx subsidiary based in the Netherlands,12 among other organisations, announced that the NotPetya virus had crippled supply chain operations. The malware, disguised to appear as a ransomware attack, wiped the computers’ data instead. FedEx Corp. estimates it took a $300million hit from the late June cyberattack that started by targeting Ukrainian companies and spread globally, particularly affecting FedEx subsidiary TNT Express. The attack resulted in a significant business interruption and financial impact. According to FedEx CFO Alan Graf: “The impact from lost revenues was and continues to be more heavily weighted toward our higher-yielding international shipments, resulting in a more pronounced impact on profits. It is taking longer to restore our international business due to the complexity of clearance systems and business processes.” Unfortunately, as FedEx explained to investors, the company did not have a cyber policy in place that would cover this type of attack.
INFORMATION ASSETS V. PP&E RISK SUMMARY Source: 2017 Global Cyber Risk Transfer Study
Total value of company
PML value as % of BI value as % of company asset value company asset value
Assets covered by insurance
47% 90%
■ PP&E
81% 59%
53% ■ Information Assets
25% 14% % of value
PML % of value
BI % of value
15% Insurance coverage
Probable Maximum Loss (PML): A property loss control term referring to the maximum loss expected at a given location in the event of a peril event at the location, expressed in dollars or as a percentage of total values
Autumn 2017 | Ethical Boardroom 109
Risk Management | D&O Litigation Equifax13 Equifax announced that its CEO, Richard Smith, had retired following similar retirements by its top information security executives, the chief information officer and chief security officer. The market has continued to punish Equifax shareholders. The company’s market capitalisation was down nearly 30 per cent or about $5billion. As of 21 September 2017, more than 100 lawsuits had been filed, including shareholder derivative litigation against the directors and officers, some of whom sold stock between the 29 July 2017 date of discovery of the breach and the 7 September 2017 public disclosure of the incident. Each of these instances – Yahoo!, NotPetya and Equifax – are examples of the evolving business impact resulting from cybersecurity breaches and the financial reporting considerations that follow. In each of these recent incidents, companies either had to disclose the materiality of the cyber breach as it relates to their financial reporting, or publicly reference the impact to future earnings and business operations resulting from the breach.
The brave new world of cybersecurity and the need for board-level focus on risk assessment, quantification, testing, mitigation, transfer and response, demands that corporate leadership cannot be complacent Going forward: be proactive
The brave new world of cybersecurity and the need for board-level focus on risk assessment, quantification, testing, mitigation, transfer and response, demands that corporate leadership cannot be complacent (see AON Framework, top right). A number of realities have emerged from recent cyber incidents that corporate leaders should consider, including the following: 14
1
Cybersecurity presents equal, if not more, risk than financial reporting failure and should receive the same level of oversight and audit Organisations formulating their cybersecurity oversight need look no further than the current chief financial officer oversight paradigm for financial accounting and reporting. Organisations should establish governance procedures to oversee a corporation’s cybersecurity wellness substantially similar to those that have proven effective and sufficiently 110 Ethical Boardroom | Autumn 2017
AON CYBER RESILIENCE FRAMEWORK Identify and protect your critical assets and balance sheet by aligning your cyber enterprise risk management strategy with your corporate culture and risk tolerance
Assess
Test
Improve
crime (i.e. social engineering funds transfers), K&R (i.e. ransomware), EPLI and professional liability insurance programmes may also provide elements of risk transfer protection from cyber exposures. A comprehensive cyber risk management programme can help serve to effectively achieve positive insurance programme results, aim to reduce an organisation’s cyber exposure and ultimately lead to a more resilient organisation.
Conclusion Quantify
Transfer
Respond
Linking asset and risk data analytics to lower total cost of risk
flexible to assess and validate financial statement accuracy and reliability. reporting related to 2 Financial cybersecurity is an increasing concern
While the disclosures required are a matter of regulation and statute, investors’ and regulators’ expectations about information to be disclosed evolve over time and the recent emergence of cybersecurity concerns are driving changes with regard to disclosure expectations. as an effective 3 Insurance risk reduction tool
As a general matter, D&O policies have responded effectively to cyber-related litigation. Cyber insurers are evolving with broader coverage and greater capacity to address the growing cyber threat. Property, general liability,
While there’s never been a more challenging time to be a director or officer given the intersection of information technology and corporate governance, there has never been a more exciting time to provide risk management advice given the growing complexity of risk. Insurance, both cyber and D&O, can be core components of a company’s risk mitigation efforts. A well-crafted insurance programme can help maximise the recoveries available, both in efforts to remediate corporate breaches as well as to help protect the insured organisation’s and individual directors’ assets. 1 A July 26, 2017 Bloomberg article entitled Corporate Cyber Security Risk Disclosures Jump Dramatically in 2017 reports that “more public companies described ‘cybersecurity’ as a risk in their financial disclosures in the first half of 2017 than in all of 2016, suggesting that board fears over data breaches may be escalating.” 2Newly appointed SEC chair Jay Clayton has emphasised that disclosure requirements extend to cybersecurity issues, stating that “[p]ublic companies have a clear obligation to disclose material information about cyber risks and cyber events. I expect them to take this requirement seriously.” (July 12, 2017), https://www.sec.gov/news/speech/remarkseconomic-club-new-york). 3Multiple SEC filings: https:// www.sec.gov/edgar/searchedgar/companysearch.html 4 Bracewell, Lessons for Corporate Directors from the Wyndham Data Breach Derivative Action http://www. bracewelllaw.com/news-publications/updates/lessonscorporate-directors-wyndham-data-breach-derivativeaction. 52017 Ponemon Global Cyber Risk Transfer Comparison Report: http://www.aon.com/forms/2017/2017global-cyber-risk-transfer-comparison-report.jsp 6Brian Womak, Yahoo! Counsel Leaves After Hack Investigation Finds Lack of Action https://www.bloomberg.com/news/ articles/2017-03-01/yahoo-counsel-bell-leavesafter-hack-probe-finds-lack-of-action. 7http://files. shareholder.com/downloads/ABEA-3GG91Y/50126 08953x0x954059/3E9E6E5C-7732-4401-8AFEF37F7104E2F7/Maersk_Interim_Report_Q2_2017. pdf; http://www.maersk.com/en/the-maerskgroup/press-room/press-release-archive/2017/8/ap-moller-maersk-interim-report-q2-2017 8http:// files.shareholder.com/downloads/AMDA-1A8CT3 /4967206879x0xS1193125-17-245459/1103982/ filing.pdf 9https://www.bloomberg.com/news/ articles/2017-07-06/reckitt-benckiser-cuts-forecastafter-cyberattack-slows-sales 10https://www.ft.com/ content/3d7ac341-1742-3329-9a15-2dc269522d10 11 https://www.ft.com/content/1b5f863a-624c-11e791a7-502f7ee26895; 3 Lessons For Firms After Cyberattack on DLA Piper 127/17/2017 SEC 10K Filing, pg 43. https://www.sec.gov/Archives/ edgar/data/1048911/000095012317006152/fdx10k_20170531.htm 13 Equifax Press Release, Equifax Announces Cybersecurity Incident Involving Consumer Information (Sept. 7, 2017), https:// investor.equifax.com/news-and-events/news/2017/0907-2017-213000628. 14David R. Fontaine and John Reed Stark, Yahoo’s Warning To GCs: Your Job Description Just Expanded https://www.law360.com/privacy/ articles/907583/yahoo-s-warning-to-gcs-your-jobdescription-just-expanded.
www.ethicalboardroom.com
NACD GLOBAL CYBER FORUM 17-18 April 2018 | Geneva, Switzerland
Who Will Attend
Fortune 500 and Global 500 corporate board members Cybersecurity-Focused C-Suite Executives International Cyber Experts Global Law Enforcement
Key Themes
The changing international regulatory landscape What the board can do to ensure effective oversight Information sharing across globa l jurisdictions The impact of emerging technology on cyber risk Securing the global company
Seats are extremely limited and by invitation only.
Learn more at:
NACDonline.org/CyberForum Boardroom leaders and cyber experts from across the globe will convene in Geneva to be part of the solution to the most critical problems that threaten to exploit and destabilize our global infrastructure. in partnership with KPMG supported by The Global Network of Director Institutes (GNDI), The Internet Security Alliance (ISA), and Ridge Global
Risk Management | Cyber Risk
Cyber resilience: A business priority Cyber attacks are a potent and dynamic threat for all organisations, regardless of geography, size, or sector. Today, the biggest technological threats to organisations are not limited to server outages or data breaches.
Cyber events can result in significant disruption to supply chains, partial or complete shutdown of operations, even damage to property and other critical assets. The financial losses alone can reach hundreds of millions of dollars. As such, organisations and their senior leaders need to view cyber exposures as an operational risk to be managed, not a problem to be solved. No amount of money or technology will eliminate an organisation’s cyber risk. The goal instead, should be to become cyber resilient. The WannaCry and NotPetya global ransomware attacks from earlier this year underscore the significant challenges facing organisations. While potential insured losses resulting from these events are still being determined, they are expected to exceed $100million. These attacks, which affected numerous companies around the world, encrypted files on computers and shut down operations for hours and even days, causing significant business interruption and disruption. These recent events highlight that cyber risks are constantly evolving 112 Ethical Boardroom | Autumn 2017
Cyber exposures are an operational risk to manage, not a problem to solve Bob Parisi
Cyber Product Leader, Marsh along with the ever-increasing scale and scope of cyber attacks. And business leaders around the world are getting worried. According to the World Economic Forum’s proprietary Executive Opinion Survey that asked 12,411 executives across 136 countries to identify the five biggest risks to doing business in their respective countries, large cyber attacks ranked eighth on the top 10 list of global risks in 2017, moving up three spots from the previous year. Large cyber attacks were identified as a top concern of business leaders in a number of advanced economies, including the United States, Canada, Japan, Singapore and the UAE (see the Large Cyber Attacks infographic opposite). So, how does an organisation become cyber resilient? At a macro level, it involves implementing the right mix of cyber risk mitigation, risk quantification and risk transfer strategies. Cyber resilience enables organisations to mitigate the effects of cyber attack and continue operating.
Risk mitigation
Gone are the days when technology, data and
other information could be secured by locking the door behind you when you left the computer room. Companies today need to approach cyber risk in the same way they do any other operational risk they face. Like managing other operational risks, this means starting with an understanding of the exposure from the most broad level of ‘what specific actions should we take?’ to the more granular, ‘how do we value our assets and are we unknowingly placing them at risk?’. Answering these questions with precision requires identifying which data, applications and systems are essential in conducting your organisation’s operations and then developing a cyber strategy that is driven by protecting core business functions – and not merely responding to threats. What are your potential losses? What are your most critical assets? Is it intellectual property? Customer data? Medical histories? Trade secrets? Proprietary financial data? Industrial control systems? A good start is to adopt a management framework for cybersecurity. The Cybersecurity Framework published by the National Institute of Standards and Technology helps organization develop and manage its cybersecurity program through desired outcomes within five categories: ■■ Identify: Develop the organisational understanding to manage cybersecurity risk to systems, assets, data and capabilities www.ethicalboardroom.com
Cyber Risk | Risk Management the breach. Indeed, various experts estimate that 50 per cent of companies suffer a breach every year. So, simply putting in place preventive measures only gets you part of the way to resilience. The question remains: have you implemented and tested a plan that allows you to work through the crisis and minimise the disruption? A first step in that journey is a deeper understanding of what is at risk, both technical and financial. Many organisations rely on traditional cyber risk assessment methodologies that are not designed to produce financial estimates of the exposure. Until you are able to understand the financial impact, you cannot begin to develop and implement a cyber strategy that is centred on proactively protecting core business functions. Gone are the Although historical data is well-suited to estimating days when the impact of data breaches, technology, cyber business interruption costs can be more difficult data and other quantify because every information could to company’s IT systems, be secured by infrastructure and exposures differ. How much a cyber locking the door event costs will depend on behind you when many factors, including the organisation’s business you left the operation model, incident computer room. response capabilities, Companies today actual response time and coverages at need to approach insurance play. By undertaking a cyber cyber risk in the business interruption risk quantification analysis, same way they organisations can gain a do any other better understanding of the risks and associated operational risk costs. They can also build a they face foundation for making more
THREAT FROM CYBERSPACE It is estimated that more than half of companies suffer a breach every year
■■ Protect: Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services ■■ Detect: Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event ■■ Respond: Develop and implement the appropriate activities to take action regarding a detected cybersecurity event ■■ Recover: Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event
The NIST Cybersecurity Framework is a tool to help organisations to understand their cybersecurity posture – including business continuity, crisis management and IT disaster recovery – and to systematically improve it. By employing this framework, organisations can look at cybersecurity holistically to pursue resilience – not just security.
Cyber risk quantification
An often-quoted comment about cyber risk is that there are two kinds of companies: those that know that they have suffered a breach and those that have yet to discover www.ethicalboardroom.com
informed risk mitigation and transfer investment decisions and, by extension, improving cyber attack resilience. One way of quantifying cyber business interruption risk is to use scenario-based analyses that focus on three factors: ■■ Estimating the severity and likelihood of a cyber business interruption event Using realistic scenarios can allow organisations to more accurately quantify the potential financial loss from a cyber business interruption event. Equally important is to scope these scenarios such that their likelihood of occurrence falls within a preselected range based on enterprise risk appetite and tolerance considerations. ■■ Identifying mitigation options Depending on the significance of an organisation’s cyber business interruption exposures, risk mitigation options could include changing business processes, re-architecting IT infrastructure to improve resilience, enhancing IT restoration capabilities, or strengthening technical cybersecurity controls. To properly evaluate these choices and identify the strategies that will have the greatest impact, it’s important to have a credible estimate of potential cyber business interruption exposure. ■■ Evaluating risk transfer options Insurers are increasingly offering broader coverage for business interruption exposures in both cyber policies and traditional property all-risk policies. A scenario-based cyber business interruption risk quantification analysis can support the proper structuring of these insurance options, including selecting appropriate limits.
LARGE CYBER ATTACKS: A top concern of business leaders in advanced economies
Source: The World Economic Forum
RANK ■ I ■ II ■ III ■ Not a top concern ■ Data yet to be released
Cyber has also risen the fastest among a global list of top 10 risks Autumn 2017 | Ethical Boardroom 113
Risk Management | Cyber Risk
Risk transfer
All the risk identification, mitigation and quantification efforts will not stop a cyber attack or failure of technology from occurring. Risk transfer, typically in the form of insurance, can respond to the residual risk that cannot be prevented by providing financial recourse after a cyber loss – in effect bolstering resilience. Cyber insurance, while relatively new compared to other lines of insurance cover, has been around for two decades and has evolved and grown to meet the changing nature of cyber risk. The number of new organisations in the United States purchasing standalone cyber insurance has steadily grown by double-digits year-on-year for the last 10 years. This is due in part to the everexpanding recognition of the risk among organisations across a wider array of industries (see the 2016 Cyber Insurance table, right). Broadly, cyber insurance covers the risks companies face from handling data and relying upon technology. Adopted early on by certain industries – technology, retail, health care and financial institutions – the coverage has expanded to respond to risks well beyond privacy breaches that tended to dominate the news media until recently. Cyber insurance now addresses the full spectrum of operational cyber risk faced by companies across all industries, including business interruption, contingent business interruption, loss caused by the failure of a Cloud services provider, harm associated with a breach attributable to the Internet of Things and property damage rising from a cyber event. Cyber insurance has also risen to the challenge of picking up where traditional insurance left off. As the risk profile of companies has changed – with unplanned technology outages presenting as big a threat as adverse weather and currency fluctuation – traditional property/casualty insurance has stumbled in matching coverage to risk. Cyber insurance has stepped in to fill that vacuum. Just as cyber risks have expanded, so too has the penetration of cyber insurance into the economy. Over the past two decades, the cyber insurance market included a handful of insurers in the US and London that CYBER ATTACKS A GROWING CONCERN Take-up rates for cyber insurance have surged
114 Ethical Boardroom | Autumn 2017
2016 Cyber Insurance Growth Rates By Industry (Marsh Clients) Source: Marsh Global Analytics, Placemap
42%
Hospitality and Gaming 37%
Retail/Wholesale 29%
Services All industries
25%
Power and utilities
25%
Financial institutions
24% 19%
Manufacturing
17%
Education Health care Communications, media and technology
10% 2%
All other
combined could offer a $100million policy for a potential buyer. It has now grown to more than 50 insurers offering close to $2billion in limits globally. In practice, individual cyber insurance programme size varies depending on industry and coverage, with many large organisations purchasing between $200million and $500million in limits. From a pricing perspective, organisations that buy cyber insurance have generally been experiencing a plateau in pricing, with cyber rates decreasing on average of 1.5 per cent in the second quarter of 2017. Organisations continue to increase their total cyber programme size, due in part to growing recognition of the risk. The recent global ransomware and malware attacks have organisations paying more attention to business interruption exposures and how/if that can be insured. Even prior to WannaCry and NotPetya, the most recent survey by the Business Continuity Institute found that for the fifth year in a row, unplanned IT or telecommunications outages were the leading cause of supply disruption; cyber attacks and data breaches were identified as the third cause of a high-impact disruption. Recent enhancements to cyber insurance wordings for business interruption risk now provide a greatly improved means to manage this peril through risk transfer. Cyber insurance is available that starts
46%
with the premise that all major technological risks should be covered. These types of policies offer broad protection, including coverages not typically available in commercial cyber insurance policies. Such insurance dovetails with other insurance policies to minimise potential gaps in coverage and maximise protection. Key features include triggers that allow a security incident or technology system failure to activate coverage; a waiting period treated as a qualifier instead of a deductible; and coverage for the cost of forensic accounting services. Work with your insurance advisor to understand how risk transfer – particularly cyber insurance – can best protect your organisation from a potential cyber event.
Conclusion
Your organisation will be affected by a cyber event, if it hasn’t already. Companies can no longer assume that more technology will be the solution to cyber issues. As an operational risk, cyber risks must be addressed through a combination of mitigation, quantification and risk transfer. Taking steps toward building cyber resilience can ensure that when your organisation is impacted by a cyber event, it can continue to operate and weather the attack. This information is not intended to be taken as advice regarding any individual situation or as legal, tax, or accounting advice and should not be relied upon as such. You should contact your legal and other advisors regarding specific risk issues. The information contained in this publication is based on sources we believe reliable but we make no representation or warranty as to its accuracy. All insurance coverage is subject to the terms, conditions and exclusions of the applicable individual policies. Marsh cannot provide any assurance that insurance can be obtained for any particular client or for any particular risk. Marsh makes no representations or warranties, expressed or implied, concerning the application of policy wordings or of the financial condition or solvency of insurers or reinsurers. www.ethicalboardroom.com
Global News Africa
KQ departures in managerial shake-up Four senior executives of Kenya Airways (KQ) have stepped down following the appointment of five new executives from Poland. Earlier this year, Kenya Airways appointed Sebastian Mikosz, who oversaw the turnaround of Polish flag carrier Lot Airlines, to be its new managing director and CEO following four years of massive losses. He has already sparked controversy among trade unions for introducing a large number of expatriates in senior positions early in his tenure as part of a turnaround plan that includes
fleet downsizing, route network revisions and a debt restructuring plan. “As Kenya Airways is finalising the restructuring process and is about to embark on its mission to profitability, I decided to strengthen the transformation office with a team of airline professionals who have accomplished similar goals before,” said Mr Mikosz. The previous Head of internal audit, Catherine Moraa, head of employee relations, Lucy Muhiu, information systems director, Kevin Kinyanjui and in-flight and jet fuel procurement officer, Brian Mbuti have all left the company.
Work on the Nigeria Implats asks for shareholder governance code resumed feedback on remuneration
The Financial Reporting Council of Nigeria (FRC) has opened discussions to reintroduce the proposed national code of corporate governance (NCCG) that was suspended by the Nigerian federal government early this year, This Day has reported. Daniel Asapokhai, executive director and CEO at FRC, told the KPMG CFO Forum in Lagos in October that ‘work has started’ and the board committee to supervise the code had been set up. Asapokhai said: “I think within six months the exposure draft should be ready, because a lot of work went into the suspended code already. So, we are hoping that they can speedily resolve some of the areas and re-expose it.” The NCCG was suspended in January following concerns about certain aspects of the code that applied to not-for-profit organisations, including civil society and religious bodies. 116 Ethical Boardroom | Autumn 2017
Impala Platinum (Implats), one of the world’s largest platinum producers, has pledged to engage with shareholders following a revolt over its remuneration policy. Only 56.4 per cent of shareholders endorsed the remuneration proposal during the company’s annual general meeting in October. According to Independent Online, Implats has invited shareholders to submit their concerns to the company and ‘remained committed to an open engagement process with all shareholders, regarding the endorsement of its remuneration policy and its remuneration implementation report’.
Clooney tackles corruption in Africa Actor George Clooney, through the Clooney Foundation for Justice, has donated $1million to a fundraising campaign tackling corruption in Africa. Clooney’s donation to The Sentry, an investigative initiative that the actor co-founded to uncover the financial networks behind conflicts in Africa, will be used ‘to make sure war crimes don’t pay’. The Sentry co-founder John Prendergast said: “The Sentry is pursuing a new strategy to counter mass atrocities that would utilise the tools of financial pressure normally reserved for countering terrorism, organised crime and nuclear proliferation. We aim to undermine the pillars of the war economy and disrupt the financial flows that fuel conflict.” The Sentry currently focusses on corrupt transnational networks linked to those most responsible for deadly violence in South Sudan, Sudan, the Democratic Republic of Congo, Somalia and the Central African Republic.
Oando challenges SEC audit plans Nigerian energy provider Oando has obtained a court order preventing the Nigerian Stock Exchange (NSE) from suspending its shares and conducting a forensic audit of the company. The NSE suspended trading in shares of Oando following a directive by the Nigerian Securities & Exchange Commission (SEC), which the company called ‘illegal, invalid and calculated to prejudice the business of the company’. The SEC said it had discovered breaches in protocol, such as Oando not seeking permission for, and giving misleading information to the public about, its 2013 sale of Oando Exploration Production Limited to Green Park Management. Oando said it secured the court order as the SEC has not presented a strong case to support either the directive to suspend free trading in the shares of company or the engagement of a forensic auditor. www.ethicalboardroom.com
Good governance is our anchor for sustainable business growth Vodacom is honoured to be the recipient of the Best Corporate Governance Award for the Telecoms sector in Africa.
Vodacom Power to you
Technology | Board Digitisation DITCHING THE RINGBINDERS Going digital is a must for improving boardroom efficiency
Better board papers: Opportunity to improve board effectiveness How can we ensure productive and effective discussions occur? Let’s start by looking at the quality of board papers Here’s the scenario: a company secretary manages board meetings from beginning to end. He or she will schedule the meeting, manage the agenda and ensure all the information is up to date and presentable in advance of the meeting.
Board papers enable directors to prepare for a meeting, allow them to contribute fully to discussions and enhance the capability of the board for good decision-making and overall board effectiveness. Easy, right? Well, actually, no. We know that the process of creating, distributing and updating the board pack can be complicated and may take time. From spending time collating documents, dealing with contributors and chasing information from varying departments across the organisation, to creating and distributing large, heavy copy packs to directors. Thirty-three per cent of companies use email to distribute confidential board papers, but even email has problems: sending 118 Ethical Boardroom | Autumn 2017
Mark Edge
UK Managing Director, Brainloop packs electronically can be troublesome as they can be too large and have to be sent across in several batches of emails. Email isn’t always the most secure method, either, with a plethora of research studies suggesting that email is the biggest attack vector for cyber threats. Then, there’s the preparation for the meeting: directors need the packs before the meeting and they require the pack on personal and corporate devices. But board packs are often edited and updated at the very last minute. It’s a conundrum. Preparing board papers is becoming a hugely time consuming and stressful task for the company secretary and teams. Did you know that companies are spending more than £40,000 a year developing and distributing printed board packs? Or that 48 per cent of boards still manually create and distribute board packs? The effort is huge and can take up most of their time. Let’s look at the common challenges with board papers:
■■ Papers are enormous – anything up to and beyond 200 pages ■■ An over-reliance on management for information, where an independent expert may be helpful ■■ There is too much data that lacks proper analysis ■■ Individual papers are inconsistent in layout ■■ Much time and resources required for packs’ preparation and distribution ■■ There is lack of flexibility to incorporate changes Let us go back to basics; what is the purpose of board papers? They are the key source of information for directors before a board meeting. The board pack supplies the data and information necessary to ensure that the discussion and decisions at board meetings are as productive and effective as possible, and that the meeting is as efficient as possible. So, how can we ensure productive and effective discussions occur? We can start by looking at the quality of board papers. Let’s fix the board meeting. www.ethicalboardroom.com
Board Digitisation | Technology board paper is for information, discussion or decision. This shows a huge lack of purpose. You may have heard the term ‘user experience’ used widely across the digital and tech sectors; it refers to improving a customer’s journey from beginning to end – board papers need the user experience touch. Finding common visual language across all the documents within the board pack will ensure directors journey through the document with more confidence and at a quicker pace – helping drive productivity and purpose. Summarise For time-poor directors, the executive summary is often a shortcut to the most important and relevant information. Executive summaries should be an integral part of the board pack. However, only 23 per cent of board papers use a separate cover sheet to summarise the contents of the paper. Longer and lengthier documents can be moved to a document library or reading room, leaving just summaries or excerpts in packs.
How can we fix the board meeting?
Lose some weight Board papers are enormous. This means it can be difficult to digest and extract relevant information, which can slow down meetings and make it difficult for busy directors to fully engage in proper discussion during the meeting. We found during the Thomson Reuters Conference in 2015, where we interviewed more than 100 company secretaries, that 59 per cent of board papers contain between 100-200 pages and 11 per cent are between 201-300 pages. This is too big, so we need to trim some fat. A bit of user experience In our research, we found that only 43 per cent of boards have issued written guidance, specifying standards for board papers. This means that more than half of UK boards don’t have standards for board papers. Papers can be inconsistent in layout and structure, presenting further difficulty for discussion and decision-making. We also found that only 43 per cent of board papers always state whether each www.ethicalboardroom.com
Summary of best practices
Be relevant There is no room for waffle, make sure that words and visuals are tightly focussed on the issue or discussion presented. It should reinforce the organisation’s values, objectives and strategy, making way for clear, considered conversation. Be integrated Ensure that every member of the board is onboarded with the solutions, templates and requirements so that everyone is singing from the same hymn sheet. This will allow proceedings to move faster and more efficiently. Keep it in perspective Ensure that all the information presented has context. Be reliable and timely It is always better that the board receives information that’s a little imperfect in good time, than entirely accurate information too late. Be clear Reports should be written clearly and simply and supported by the optimum use of visualisation. Key indicators and trends should be obvious.
Resolving resolutions Resolutions are legally binding documents. These can be of varying length but, because it is a document The boardroom needs digitising that makes a formal statement about an Yes, it’s time for the board to go paperless. issue, it is considered important for all the Going digital provides better efficiency, board to keep a record of it. Resolutions also greater ease, collaboration and, ultimately, help drive quicker decision-making. Twenty better decision-making. Digital is a per cent of board papers indicate the desired solution to all the arguments we have action of the board using an explicitly made for building a proposed resolution. That’s better boardroom. 80 per cent of boards missing Finding common Staying traditional is out on a clear, considered visual language costing business time and decision-making process. across all the money. Think of all the hours it takes for your teams Visualisation Only eight per documents within to collate streams of board cent of board papers include the board pack will materials – as we’ve visual aids, such as charts outlined above. These are and diagrams. It is always ensure directors outdated practices. The considered best practice to journey through boardroom is where include visuals as a part of any analysis or conclusions. the document with discussions are held about optimising the future It helps board members more confidence of the business, why not consume information faster and at a quicker start in the place where and is often better than those decisions are made? endless paragraphs of text. pace — helping There are a number The quality of data is also drive productivity of technological solutions, important: it shouldn’t be called board portals, just raw data, there should be and purpose out there. These portals proper analysis. Visualisation have the ability to streamline best practice, is the key to shorter board papers and better increasing collaboration and saving time decision-making. to optimise the board meeting. What should your new Imagine how much time and cost you board pack look like? would save instead of compiling board ■■ Agenda papers manually. You could work in ■■ Minutes of previous meeting (with a real time, knowing about last-minute separate list of follow-up actions) changes or comments made pre-meeting ■■ CEO’s report in an instant; directors could read highly ■■ Financial report confidential documents from their ■■ Other operational reports, as appropriate devices with no security risk; and, guess ■■ Board papers that require board input what? No paper. Digital is changing (for noting, discussion or decision) boardroom efficiency. Autumn 2017 | Ethical Boardroom 119
Technology | Board Tools
The tech impact: Empowering boards
In search of the holy grail of board work: a clarion call for smarter technology
What do Hillary Clinton, Frederick Winslow Taylor and Ray Dalio all have in common? Each, in their own way, is a poster child for one element of the holy grail of board work. That holy grail is the judicious balancing of risk management, efficiency and effectiveness, as the board fulfils its role of advising, supporting and challenging company leadership while that leadership manages the company on a day-to-day basis. Today’s director juggles the imperatives of being efficient, effective and managing risk in a timeframe that is finite. That same director appreciates the reality that boards end up prioritising one of these three elements at the expense of the others. Unearthing and managing risk is very much on the minds of board members across all continents, industries, ownership structures and size. It should be. The focus of the board as it advises, supports and challenges management is to stay focussed 120 Ethical Boardroom | Autumn 2017
Nancy Falls
CEO of The Concinnity Company on performance, strategy and risk and in the service of finding the additional time needed to ascertain and manage the latter, more and more boards are creating separate committees to supply the expertise and time needed to address risk. But boards need to think about risk in two ways: a capital R risk, if you will, related to actions of the company, and a little r risk, as in managing risk around the board’s own activities. Capital R risk is so much on the minds of some boards, they pursue it at the expense of efficiency and effectiveness. Other boards hyper-focus on efficiency while others are all about effectiveness. In and of themselves, risk management, effectiveness and efficiency are worthy pursuits. The trick is to balance these three to achieve appropriate oversight of performance, strategy and risk as the board pursues its work across increasing geography and thought diversity. Our three poster children offer some lessons. Let’s start with Clinton.
Hillary Clinton and emails
Who can look back at a picture of Secretary of State Hillary Clinton reading emails on her cell phone and not conjure thoughts of the risks of email? You know the picture I’m talking about. There she is, sunglasses on, leaning forward from a large leather chair, peering into an iPhone encased in a dark blue protector. Always on the go, globe-trotting, but never out of touch, thanks to technology. Yep, she’s tech savvy. At least that’s what we thought. And then with the news that much of that always on and available status was via email, and email on a personal email server at that, we realised she disregarded risk in the pursuit of efficiency. For board directors, the photo and the story line are a chilling reminder of the constancy of cyber threats facing their organisations. Every week there is another victim. And yet, boards regularly, often unwittingly, contribute to increasing that risk. Even those directors who think they are cyber risk aware, often increase that risk by their actions and choice of tools with which to work. www.ethicalboardroom.com
Board Tools | Technology TECHNOLOGY AT A BOARD’S FINGERTIPS The adoption of smart tools is key to a firm’s sustainability
Oh, for the good old days when we didn’t even have any tools that could trip us up. We just had board meetings and board books to go with them. In the good old days, board books were printed documents produced by companies, usually bound up in three-ring binders and shipped out to directors in advance of meetings. Little got emailed, so risk exposure was limited to the forgetful director who left such book on a plane or in a public space. At the time, we thought the risk of information leaks via a paper board book was real, and in a limited sense it was. In retrospect, the likelihood of serious industrial espionage or reckless and damaging insider trading resulting from lost board books is much lower than the risk of unsecure electronic submission of the same materials. In reality, while the old board book contributed to managing the risk of the loss of sensitive corporate information, there was a high cost in terms of efficiency. Let’s say you got lucky as a director; your organisation got your information-rich board book to you a week in advance and you didn’t have plans for the weekend before the board meeting. Then you had a shot at assimilating hundreds of pages of information. In reality, demands on those www.ethicalboardroom.com
company employees who try to provide the most current information meant that books arrived last minute via yeoman’s work on the part of company, but without enough time for directors to do justice to the material. Directors came to meetings less than ideally prepared. From the directors’ perspective, it left an uncomfortable feeling of being behind the eight ball, unable to bring considered advice and counsel to the table. From the company’s perspective, board meeting time was wasted re-presenting information, answering uninformed questions and occasionally feeling like the company was paying a lot for directors who hadn’t done their homework and were not engaged in the job. The price of abandoning the security provided by paper was a huge loss in efficiency. What began as a win for efficiency, the expansive use of email came at a high price to the management of risk. How can we keep the efficiency gains, without increasing risk? The introduction of the board portal has gone a fair way towards improving the
efficiency of the work in the boardroom. Boards no longer need to rely on printed board books to share corporate information. Board portals provide commercial-grade document management with features that focus on helping boards build those board books, and then let boards share access to board books via apps or via the Cloud. But there is an unintended consequence created by even the best of these portals. Because of their focus on board books and episodic meetings, most board portals fall short in their promise of increased board efficiency. The information codified in a board book is static and often lacks three critical dimensions of context that boards need: time comparisons, standards measurement and competitive comparisons, all of which change constantly in real time. And decisions requested in today’s board book/meeting lack ready access to actions taken in the prior period on related and relevant matters. Boards can be sent on wild goose chases, digging for information buried in past board books. Also, even with these so-called efficiency tools in hand, the amount of time boards spend with companies has been increasing since 2007, according to the National Association of Corporate Directors (NACD). The 2015-2016 NACD Public Company Survey report found that directors, on average, spent 248 hours on board-related matters. That’s 26 hours or almost 4 days/ month and almost a day/week! Autumn 2017 | Ethical Boardroom 121
Technology | Board Tools Because the work of the board is, in fact, work. But Taylor’s work influenced businesses, not all about reviewing board books for governments, management consultants and scheduled meetings, boards looking for education giants across the globe. efficiency continue to rely on workarounds The acceptance of the work of Taylor to communicate and share corporate and his successors has focussed boards on information and process it together. Directors efficiency as a goal in company management. of companies owned by large private investors But for a variety of reasons, that clarion don’t wait around for the board book to get call for efficiency, powered by science the context and answers they need to be and standardisation, has stopped at the effective at challenging management and boardroom door. Just as Taylor’s early providing on-target advice and counsel. Email 20th Century detractors felt scientific is the go-to channel for distribution and management and even teaching management communication, and that cuts back to the had no place in business, it would appear that efficiency/risk dilemma. And there’s the third today’s corporations have concluded that element of the holy grail of board work – while invaluable down in the organisation, effectiveness. Is the board even Taylor’s principles have no focussing on the right things? place in the boardroom. When armed Effective in doing so? And able Forward-thinking boards with smart to measure that success? know better than this, but far Boards must have real-time too little has been developed tools, corporate communication and to facilitate their efforts leaders who information sharing to be to bring standardisation, effective and the current board have incredible science and effectiveness portals have just not come that into their activities. The power to far. For the efficiency and risk work of our third poster management gains made, child is pushing the limits impact so the current state of board of technology and process many others portals leaves a huge gap in the to produce results. from their lofty effectiveness department. The problem with the current state platforms will of board portals is that we have the time have violated the golden rule of technology implementations, and information and that is we’ve automated to act with old process, periodic meetings and static board books, rather wisdom than freeing the board to think critically about strategy, risk and performance. We must bring science to bear in the management of board work. And that is work started by our second poster child over a century ago.
Taylor’s influence
Frederick Winslow Taylor is the father of what is known today as process management, and his work has much to contribute to rethinking board work. A mechanical engineer by training, Taylor pioneered the introduction of scientific methods in business to improve industrial efficiency. His techniques were codified in The Principles of Scientific Management, named one of the most influential management books of the 20th Century. Arguably, the increases in efficiency and the resulting increase in economic prosperity in the 20th Century were possible due to Taylor’s success in bringing to business and management the disciplines of 1) analysing tasks to find best practice, 2) using science in the sourcing, training and development of talent, and 3) using standardisation to measure and monitor results. One of his most famous disciples was H.L. Gantt, whose charts have become a standard tool for scheduling tasks and displaying the flow of 122 Ethical Boardroom | Autumn 2017
A CLEAR FOCUS Technology can help boards concentrate on risk, performance and strategy
Dalio makes his mark
Ray Dalio, head of one of the largest hedge funds in the world, has put his money where his mouth is when it comes to using process and technology to make the management of companies more effective. Employees at Bridgewater Associates are provided with devices that use algorithms to ensure real-time adherence to Dalio’s own principles of management. Those principles centre on a belief that radical transparency and truthfulness enable better, merit-based decision-making. While Dalio’s detractors argue that he is trying to immortalise his own grandiose vision of the
right way to manage people, in a sense Dalio is following the lead provided by the likes of Apple’s Siri, Amazon’s Alexa, and IBM’s Watson – smarter technology. And Dalio argues pretty convincingly that flawed decisions based on either democracy or autocracy waste precious time and resources of the company in its quest for value creation. For Dalio it is all about effective management. So, the question is, how do we use technology to increase efficiency, manage risk and drive more effective board process? The answer lies in deploying the science and process that Taylor promoted and Dalio represents without falling prey to the risk that Clinton introduced. The challenge is to use technology to empower boards to more flexibly juggle these three imperatives without dropping a ball. Boards need a cyber secure space to share ideas, engage in best practice process and exchange information in a far more free-flowing way. Technology can provide the platform, but it must be embedded with best practices and wisdom. And it must provide for a way to measure in real time progress against best practice and company-specific goals and metrics. Such is the promise of technology in general and of mass customisation, in particular. This is what we spend our days thinking about and working on at The Concinnity Company, an organisation built by veterans of the boardroom and the C-suite to solve problems that we know intimately. We realise that we must build tools that both handle everyday tasks effortlessly and provide the board with the right amount of information in the way that is meaningful to the team and at the right time. This frees the team to focus on the company’s risk, performance and strategy, on their unique challenges and to find their common purpose. We know that continuous improvement must be embedded in board tools to ensure sustainability of best practice and successful value creation. The most common leadership problems are just that, common. They can be avoided with awareness of the problems, with intention to resolve them, the application of best practice and a tool to facilitate all of this. A smart tool. At our company, we started with the most common governance mistakes and analysed their root causes and what needed to happen to avoid them. Thus, the Concinnity FrameworkTM was conceived.
And now the clarion call
It is time for the promises of technology and results of process management to serve the highest levels of corporate work. When armed with smart tools, corporate leaders who have incredible power to impact so many others from their lofty platforms will have the time and information to act with wisdom. We just need to support them in ways that free them to do the work for which they are intended. We need to give them the Freedom to ThinkTM. www.ethicalboardroom.com