Ethical Boardroom Winter 2019 by Ethical Boardroom

Published by Ethical Board Group Limited | www.ethicalboardroom.com

Winter 2019 Is contract lifecycle management needed? Greater innovation and efficiency can cut costs Environmental, social & governance ratings How investors can judge their worth

Keeping it above board

From WhatsApp to Facebook Messenger Workarounds to corporate compliance and oversight Demanding directors Why boards need to be more discerning customers Understanding risk in strategy-setting Adapting to change is key to success

Boardroom malfunctions

£9.95 $14.99 $16.99 €11.99

9 772058 611002 15

Why some boards don’t perform to their full potential

UK USA CAN EUR

ISSN 205 8- 61 1 6

Ethical Boardroom | Contents

COMMENTARY

Spotlight on sustainable development Five things boards need to look out for in 2019

Capital allocation: A governance perspective Disclosure is critical for investors to better understand a company’s approach

Everything old is new again Reconsidering the social purpose of the corporation

Auditing failures: causes and cures Making auditors more accountable to investors is the key to successful reform

NORTH AMERICA

Global News: North America Diversity, shareholder activism, bankruptcy and fraud

Highlights from the US Spencer Stuart Board Index 2018 Dispatch from the US on shifting S&P 500 boardroom demographics

BOARD LEADERSHIP

Five impactful corporate governance events of 2018 A change in landscape and the important lessons learned

Leading by example The critical role chairs and CEOs play in driving diversity and inclusion

From rock star to rock bottom How your CEO’s reputation can impact your company’s bottom line

Board malfunctions Why some boards of directors don’t perform to their full potential and what can be done about it

EGM: A framework for building trust in business Enterprise governance management brings technical tools and resources to govern at the highest level and deliver long-term success and sustainability

4 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

Contents | Ethical Boardroom

LATIN AMERICA & THE CARIBBEAN

CONTENTS

Global News: Latin America & the Caribbean Corporate governance, fi nancial technology and board education

Nevis: making progress Transparency and exchange of information for tax purposes reach international standards

BOARD GOVERNANCE

Nomination committees in Sweden and the UK Why combining two approaches to one problem will ensure a more cohesive team of directors

Pay disparity: How do female CFOs fare? Findings in gender pay inequality and opportunity disparity among CFOs at Russell 3000 companies

The power of digital How software can enable positive change in your business communication channels

Prioritising a board’s New Year’s resolutions Directors need to be more demanding and discerning customers to meet escalating risk oversight expectations

EUROPE

Global News: Europe Opaque bonus schemes, Renault board shuffle and diversity

THE EB 2019 CORPORATE GOVERNANCE AWARDS

Introduction & Winners list We reveal our 2019 European Corporate Governance Award winners

22 www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 5

Ethical Boardroom | Contents

Where are the women in ECA boardrooms? Five ways to accelerate the pace of change

Spain tackles independent director challenge Spainâ&#x20AC;&#x2122;s micro-dominicales director status should be addressed by the countryâ&#x20AC;&#x2122;s regulators

ACTIVISM & ENGAGEMENT

Looking forward: The UK Stewardship Code The Code has led the way but needs to be stronger on social issues and ethics

Engaging in ESG Climate change, plastic and SDGs are front of mind for investor dialogue

Environmental, social & governance ratings Environmental and social proposals continue to be a main focus for investors. So, how do they judge their worth?

ASIA

Global News: Asia Corruption, board diversity and shareholder approval

REGULATORY & COMPLIANCE

Is contract lifecycle management needed? Greater innovation and efficiency in business can cut costs and improve business integrity

Contract management in the digital age The ability to systematically manage contract creation, execution and analysis is key to corporate success

Whistle-blowing in the boardroom Send a clear message to your stakeholders that ethical behaviour is a fundamental value of your company

6 Ethical Boardroom | Winter 2019

Contents | Ethical Boardroom

AUSTRALASIA

Global News: Australasia Insurance culture, business confidence and banking fraud

RISK MANAGEMENT

Undertaking an ethical transformation The importance of cultivating and fostering an employee engagement programme

102

Online reputation Mitigating corporate reputation risks in todayâ&#x20AC;&#x2122;s digital world

106

Third-party risk management and the ethical boardroom If third-party risk management is showing up on your board agenda more and more often, youâ&#x20AC;&#x2122;re not alone

AFRICA

110

Global News: Africa Remuneration, women on boards and new governance codes

TECHNOLOGY

112

A looming challenge for corporate governance Ephemeral and self-destructing messages, use of private communications channels and other workarounds to corporate oversight and compliance

116

Dinosaur governance in the age of unicorns Tech fi rms needs to focus on their own specific risks to protect user and investor rights

120

Good governance and SMEs How following best practices can help small businesses establish effective boards

MIDDLE EAST

122

Global News: Middle East Corruption, sustainability, gender diversity and risk standards

Winter 2019 | Ethical Boardroom 7

Ethical Boardroom | Foreword

Ghosn’s fall from grace WELCOME TO THE WINTER 2019 EDITION OF ETHICAL BOARDROOM Until just a few months ago, Carlos Ghosn – the global auto chieftain – enjoyed superstar status in Japan. Lauded for turning around Nissan when it was on the brink of bankruptcy in 1999, he was even fêted in a Japanese comic book.

©ADAM TINWORTH

But, for now, he is confined to a detention cell in Tokyo – with bail refused twice – indicted on charges that he underreported his income by more than $80million for years and temporarily transferred personal investment losses to Nissan while he was chairman and chief executive. Ghosn (pictured below) has firmly denied all allegations – in a court appearance he said: “I have always acted with integrity and have never been accused of any wrongdoing in my several-decade professional career.

8 Ethical Boardroom | Winter 2019

I have been wrongly accused and unfairly detained, based on meritless and unsubstantiated accusations.” But Ghosn’s predicament has strained Renault-Nissan relations, threatening the future of the partnership he transformed into a carmaking giant. The boards of Nissan and alliance partner Mitsubishi voted to sack Ghosn as chairman within days of his arrest in November. And, while he stepped down last year as CEO at Nissan, he held on to both his CEO and chair role at Renault until late January when he resigned – replaced as chairman by Michelin chief Jean-Dominique Senard and as CEO by Thierry Bolloré. This story is still unfolding; after three months in detention, Ghosn has not even been officially charged. But the way the affair has been handled points to another embarrassing example of poor corporate governance. Ghosn was one of the most powerful executives in the world and if it is found he was fraudulently disclosing information, then it’s not just the chairman that is responsible. Following his arrest, the Nissan board did unveil plans for the establishment of a ‘special committee for improving governance’, incorporating external independent experts based on the

MAGAZINE

recommendations of its independent outside directors. The committee is tasked with finding the root causes of any misconduct and provide recommendations for the enhancement of the company’s governance, including proposals to ‘improve approval processes and governance for determining director compensation and to provide recommendations for creating a healthy state of governance as the foundation for sustainable business in a leading global company’. But, sadly, the sentiment is not catching. A recent Reuters poll has found that three-quarters of Japanese companies have no plan to create committees overseeing compensation or executive nomination, reflecting indifference to boosting governance. There will be times that business people simply act improperly but companies should be doing more to mitigate the risks of major compliance issues. In this issue of Ethical Boardroom, we hear from David Morgan on the importance of businesses establishing an effective whistle-blowing framework; Roz Sheldon on controlling, monitoring and maintaining a positive corporate presence; and Anderson Dy on the importance of re-establishing and strengthening shareholder trust.

www.ethicalboardroom.com

Contributors List | Ethical Boardroom

OUR THANKS TO THIS ISSUE’S CONTRIBUTING WRITERS MALCOLM ADKINS & WES HART Malcolm is Vice President and Wes is MD at Pearl Meyer, Houston

TIM CUMMINS President, the International Association of Contract and Commercial Management (IACCM)

DAVID MILLS Managing Director and Global Sectors Lead, Russell Reynolds

ZALLY AHMADI Director of Corporate Governance & Executive Compensation at D.F. King, an AST Company

GEORGE DALLAS Policy Director, International Corporate Governance Network

DAVID MORGAN Managing Director at PKF Integrity Services

ALISSA AMICO Managing Director, GOVERN

JULIE DAUM Leader, North American Board Practice at Spencer Stuart

JASON R. BARON Of Counsel in the Information Governance and eDiscovery Group at Drinker, Biddle & Reath LLP

FRASER DOIG Product Marketing Executive, Ideagen

CLAUDIA MORANTE BELGRANO Head of Corporate Governance at Georgeson for Spain

ANDERSON DY, PHD Vice President of Sales for Northern/Eastern Europe and Africa, Diligent Corporation

GRAHAM BOWSTEAD Head of Sales, Perivan Technology

MARKUS FABEL Global Head of Quality & Risk Management Advisory at KPMG

DR CATERINA BULGARELLA & REBECCA TURCO Dr Caterina is an expert in organisational culture and behavioural ethics, Rebecca is Vice President of eLearning at SAI Global MERIMA ZUPCEVIC BUZADZIC IFC’s Corporate Governance Lead for the Europe and Central Asia region PROFESSOR JOHN COFFEE Adolf A. Berle Professor of Law at Columbia University Law School and Director of its Center on Corporate Governance LAUREN COMPERE Managing Director, Boston Common Asset Management

HOLLY J. GREGORY Partner at Sidley Austin LLP CAROLA VAN LAMOEN Head of Active Ownership, Robeco JAMES LAWN Co-CEO of Polecat Intelligence TIM J. LEECH Managing Director, Global Operations at Risk Oversight Solutions PATRICIA LENKOV Senior Managing Director with Teneo’s Talent Advisory team

SOPHIE NACHEMSON-EKWALL & COLIN MAYER CBE Sophie is affiliated researcher at the Stockholm School of Economics. Colin is the Peter Moores Professor of Management Studies at the Saïd Business School, University of Oxford; Centre for Economic Policy Research (CEPR); European Corporate Governance Institute (ECGI) JEAN POUSSON Senior Consultant with the Institute of Directors (IOD) MICHAEL SARACINI CEO of Aravo Solutions ROZ SHELDON Managing Partner and Head of Client Services, Igniyte JEN SISSON Chief of Staff, Financial Reporting Council HEIDI-LYNN SUTTON Regulator, Nevis Island Administration GABE SHAWN VARGES Senior Partner at HCM International & Chairman of the GECN Group

EDITOR Claire Woffenden DEPUTY EDITOR Spencer Cameron EXECUTIVE EDITOR Miles Hamilton-Scott ART DIRECTOR Chris Swales CHIEF SUB Sue Scott HEAD OF ONLINE DEVELOPMENT Solomon Vaughan ONLINE DEVELOPMENT Georgina King, Rosemary Anderson SUBSCRIPTIONS MANAGER Lucinda Green MARKETING MANAGER Vivian Sinclair CIRCULATION MANAGER Benjamin Murray HEAD OF SALES Guy Miller PRODUCTION EDITORS Dominic White VIDEO EDITOR Frederick Carver VIDEO PRODUCTION Tom Barkley BUSINESS DEVELOPMENT Michael Brown, James Walters, Henry Smart ASSOCIATE PRODUCER Lea Jakobiak HEAD OF ACCOUNTS Penelope Shaw PUBLISHER Loreto Carcamo Ethical Board Group Ltd ● Ethical Boardroom Magazine ● 51 Philpot Street ● London E1 2JH ● S/B: +44 (0)207 183 6735 ● ISSN 2058-6116 www.ethicalboardroom.com ● Ethical Boardroom ● twitter.com/ethicalboard Designed by Yorkshire Creative Media | www.yorkshirecreativemedia.co.uk. Printed in the UK by Cambrian Printers. Images by www.istockphoto.com All information contained in this publication has been obtained from sources the proprietors believe to be correct, however no legal liability can be accepted for any errors. No part of this publication can be reproduced without prior consent from the publisher.

www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 9

Commentary | ESG

Spotlight on sustainable development

things boards need to look out for in 2019

Lauren Compere

Managing Director, Boston Common Asset Management

Our changing environment has frequently made headlines in the past 12 months, with extreme weather from a Europe-wide heatwave to record droughts in Cape Town and hurricanes and wildfires in the Americas.

These events cost business billions of dollars and made it abundantly clear that climate risk has firmly arrived as a material risk for boards to manage. But climate is not the only sustainability risk to arrive on the agenda of boards. There are a number of indications that corporate practices to promote diversity and support the UN’s Sustainable Development Goals will also come under the microscope in 2019. Here are five things boards may need to look out for this year.

Investors calling for a climate scenario analysis The COP24 climate talks in Poland’s coal capital Katowice put climate risk front 10 Ethical Boardroom | Winter 2019

and centre as 2018 drew to a close. David Attenborough opened the conference with a stark warning that climate change is humanity’s greatest threat in thousands of years. And the message did not fall on deaf ears as political and business leaders then etched out a 150-plus page rulebook on how to achieve the Paris Agreement. Perhaps the key action point for corporate leaders in 2019 is to consider undertaking a climate scenario analysis for their organisation. Th is is one of the key recommendations of Mark Carney and Michael Bloomberg’s Task Force on Climate-related Financial Disclosure (TCFD), supported by banks and investors managing more than $86.2trillion, this asks companies to stress test their long-term business resilience in, among other scenarios, a 2°C global temperature rise.1 On the topic of climate-conscious shareholders, we can also expect AGM season to be full of climate resolutions. For instance, in the oil and gas sector, over the past four years, votes for climate shareholder resolutions have doubled.2 With the UN’s Intergovernmental Panel on Climate Change warning in October that

we have only 12 years left to limit a climate change catastrophe, a line has been drawn in the sand and climate risk will surely feature heavily at AGMs in the spring. 3 carbon investment 2 Low As the fi ght against climate change

intensifies, businesses are increasingly doing their part by ramping up low-carbon investment and striving for greater energy efficiency. A recent report found that efficiency gains will drive approximately 50 per cent of the changes needed for a timely transition to a sustainable future under the 2°C scenario outlined in the Paris Climate Agreement.4 While most companies report greenhouse gas (GHG) emissions as well as water use and waste metrics, fewer are reporting on energy use. Thus, we expect initiatives, such as EP100, which calls for 100 companies to double their energy productivity – generating twice as much economic output for every unit of energy consumed – by 2030, to gain considerable support this year. 5 Furthermore, we expect a rise in explicit board and executive www.ethicalboardroom.com

ESG | Commentary leadership responsibility, oversight and accountability for eco-efficiency in 2019. A growth in companies adopting Science Based Targets (SBTs) – i.e. tough emission reduction goals that align with the Paris Agreement – are also likely to be a feature of 2019. Already 500 companies have adopted these targets and the impact of bodies, such as the investor-led Transition Pathway Initiative, are ensuring that green targets set by companies can no longer be arbitrary but need to align with climate science if they are to be future-proofed against potential changes in environmental legislation.6

It is more important than ever that companies rise to the challenge of building sustainable capital markets in 2019

diversity 3 Embedding and human rights

Promoting diversity within companies and respecting human rights is not just the right thing to do, it also helps fi rms’ performance. A McKinsey study found that companies with the most ethnically diverse executive teams are 33 per cent more likely to outperform their peers on profitability.7 At the board level, too, McKinsey found that high levels of cultural diversity are correlated with greater likelihood of above median profitability. 8 There has also been an increasing number of shareholder proposals on racial diversity, such as that fi led at Google’s parent company Alphabet in 2018. Th is year could see more companies asked to link CEO pay with the achievement targets for gender and racial diversity among senior managers – driven by the success of a number of working groups, networks, and initiatives, www.ethicalboardroom.com

such as the Th irty Percent Coalition which has helped push the percentage of women directors in the S&P 500 up to 24 per cent.9 Meanwhile, respecting human rights is still not ‘business as usual’, but there are indicators of movement in the right direction. A report last year revealed that more companies than ever before are taking steps to address gaps in their human rights management.10 Top-performing companies, such as Adidas, BHP Billiton, Marks and Spencer, Rio Tinto and Unilever, are demonstrating that integrating respect for human rights is neither impossible, nor detrimental, to the business model.11 Rankings, such as the Corporate Human Rights Benchmark, are driving boards to bring in external support to improve their human rights performance, aligned with the UN Guiding Principles for Business and Human Rights.

the 10 largest US food and beverage manufacturers – which generate an estimated $160billion in domestic sales – lack the policies and action needed to tackle the high levels of obesity and diet-related diseases in the United States.15 Such fi ndings will hopefully cause more companies to improve on their impact in this field. expertise, resources, 5 Bringing policies and mechanisms for

effective board oversight A recent survey conducted by Board Agenda, supported by Mazars and INSEAD, found that while boards might have a good understanding of the sustainability risks and opportunities, it concludes that ‘leadership teams are still grappling with how to build the right policies and information to ensure they are meeting the challenge head-on’.16 In 2019, boards must address the gaps found by the survey with only one in five having a committee or non-executive with dedicated responsibility for sustainability and only one-third of the responders agreeing that sustainability measures are integral to determining the performance and compensation of executive directors.17

COMMITMENT TO CHANGE Companies are rising to the climate change challenge

We expect to see this trend continue and hope it will help create a ‘race to the top’ among companies. in SDG reporting 4 Growth Expect to see more companies

reporting against the Sustainable Development Goals (SDGs) in 2019. A UN report last year, highlighted that progress is not moving fast enough to meet the ambitious 17 goals on poverty, health and equality by 2030.12 And a call by UN Chief António Guterres to ‘inject a sense of urgency’ has got alarm bells ringing and should spur action.13 For instance, we are seeing an increasing number of food companies aligning their sustainability aims and objectives with SDG 3: Good Health and Well-being.14 However, the publication last year of the Access to Nutrition Index cast light on the fact that

Ultimately, there are material, as well as moral, reasons for boards to tackle issues like climate, diversity, human rights and the achievements of the SDGs in 2019. It is more important than ever that companies rise to the challenge of building sustainable capital markets in 2019 with explicit responsibility at the board level, bringing expertise, more resources and mechanisms to bear, and linking sustainability to performance goals and compensation. The information in this article should not be considered a recommendation to buy or sell any security. Footnotes will be run in full online

Winter 2019 | Ethical Boardroom 11

Commentary | Corporate Governance FOCUSSING ON INVESTMENT Investors should be alert to a company’s approach to managing capital allocation

Capital allocation: A governance perspective Capital allocation is a fundamental corporate governance consideration, directly relevant to a company’s long-term success and the interests of company shareholders and stakeholders.

Yet, in some ways, capital allocation fl ies below the radar as a governance issue and topic for investor engagement. While corporate governance codes address a wide range of issues, such as board structure, risk management, audit quality and remuneration, capital allocation itself is often not explicitly addressed in codes of governance best practice. However, it does warrant focus as one of the key outputs of the governance process affecting investors providing risk capital – both debt and equity.

What is capital allocation?

Capital allocation is where corporate governance and corporate finance come together. For investors, a company’s capital allocation links closely with questions of 12 Ethical Boardroom | Winter 2019

Disclosure is critical for investors to better understand a company’s approach George Dallas

Policy Director, International Corporate Governance Network company purpose, strategy, business model, risk appetite and public disclosures – and, ultimately, to a company’s ability to generate sustainable returns. Most basically, from a balance sheet perspective, it reflects how a company chooses to finance itself, particularly with regard to the balance of equity, debt and other forms of capital funding. From an earnings or cash flow perspective, a key capital allocation question is the division of the ‘spoils’ between dividends to shareholders, share-based incentive awards to company executives and the retention of earnings for capital investment and financial stability.

As a matter of corporate governance, capital allocation is important with regard to achieving the appropriate type and balance of capital funding to allow a company to pursue its mission and strategic objectives, and to provide sufficient returns and protections to providers of risk capital. Th is is a matter of judgement for executive managers and corporate boards and often capital allocation can involve trade-offs in establishing a sustainable equilibrium between varied interests of shareholders, creditors and other company stakeholders, including employees and customers.

How can capital allocation be problematic?

As a corporate governance consideration, investors should be alert to a company’s approach to capital allocation, particularly given the potential for distortions, which can have unfavourable outcomes. In some cases, capital allocation can be overly conservative, particularly relative to shareholder expectations for risk-adjusted returns. In other cases, capital allocation may be overly risky from the perspective of creditors and www.ethicalboardroom.com

Corporate Governance | Commentary other long-term stakeholders – and the sustainability of the company itself. Japan is a good example of where capital allocation concerns relate to conservative capital structures. Many Japanese companies are known for balance sheets with considerable cash balances, non-strategic corporate cross shareholdings and relatively limited use of debt finance. While this approach may provide a stable financial cushion for the benefit of employees and creditors, it also can be inefficient by generating low returns on capital for equity investors – particularly compared with peers in North American and European markets. To some extent, this reflects differing business philosophies, time frames and approaches to company purpose. However, the profitability of Japanese companies is a clear concern for overseas equity investors, who represent more than one-third of the Tokyo Stock Exchange market capitalisation. The Japanese Financial Services Authority’s Council of Experts for Japan’s Corporate Governance Code is currently reviewing the Japanese code with regard to addressing investor concerns about Japanese capital allocation practices. At the other extreme, capital allocation runs the risk of being overaggressive, particularly in Western economies, and can exacerbate financial risks for companies and providers of risk capital. Examples of questionable practice include: ■■ Aggressive use of debt leverage A risky financial strategy is not intrinsically wrong as long as this strategy is clearly communicated to both creditors and shareholders. However, while undercapitalised balance sheets may increase the potential for shareholders to generate high returns on equity, they also enhance financial risk and expose a company to lower credit quality – and, in extremis, to insolvency ■■ Inappropriate dividend policy While investors generally like dividends, they need to appreciate when payments of dividends may be inappropriate in the long-term interests of the company, given poor financial performance or a more urgent need for the company to deploy retained earnings for capital investment ■■ Inappropriate share buybacks Buybacks can be a legitimate tool for companies to manage their capital structure. But the scope for manipulation should bring this practice more clearly onto the radar of both long-term shareholders and creditors – both of whose interests can be compromised by buybacks that may be unwise (such as buying back shares at the top of the market) or cynically engineered to game performance targets, such as earnings per share ratios www.ethicalboardroom.com

■■ Starved capital spending For most, if not all, companies, some form of capital spending is an ongoing strategic and operational imperative to remain competitive and positioned for sustainable value creation. However, the level and timing of capital spending is often subject to company discretion, and investors should be alert to companies that may short-change critical research and development or capital spending programmes to accommodate short-term pressures for dividends and earnings growth ■■ Poor executive pay structures The potential for these questionable capital allocation practices can be increased or diminished through remuneration and incentive structures. Investors should be alert to pressures for inappropriate capital allocation decisions in ways that flatter short-term performance metrics, thereby triggering bonuses and other incentive awards

level of capitalisation and liquidity to provide a cushion against foreseeable systematic and unsystematic risks. This means having an adequate, but not excessive, amount of cash or other liquid assets, as well as an appropriate balance of debt and equity capital to achieve an acceptable equilibrium of financial stability and returns for investors. It also provides a foundation for company capital allocation decisions relating to how company cash flows are allocated between capital spending, dividends, share buybacks, executive remuneration and investments in non-strategic assets that may not be core to the company’s own business or sector.

Disclosure recommendations

Corporate reporting and disclosure are critical for investors to better understand a company’s approach to capital allocation. Companies should be specific in articulating their financial policies and how their capital structures mesh with their strategies, risk appetites and business models. Investor expectations The company and its investors should of company boards benefit from the company disclosing its own From an investor perspective, the challenge weighted average cost of capital – which in all markets is to encourage capital can help to identify situations where allocation practices that inefficiencies might establish a sustainable contribute to diluting returns From an investor foundation for company on capital, particularly if perspective the value creation while the company is not meeting challenge in all meeting the needs of both its cost of capital. debt and equity investors. From a regulatory markets is to A fundamental starting perspective, there is scope encourage capital to consider more detailed point in this debate should be a company’s ability to allocation practices disclosure requirements in achieve a positive return on this area for companies in that establish its risk-adjusted weighted their annual reports and average cost of capital. other disclosures that help a sustainable This requires, in the first investment decision-making. foundation for instance, the company’s This could include specific company value ability to understand and disclosures of the company’s measure its cost of capital, calculation of its own cost creation while and then to manage the of debt and equity capital, meeting the needs and how this relates to the company so that it can adequately generate an company’s long-term value of both debt and ‘economic profit’ – a creation, including its use equity investors technical term for meeting of cash, debt and equity. its cost of capital. In many Link to investor stewardship ways this is a more meaningful investor Public disclosure of this nature would be a expectation than asking companies to positive benefit for providers of debt and generate ‘alpha’, a term of art that means equity capital and we believe that such achieving an excess return to the market. disclosures would form a strong foundation Companies have little direct control over for investor engagement with companies. their share price or alpha generation – that This is where investor stewardship fits depends on market forces. But they should in, and it is our hope that more robust have the ability to develop capital structures disclosures relating to capital allocation can and corporate strategies in a way to achieve contribute positively to management’s own positive economic profits. understanding of its own capital management, In practical terms, executive management as well as enhance investors’ ability to provide and board directors should review their constructive inputs to investee companies balance sheets and consider how cash with regard to their own expectations positions, debt and equity can be blended relating to the company’s financial structure, prudently to achieve both acceptable returns performance and sustainability. for investors, while maintaining a sufficient Winter 2019 | Ethical Boardroom 13

Commentary | Social Impact

Everything old is new again At a time when trust in US business is at an all-time low, according to the Edelman Trust Barometer, the idea that the corporation should be run solely for the benefit of the shareholders is being questioned, including by large institutional shareholders.1 In a recent survey of 500 institutional investors, Edelman found that investors are increasingly taking into account as investment factors longer-term social and environmental considerations and the corporation’s cultural health. They are also expecting companies to take a stand on relevant social issues. A full 98 per cent of investors surveyed indicated that ‘public companies are urgently obligated to address… societal issues to ensure the global business environment remains healthy and robust’.2

Reconsidering the social purpose of the corporation Holly J. Gregory

Partner at Sidley Austin LLP The top five issues of concern cited were cybersecurity, income inequality, workplace diversity, national security and immigration. More broadly, in his January 2018 letter to CEOs, BlackRock CEO Larry Fink discussed the need for portfolio companies to have a ‘sense of purpose’ and shared his view that to ‘prosper over time, every company must not only deliver financial performance, but also show how it makes a positive contribution to society. Companies must benefit all of their stakeholders, including shareholders, employees, customers and the communities in which they operate’.3

The corporate purpose debate Interest in for whom the corporation is governed is as old as the corporate form itself. Originally, corporations were created

by special royal charter for a specified purpose – for example to explore the East Indies – allowing the enterprise to raise capital and share the risk and reward of the endeavour with investors (who need not be actively involved in its management). In the US, the earliest business corporations were chartered to engage in activities of societal benefit, such as constructing turnpikes and bridges, supporting clean water supply, and providing banking services and insurance. While profits were expected, corporations were a means of addressing a societal need that required capital accumulation beyond what a partnership or sole proprietorship might provide. As Adam Smith recognised in The Wealth of Nations, capitalist activity is driven by self-interest, but he also assumed, as explained in The Theory of Moral Sentiments, that ‘morality’ and prudence would moderate excesses and guide corporate directors and managers. As corporate formation became more generalised and liberal under state corporate law, corporations grew in number and in

PRESERVING BALANCE Institutional investors can play a key role in encouraging companies to take a balanced long-term view of constituents’ interests 14 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

Social Impact | Commentary economic strength, as they provided goods and services that members of society needed or wanted. However, a series of scandals involving railroads and monopolies in the mid to late 1800s gave rise to distrust about the exercise of corporate power. The Great Depression and the resulting interest in curbing abuses associated with corporate power sparked a debate about the purpose of the corporation between Harvard Law School Professor E. Merrick Dodd and Columbia Law School Professor Adolf A. Berle, published in the Harvard Law Review in 1931 and 1932. Professor Berle had taken the position that the board held managerial power over the corporation in trust for the benefit of the shareholders as the sole beneficiaries of the corporation.4 Professor Dodd countered that the corporation should be viewed as having both a profit-making function and a social benefit function.5 Professor Berle responded that his shareholder primacy view should prevail over Professor Dodd’s broader social purpose or stakeholder view because the broader view provided no clear mechanism to measure the corporation’s success so as to hold the board and management accountable. He wrote: “A social-economic absolutism of corporate administrators, even if benevolent, might be unsafe; and in any case it hardly affords the soundest base on which to construct the economic commonwealth which industrialism seems to require.”6 As the economy recovered through the post-war period, companies reinvested, wages increased and shareholders profited, and it appeared that boards and CEOs – primarily CEOs in that era of ‘managerial capitalism’ – were meeting societal as well as shareholder expectations. In 1954, Professor Berle conceded: “Twenty years ago, the writer had a controversy with the late Professor E. Merrick Dodd, of Harvard Law School, the writer holding that corporate powers were powers in trust for shareholders while Professor Dodd argued that these powers were held in trust for the entire community. The argument has been settled (at least for the time being) squarely in favour of Professor Dodd’s contention.”7 The matter was not settled, however. In the late 1960s and early 1970s concerns about product safety and the environmental impact of corporate activity reinvigorated public interest in the corporation’s social responsibilities. In 1970, economist Milton Friedman shored up support for the shareholder primacy view in a well-known New York Times essay, in which he argued that ‘there is one and only one social responsibility of business – to use its resources and engage in activities designed to increase its profits so long as it stays within the rules of the game’.8 Ralph Nader in turn called for federal chartering of corporations to provide stricter control www.ethicalboardroom.com

over corporate power, due to the failures of shareholders and directors to hold corporations accountable.

Board accountability and shareholder value

Much has changed in the intervening years as managerial capitalism gave way to stronger and more independent boards, shareholding became concentrated in institutional investors and these concentrated shareholders became a more powerful force. Today’s boards of directors recognise that shareholders, directors and managers all function within a larger business and legal environment that shapes behaviour, in line with a broader view of corporate governance that goes beyond the internal affairs of the corporation. Boards navigate through continual changes in technologies, business models and competitive conditions as they guide the corporation in a dynamic environment. They also must adapt to changing conceptions about the role of the corporation in society that shape expectations about corporate governance and for whom the corporation is governed. The corporation’s purpose and for whom it is governed is subject to shifting public sentiment and also to cultural norms, such that it is viewed differently in different parts

Increased focus by investors on the broader societal impacts of their portfolio companies may help assuage underlying concerns about the responsible use of significant economic power by corporations of the world. Continental Europe (particularly Germany, France and the Netherlands) and countries in Asia have leaned toward satisfying the needs of employees and other ‘stakeholders’, variously defined to include suppliers, creditors and the communities in which corporations operate. In contrast, the US, Canada and the United Kingdom have leaned more towards shareholder primacy as a bright line standard that is easily measured and observed, avoiding a diffusion of accountability and the risk of differing interpretations about what constitutes good performance. As Professor Lynn Stout asserted: “Such a standard leaves directors with far less leeway to claim that they are doing a good job for the firm when, in fact, they are doing well mostly for themselves.”9 In the years since the Berle and Dodd debate, shareholder value as measured by metrics, such as total shareholder return

(TSR), has emerged as the polestar measurement of the performance of US companies and their senior executives. However, investor emphasis on improvements in such metrics on a quarterly basis raises real concerns that boards and managers are incentivised to forego research and development and other long-term investments in innovation and human capital.10 Federal regulation may force corporations to rethink the polestar of shareholder value. Senator Elizabeth Warren’s proposed Accountable Capitalism Act (S. 3348) would create an Office of US Corporations within the Commerce Department – much like Ralph Nader’s proposed Federal Chartering Agency – and would require corporations with $1billion or more in revenue to obtain a federal charter in order to operate. That charter would require directors to consider the interests of a broader set of corporate constituents – employees, customers, shareholders, communities – in making decisions. To make sure employee interests were chief among those interests, employees would elect 40 per cent of the board.

Conclusion

While the social interests that a corporation serves and the interests of shareholders are often viewed as being in tension, when viewed outside of a short-term perspective, social interests and shareholder interests are often aligned. After all, corporations do not succeed by consistently neglecting the expectations of employees, customers, suppliers, creditors and local communities, but neither do corporations attract necessary capital from equity markets if they fail to meet shareholder expectations of a competitive return. Increased focus by investors on the broader societal impacts of their portfolio companies may help assuage underlying concerns about the responsible use of significant economic power by corporations – and large institutional investors – but a common set of appropriate metrics that look beyond shareholder return have not yet developed. Until they do, shareholder value will remain the primary polestar for assessing boards and managers and holding them accountable. At the same time, it is clearly in the common interest of investors and corporations to address societal expectations, reduce tensions and build trust in our important economic institutions. Institutional investors can play a key role in helping corporations navigate this difficult terrain by emphasising in specific terms the key environmental and social factors that are meaningful to their investment decisions. The views stated above are solely attributable to Ms. Gregory and do not necessarily reflect the views of Sidley Austin LLP or its clients. Footnotes will be run in full online.

Winter 2019 | Ethical Boardroom 15

Commentary | Auditing

Auditing Failures: Causes and Cures 2018 saw a cascade of auditing failures – in the UK, the US and across Europe. These episodes – Carillion, BHC, Patisserie Valerie in the UK and, in Europe, the still mushrooming Danske Bank money laundering scandal (in which more than $200billion was funneled through a tiny branch in Estonia) – all raise the same question: where were the auditors?

Although some of these failures may have been merely the product of gross negligence, 16 Ethical Boardroom | Winter 2019

Making auditors more accountable to investors is the key to successful reform Professor John Coffee

is the Adolf A. Berle Professor of Law at Columbia University Law School and Director of its Center on Corporate Governance others show the auditor behaving in a supine and willfully blind fashion. So what should be done? Answers vary. In the UK, the Labour Party wants to ‘break up

the Big Four’ (which audits 97 per cent of the FTSE 350 and thus amounts to an obvious oligopoly). The current UK government commissioned a review by Sir John Kingman, who has now reported and recommended the creation of a stronger audit regulator with statutory authority and financial independence. Simultaneously, the UK’s Competition and Markets Authority (CMA) issued a report calling for (1) an end to audit fi rms also serving as consultants to their audit clients (because lucrative consulting can seduce the auditor into acquiescence) and (2) the use by public corporations of joint audits under which at least one auditor would not be a member of the Big Four. The CMA also wants the audit www.ethicalboardroom.com

Auditing | Commentary INFORMING INVESTORS Providing accurate information can improve the audit process

In such an environment, auditors eventually learn that they are in a ‘commodity business’ and cannot compete based on the quality of their services. Instead, the rational strategy is to cost minimise, not investing in new technology or higher priced personnel. Oligopoly reinforces this problem because a Big Four auditor no longer needs an unblemished reputation, but only one that is roughly comparable to its few rivals. If all the Big Four are similarly involved in scandals, none of them suffers relative reputational loss. In this light, reforms aimed at curbing conflicts of interest or increasing competition will achieve less than reformers hope (indeed, more competition may even exacerbate the auditor’s deference to the client’s preferences because the winner in such a competition is likely to be the most accommodating auditor).

Goal of reform

A better policy needs to be grounded on bedrock. As a starting point, we must recognise that although auditors serve investors, they are selected by managements (and the interests of shareholders and managers are not well aligned). Th is is the key anomaly that must be corrected. The goal of reform should be to make auditors more accountable to investors (and less to managements). Today, shareholders merely ratify management’s choice of the auditor and, typically, We must this receives only cursory recognise attention. But it is possible for that although shareholders themselves to the auditor. The barrier auditors serve select regulator to supervise the is that today they do not investors, they know enough about auditor company’s choice of auditor. The problem with some of are selected by performance (and the these reforms (such as limits erences between auditors managements diff on consulting by auditors) are opaque to investors). is that they were already Thus, a better strategy for (and the imposed years ago (in a more auditor reform should have interests of modest form) and we have two elements: (1) the audit shareholders regulator should annually probably reached the point of diminishing returns in terms of and managers grade the auditor’s performance what they can achieve. The false on a client-by-client basis are not well premise here is that auditors (in the case of public companies) are compromised by the hope and publish its grades; and aligned) for consulting income from the (2) a defined percentage of the client. The darker truth is that auditors are shareholders (say 10 per cent) should be even more compromised by the fact that entitled to nominate a different auditor and corporate managements often want a place its nominee before the shareholders deferential and perfunctory audit. Auditors for a vote at the annual meeting. Neither may be perceived by managements largely step is radical. In fact, grades are today as an obstacle, and the lesser obstacle is given by the audit regulator in the UK, preferred. Th is problem has been aggravated but the process is far from transparent, while over recent years by a major shift in senior under the UK Companies Act, shareholders executive compensation from primarily cash are not confined to ratification and can to primarily incentive equity compensation. appoint the auditor. A CEO compensated through stock grants Who would respond to this new and options on an incentive basis has a opportunity? Although it is often assumed stronger reason to want to report increased that large, diversified institutional investors earnings (to spike the stock price) and to prefer to remain passive, this misstates resent any interference from auditors. their actual preferences. Because of the www.ethicalboardroom.com

large number of companies in their portfolios, these institutions are reluctant to become involved in fi rm-specific disputes, but they do participate and exercise voice with respect to more ‘generic’ issues of corporate governance that recur across their portfolios. For example, they do support shareholder proposals on board diversity, climate change and basic corporate governance issues, in part because they can follow a common policy. Selecting the auditor represents just such a ‘generic’ issue because, across their portfolios, institutional investors want objective information and could follow a policy of voting against a poorly graded auditor.

Impact of activism

Another class of investors could prove to be the catalyst here. Activist investors (such as hedge funds) are today searching for governance issues where they can present themselves as the shareholders’ champion (and then seek board representation). Although they typically focus on underperforming companies, they are more than happy to play the role of instigator and bear costs. Proxy advisors, such as Institutional Shareholder Services, are similarly ready today to advise shareholders to vote against management’s position. Thus, if we arm institutional investors with accurate information from the audit regulator about the auditor’s performance and with recommendations from their proxy advisors, proposals to change the auditor will get a receptive hearing from institutional investors. In a long paper delivered before the Institute of Chartered Accountants in England and Wales at its 2018 annual meeting, I have fleshed out the details of this proposal, but its greatest attraction is deterrence. Actual challenges to auditor selection will be more the exception than the rule, but auditors will quickly learn to market to investors. In contrast, proposals to have the audit regulator select the auditor do not have this effect and ignore that bureaucracies have short attention spans. Their enthusiasm can wax and wane (or the regulator can be ‘captured’). We do not ask regulators to appoint directors; nor should they be asked to appoint auditors. Institutional shareholders in particular have the correct incentives because they need objective, unbiased information. As a general rule, giving more power to those with the best incentives works better over the long-run than just trusting the regulator. Sadly, if all that happens from these scandals is that further restrictions are placed on the receipt of consulting income from audit clients, then these reforms will have done little more than re-arrange the deck chairs on the Titanic. Serious scandals deserve more serious reforms. Winter 2019 | Ethical Boardroom 17

Global News North America Anger as PG&E files for bankruptcy

Woodbridge hit with $1billion penalty A court in Florida has approved judgments against the Woodbridge Group of Companies and its former owner to pay $1billion in penalties for operating a Ponzi scheme that targeted retail investors. In December 2017, the Securities and Exchange Commission (SEC) charged Woodbridge with operating a billion-dollar scheme that defrauded thousands of individual investors, many of whom were elderly.

According to the SEC, Woodbridge owner Robert Shapiro funnelled $21million to himself, which he spent on chartered planes, country-club fees, luxury vehicles and jewellery. Judge Marcia Cooke of the US District Court for the Southern District of Florida ordered Shapiro to pay a $100million fine, plus a further $20.6million in ill-gotten gains and interest, while the company and its 281 related entities agreed to pay $892million.

Olympus reacts to US activist pressure Olympus has said it would propose to give its top shareholder, US hedge fund ValueAct Capital, a seat at its board as part of a management reshuffle aimed at enhancing global governance. San Francisco-based ValueAct took a $600million stake in the medical equipment and camera maker in May 2018, giving it five per cent of the company’s shares. Olympus proposes that Rob Hale, partner at ValueAct, is named a director at its annual shareholders’ meeting in June and it would seek advice from the fund in the selection of two additional board directors. “The governance changes Olympus has announced will better enable the board to support and supervise management in their implementation of Olympus’s strategy to become a global leader in the medical technology Industry,” Hale said.

Diversity growth at Fortune 500 boards Fortune 500 companies with greater than 40 per cent diversity have more than doubled from 69 to 145 since 2012, according to a new report. The largest companies have added women and minorities to their boards at a faster pace over the past two years, reveals the 2018 Board Diversity Census of Women and Minorities on Fortune 500 Boards. Fortune 500 board representation of women and minorities saw an all-time high at 34 per cent (1,929 board seats), compared to 30.8 per cent in 2016 (1,677 board seats). However, Caucasian/white men still hold 66 per cent of all Fortune 500 board seats and 91.1 per cent of chairmanships on those boards.

18 Ethical Boardroom | Winter 2019

Pacific Gas and Electric (PG&E) shareholder BlueMountain Capital Management has criticised the energy company’s board for its ‘reckless and irresponsible’ decision to file for bankruptcy. The Californian utility filed for voluntary Chapter 11 bankruptcy protection in January after facing huge costs as a result of wildfires in Northern California in 2017 and 2018. PG&E listed assets of $71.39billion and liabilities of $51.69billion in a court document filed in the US Bankruptcy Court for the Northern District of California. According to Reuters, investment firm BlueMountain said it would propose a slate of board directors by the end of February and urged all PG&E stakeholders to support change at the company.

Herbalife CEO Goudis resigns Richard Goudis (below) has stepped down as head of Herbalife after the nutritional supplement company discovered he had made comments ‘inconsistent with its culture’. Herbalife said Goudis’s resignation is related to comments he made before serving as CEO ‘that are contrary to the company’s expense-related policies and business practices’ but it denied any issues regarding the company’s financial reporting. Goudis became CEO in 2017 after working as part of the Herbalife management team for 13 years. He served as chief operating officer from 2010 and was previously chief financial officer from 2004 to 2009. Michael O. Johnson, Herbalife’s executive chairman, who led Herbalife as its CEO from 2003 to 2017, will reassume the role of CEO on an interim basis.

www.ethicalboardroom.com

20% SAVE

ON A NEW NACD FULL-BOARD MEMBERSHIP

NEW YEAR NEW RISKS

JOIN BY MARCH 15, 2019

And New Benefits to Help Boards Navigate Them Uncertainty can conceal opportunity as well as risk. The challenge for directors is accurately discerning both potential disruptions and big wins amid all the noise and tumult. That’s why we’ve expanded the benefits of NACD Full-Board Membership to help boards integrate continuing development into their culture and processes. Full-Board members will enjoy special savings on national events, networking opportunities at our national and local events, unlimited access to our comprehensive resource centers, and additional, custom board services that benchmark, evaluate, and improve board performance and efficiency. Elevate your board’s performance and draw upon the full, expanded scope of NACD’s resources with NACD Full-Board Membership.

JOIN NACD. Enroll with your board in NACD Full-Board Membership by March 15, 2019, and save 20 percent on your board’s annual membership fee. With the discount, the annual investment is $7,600 for up to 10 directors and executives. Offer applies to new NACD Full-Board Membership.

Join@NACDonline.org • 571-367-3708 • NACDonline.org/Join

OF DIRECTOR MEMBERS SAY THAT

NACD MEMBERSHIP HAS IMPROVED THEIR BOARDROOM IMPACT. SOURCE: 2018–2019 NACD PUBLIC COMPANY GOVERNANCE SURVEY

North America | Boardrooms

Highlights from the US Spencer Stuart Board Index 2018

Dispatch from the US on shifting S&P 500 boardroom demographics

Change is happening in US boardrooms, with fresh faces making up a third of the incoming class of the S&P 500.

Directors are slowly skewing younger, and women and minorities are making up higher percentages of the newest class of directors. The business environment is shifting, the pace of disruption speeding up and S&P 500 boards are gradually reshaping themselves to align with the times. But change is incremental in the overall complexion of US boards, partly because the rate of director turnover is chronically low. Every year, Spencer Stuart releases its US Spencer Stuart Board Index, detailing and highlighting the board governance practices of S&P 500 companies. The 2018 index illustrates how leading US companies are responding to rapidly changing business challenges and the increased attention that 20 Ethical Boardroom | Winter 2019

Julie Daum

Leader, North American Board Practice at Spencer Stuart stakeholders and investors pay to the composition, diversity and quality of the boardroom. In the 2018 proxy year, S&P 500 boards appointed 428 new directors – the highest number since 2004 and an eight per cent increase from 2017. More than half of boards added at least one new director. Here are some of the highlights from the 2018 US Spencer Stuart Board Index.

Boards are increasingly adding directors with backgrounds in areas of emerging importance There’s rich value in new perspectives and experience in the boardroom. Recognising this, boards are adding directors with backgrounds in areas such as tech, digital and consumer marketing. In addition to our

analysis of board composition and practices, we surveyed 177 nominating/governance committee members to gain insight into the trends and priorities for S&P 500 boards. Nearly half (48 per cent) said a top priority for their boards is recruiting directors with technology experience. Boards are likely to look for this experience among next-generation directors (those under 50). Technology experience (32 per cent), digital experience (21 per cent) and social media experience (eight per cent) emerged as the most highly-prized backgrounds for boards looking for next-generation directors. Boards are looking deeper, further and wider to identify optimal talent: ■ 65 per cent of the 2018 incoming class comes from outside the most senior board and company leadership roles ■ 17 per cent of the new directors are 50 or younger (up a percentage point from 2017) www.ethicalboardroom.com

Boardrooms | North America BOARD COMPOSITION AS A STRATEGIC ASSET The best companies are adding directors with different perspectives

Financial talent remains a priority

Financial experience is still an important marker for board member quality. More than a quarter of incoming directors are financial experts – a 44 per cent increase in the last decade – and 11 per cent are experienced CFOs or financial executives. Directors with investment management backgrounds make up another 10 per cent of the 2018 class of new directors, compared with just four per cent a decade ago. Finance leaders also have become a force in board leadership. Together, investors, finance executives and bankers/investment bankers represent 34 per cent of independent chairs of S&P 500 company boards. And active and retired execs with financial backgrounds chair 55 per cent of audit committees, 24 per cent of compensation committees and 23 per cent of nominating/governance committees. It’s fair to say that financial experience will continue to be a strong priority for S&P 500 boards even as other areas of experience and expertise come into focus.

Experience as a CEO or member of a public company board is no longer critical

Less critical for boards recruiting new directors is experience as a CEO or previous board service. First-time directors represent 33 per cent of the incoming class of S&P 500 directors, and they’re less likely to be at CEO level. In fact, only 35.5 per cent of new directors are active or retired CEOs, chairs, vice chairs, presidents and COOs – a slight decline from 36 per cent last year and way down from 47 per cent a decade ago. On the

There’s rich value in new perspectives and experience in the boardroom. Recognising this, boards are adding directors with backgrounds in areas such as tech, digital and consumer marketing

■ 13 per cent of new independent directors were born outside the US (up from eight per cent in 2017) ■ 33 per cent of new directors are serving on their fi rst public company boards, and 64 per cent of these fi rst-time directors are actively employed (versus 53 per cent of new directors with previous board experience)

Nearly 20 per cent of new directors have backgrounds in tech or telecommunications. In particular, the incoming class of female board members is more likely than their male counterparts to have a background in tech, telecommunications and the consumer sectors – and less likely to have backgrounds in private equity or investment management. Still, S&P 500 boards are looking for leadership that balances technical expertise with a broad business background. www.ethicalboardroom.com

other hand, they’re more likely to have other executive experiences, such as line or functional leadership experience.

Progress on the diversity front is mixed

Diversity is top of mind for most companies today. This is reflected in slowly shifting board demographics. In our survey of nominating/governance committee members, women emerged as the top recruiting priority by far (cited by 62 per cent of respondents). As a result, the demographics are more diverse than ever before: ■ For the second consecutive year, women and minorities represent half of the class of new S&P 500 directors

■ 40 per cent of incoming directors are women – this is the highest number ever (last year was 36 per cent) ■ Women now represent 24 per cent of all directors, also a new record ■ 60 per cent of fi rst-time directors are women or minorities ■ Most of the top 200 company boards have at least one minority director Women are assuming more board leadership roles: they’re chairing 20 per cent of audit committees, 19 per cent of compensation committees and 24 per cent of nominating/governance committees. At this point, only three S&P 500 companies have no women directors, while 87 per cent have two or more – up from 56 per cent a decade ago. That’s progress on the gender diversity front. But viewed through another lens, progress is mixed. While there’s a commitment to offering more director positions to women, it’s not necessarily happening at the expense of placing men in director roles. Instead, more than half of the new female directors were added to boards that expanded in size in the last year. And, while 19 per cent of new directors are minority executives, progress for minority men is slower: 10 per cent of the incoming class (down from 14 per cent last year). Slower turnover in director positions contributes to sluggish transformation. Only eight per cent of S&P 500 directors joined a board in the last year. So, although the number of new female directors is at a record high, women still make up less than a quarter of all directors, an incremental increase from the 22 per cent in 2017.

Slow board turnover is still the status quo

The primary reason that demographics are slow to shift on S&P 500 boards is that most boards still rely on mandatory retirement policies for turnover. Nearly three-quarters of boards publicly disclose a mandatory retirement age for directors and that age continues to climb. Today, 43.5 per cent of boards with mandatory retirement policies set the age at 75 or older – a steady increase over the last decade. Only five per cent of boards set tenure limitations. As a result, last year, only 406 independent directors left S&P 500 boards. Of those who left, 53 per cent were either at or within three years of mandatory retirement age. They were replaced by 428 new directors – a result of the increase in board seats. Unless there are changes in boardroom trends and refreshment practices, turnover rates will continue to be low, forcing a slow trajectory toward demographic change. Only 16 per cent of independent directors on boards with age caps are within three years of mandatory retirement – and as those retirement caps continue to rise, we expect demographic shifts to continue to be subtle. Winter 2019 | Ethical Boardroom 21

Board Leadership | 2018 Round-Up

Impactful corporate governance events of 2018

At first blush, the governing of corporations may seem well-established, time-honoured, even static. The truth is, it’s anything but. Corporate governance is evolving and ever-changing and this should be considered a positive.

Best practices of corporate governance for boards of directors are impacted by the business environment and evolution, legislation, global trends, economics and more. As in other years, 2018 saw many corporate governance events and ensuing changes. Hopefully, some lessons were learned as well. A handful of the most important are discussed here.

Quotas come to America

It is common knowledge that boards of directors have historically been mostly male. Additionally, the value of diversity in the boardroom has in recent years been acknowledged and validated. In response to this increasing awareness, in 2008 Norway was the fi rst country to impose legislation to increase the number of women in the boardroom. Since then, many countries have followed suit. For example, France, Germany, Iceland and Italy have legal quotas that dictate the percentage of women that are required on public company boards. Other countries have adopted soft laws on this issue. These comply-or-explain provisions impart guidance on gender

22 Ethical Boardroom | Winter 2019

A change in landscape and the important lessons learned Patricia Lenkov

Senior Managing Director with Teneo’s Talent Advisory team diversity objectives for the boardroom without legal or financial consequences for non-compliance. For example, the UK has a government-backed target of 25 per cent women on boards as a result of the 2011 Davies Review. Th is applies to the FTSE 100 and is non-binding, although Harvard Law School’s Gender Parity on Boards Around the World, 2017 reported that all FTSE100 targets companies have exceeded the target. As in many other countries, United States business leaders, board directors, academics and legislators have debated the merits of quotas to improve female representation on boards. Unlike many countries, however, in the US this debate is laden with the country’s history of affi rmative action policies and their vast implications on education and employment. It was generally assumed that gender diversity quotas were not the ‘American way’ and, rather, change would come about more organically. Nevertheless, in September 2018 the Governor of California signed a bill into law that requires any corporation with its principal executive office in California to have at

least one female board director by the end of 2019 and several female directors (exact number depends on the size of the board) by the end of 2021. This news was met with all sorts of reactions, from optimism to incredulousness, but they were all impassioned. There has been talk of lawsuits, the unconstitutionality of the law and corporate relocations out of California. The debate will certainly continue well into 2019 and the success of the initiative remains to be seen. What will also be interesting to see is whether other states follow suit.

2 Activist investors

According to Lazard Ltd’s Review of Shareholder Activism, 2018 was a ‘record-breaking year for activism’1. Shareholder activists targeted 226 companies in 2018 and $65billion of capital was deployed. Fifty-eight European campaigns and 30 APAC campaigns in 2018 reached record highs. These numbers are expected to continue to grow. In terms of corporate governance, it is important to note that 161 board seats were won in 2018 and this number is up an astounding 56 per cent from 2017 and still 11 per cent higher than the previous record of 145 seats in 2016. Since 2014, there have been 447 board seats gained by activist nominees at Europe-based companies2. According to the previously mentioned Lazard report, in the global realm, ‘national champions, iconic family owned companies and regulated industries featured prominently among targeted companies.’

www.ethicalboardroom.com

2018 Round-Up | Board Leadership Skadden recently noted that in 2018, 26 per cent of European activist targets were in the financial sector and 21 per cent in services (Activist Investing in Europe 2018). No company is impervious to activists and, as such, the best defence is a good offence. Boards of directors should be advised to assume the inevitability of an activist invested in their stock and prepare accordingly. In the not-too-distant past this meant the proverbial ‘circling of the wagons’ and keeping the activist at bay at all costs. The newer and usually wiser approach is to listen. Boards and C-suite executives should develop a strategy and techniques by which to appropriately and comfortably engage. It is important to remember that not all activists are created equal and not all of what they believe is correct. However, activists invest in their targets after much research, deliberation and over time. Defiance only postpones the inevitable and can be a costly strategy.

investors 3 Institutional speak up

In January of 2018, in his annual letter to chief executives of BlackRock’s portfolio companies, Larry Fink, its CEO, stated the following: “The time has come for a new model of shareholder engagement – one that strengthens and deepens communication between shareholders and the companies that they own.” In this same letter, he implores directors to be involved in developing the long-term strategy of the companies on whose boards they serve and states that BlackRock is continuing to grow its investment stewardship function. The ‘Fearless Girl’ statue sponsored by State Street Global Advisors moved locations at the end of 2018 and now

stands permanently in front of the New York Stock Exchange. This instantaneously iconic symbol was created to celebrate International Women’s Day but has come to stand as an emblem for gender diversity. This is something State Street has long called for.

It is important to remember that not all activists are created equal and not all of what they believe is correct. However, activists invest in their targets after much research, deliberation and over time The world’s third-largest asset manager is updating its proxy guidelines so that it ‘will vote against the entire slate of board members on the nominating committee of any company not meeting its gender diversity

criteria. The guidelines will first apply only to companies in the US, UK and Australia, and then will expand to include Japan, Canada and continental Europe in 2021’.3 2018 also saw the launch of the ‘Boardroom Accountability Project 2.0’ by New York City Comptroller Scott M. Stringer and the New York City Pension Funds. Th is is a campaign that puts pressure on companies to improve the quality of their boards. There is a heavy emphasis on proxy access so that long-term investors can nominate directors to corporate boards. These are but three examples of institutional investors becoming increasingly active and pushing companies to adapt and evolve. Ultimately, the objective is improved returns for shareholders but the level of engagement and prescription as to how this happens has been increasing dramatically. Since the establishment of corporations, governance has operated such that directors are, in fact, agents and their role is to oversee the interests of owners (aka shareholders).

LOOKING BACK ON THE LAST 12 MONTHS Lessons can be learned from corporate events of 2018 www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 23

Board Leadership | 2018 Round-Up Th is distinction is blurring with previously passive investors becoming more engaged. According to Harvard Law School Forum on Corporate Governance and Financial Regulation (March 1, 2018): “Investors today want to ensure we have the right directors in the boardroom, with the necessary mix of relevant and diverse skills, experience, attributes and perspectives to provide strong and effective oversight.”

and 4 #MeToo the boardroom

It is not an exaggeration to say that the #MeToo and #TimesUp movements are watershed moments for social interaction. The definition of socially acceptable behaviour is being revised and most say this is long overdue. As with any major transformation, much remains uncertain and there are infinite

questions. It falls upon leaders both within the company as well as in the boardroom to set the course for the new reality. Corporate boards must contend with the risks associated with sexual harassment and other misconduct. Risk can be financial, reputational and organisational. Incidentally, as with most deliberations, diverse boards will benefit from a variety of perspectives and insights. As with activist investors, the best defence is a good offence and boards need to be talking about these matters, whether they have previously experienced them or not. Senior leadership as well as the legal and HR functions should be involved in the discussion to provide expertise, insights and guidance. Boards must be prepared to make quick decisions and provide solid direction should improper behaviour be discovered. According to Time Magazine (25 June 2018) ‘at least 414 high-profi le executives and 24 Ethical Boardroom | Winter 2019

prefer to invest in alignment with personal values. Importantly, Millennials are also poised to receive more than $30trillion of inheritable wealth. So, call it a sign of the times, or a reaction to the recession of 2008, but environmental, social and governance issues must be on the agenda in the boardroom. Your company’s impact on and policies about such items as the environment, resource depletion, hiring and working practices and board diversity are important considerations, not only for investors, but also for customers, partners, employees and even potential recruits. Calvert Research and Management, a global leader in responsible investing, ESG investing believes that these strategies will gain goes mainstream increasing market shares for decades to Socially responsible investing, which come. Indeed, according to a Morgan Stanley incorporates environmental, social and study (Sustainable Signals; The Individual governance factors into investment decisions, Investor Perspective, 1 June 2016), Millennial investors are nearly twice as likely to MOVING FORWARD invest in companies or funds that target More companies are specific social or environmental outcomes. focussing on how Additionally, 29 per cent of investors in their they impact 20s and 30s seek a financial advisor that environmental and societal issues provides values-based investing. Even activist investors are focussed on ESG. Trian, the New York-based investment fi rm, has an ESG page on its website and believes that ‘the consideration of ESG factors enhances its overall investment process’. Jana Partners, another activist investor, announced last year a new fund called Jana Impact Socially Capital to invest in companies responsible that ‘are good bets but could investing, which do better for the world’. Sting is on the board of advisors. incorporates Astute investors realise that environmental, consideration of ESG factors enhances the investment social and processes (and it can’t hurt governance to do good for society and the environment). factors into has been gathering momentum investment since the financial crisis in As we know, the ability to 2008. According to the Report adapt to never-ending change decisions, has on US Sustainable, Responsible of success. been gathering isThae hallmark and Impact Investing Trends, ability to get out ahead momentum as of 2016, there is about of and plan for these changes $8.72trillion in sustainable can mean the difference since the and impact investing between being the industry financial crisis leader and everyone else. strategies, representing one out of every five dollars being The role of board director is in 2008 professionally managed. This increasingly challenging and the number is believed to be more than rate of change is extreme. Legacy thinking $21trillion worldwide. and tradition must be complimented with In Europe, in mid-2018, the European flexibility and open-mindedness. The best Commission outlined a proposal for boards and, ultimately, most successful regulation to introduce consistency and companies will find a way to balance these clarity on how institutional investors challenges. Wasn’t it the ancient Greek – including pension funds and insurance philosopher Heraclitus who said: “There companies – should integrate ESG in is nothing permanent except change”? investment decision-making processes4. 1 Lazard.com 2Skadden.com 3Institutional Investor, According to EY (Sustainable Investing: October 27, 2018 4Pensions & Investments, 24 May 2018 The Millennial Investor, 2017), Millennials employees across fields and industries have been outed by the #MeToo Movement in 18 months’. An interesting side effect of these discoveries and their ensuing employee dismissals is the ever greater need for succession planning. Succession planning has always been essential, but it has also always been somewhat undervalued. The pervasiveness of sexual misconduct is yet another reason for boards to plan for succession. Public disclosure of claims, lawsuits and settlements will negatively impact a company and having a solution and solid replacement will go a long way to mitigate the negative impact.

www.ethicalboardroom.com

connection noun \ kə ∙`nek · shən\

“That moment I realized I was now part of a network that would truly empower me.”

Define your Wharton moment. Your success is built upon the connections you make. Through the Comprehensive Executive Programs at Wharton Executive Education, you will become part of a powerful network that will propel you forward. You will sharpen your business acumen and increase your leadership capacity. And you will emerge empowered to effect immediate change within your organization—and throughout your career.

comprehensive executive programs: Executive Development Program sep. 15–27, 2019 • nov. 10–22 , 2019

Advanced Management Program may 26–jun. 28, 2019 • sep. 29–nov. 1, 2019 Alumni status granted upon program completion

General Management Program a flexible six-program learning journey Alumni status granted upon program completion

transform into your best version:

execed.wharton.upenn.edu/ network

NEW

Advanced Finance Program

six finance programs in two years Alumni status granted upon program completion

Board Leadership | Diversity & Inclusion

Leading by example The case for diversity in corporate leadership has never been stronger and steady advances towards diverse representation are becoming increasingly noticeable.

However, the pace of such progress lags too far behind the challenges that businesses and society face – a clear indicator that there remains much to be done. “In a world that is changing at a faster rate than ever before, a variety of sensors are essential to enable businesses to effectively interpret different signals, both mitigating risk and seizing opportunity.” FTSE 100, CEO

The critical role chairs and CEOs play in driving diversity and inclusion David Mills

Managing Director and Global Sectors Lead, Russell Reynolds In most countries, women occupy fewer than 20 per cent of executive roles; and ethnic minorities, even fewer. Boards fare marginally better. Increasingly clear is that simply hiring diverse employees is not enough to create business value. To fully capitalise on the opportunities that diversity presents, leaders must work to create an inclusive culture that allows employees at every level to contribute their unique perspectives and maximise their potential. “We live in a world of exponential change, so it is absolutely critical

that organisations have diverse points of view. And yet, despite the speed at which the world is moving, progress toward gender parity is incredibly slow.” FTSE 100 executive director Research by Russell Reynolds Associates reveals that an organisation’s most senior leaders – CEOs, chairs and board members – play pivotal roles in creating inclusive cultures, irrespective of their own diversity. In our inaugural Diversity and Inclusion (D&I) Pulse Survey, we polled more than 2,100 executives on their employer’s diversity and inclusion efforts and individual perceptions and experiences within the workplace. One of the most striking findings was that when senior leadership (namely, the board and executive committee) champions D&I, key human capital outcomes improve. Th is conclusion was matched by the 57 interviews with senior leaders in 18 countries across the world, who consistently emphasised the role that the chair and CEO can play in driving D&I. Yet, how chairs and CEOs deliver tangible results is often less clear. From our research, we drew three sets of key lessons about how

WORKING TOGETHER To create an inclusive environment, you need to encourage participation from all team members 26 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

Diversity & Inclusion | Board Leadership candidates for the top roles through regular discussions and encouragement of career advancement plans for promising candidates

THE THREE SETS OF KEY LESSONS

A partnership between the chair and CEO is essential Change starts with the chair

A partnership between the chair and CEO is essential

board chairs and CEOs can help foster profound change in creating inclusive cultures and driving diversity (See The Three Sets of Key Lessons graphic, above).

Change starts with the chair

Every member of a board can affect D&I efforts. Generally, however, board chairs have the most direct opportunities, given their responsibility for managing board composition, running meetings and setting the board agenda. When the chair uses these functions to create an inclusive board environment, it becomes a model for the CEO and the rest of the organisation to follow. The obvious – and often uncomfortable – starting point is to take stock of how visibly diverse a board is. One of the themes we consistently heard from board members was how difficult it is to credibly defend a commitment to diversity when the board itself is homogeneous. For better or worse, the composition of the board sends a strong signal about what the company values. To be effective, the group must attain a critical mass of diverse viewpoints rather than simply including a symbolic woman or other minority representative.

The CEO delivers results

create an environment in which everyone can meaning fully participate in the conversation.” FTSE 100 chair To create an inclusive boardroom, an effective chair needs to be aware that language can unintentionally… ■■ Remove all possible bias via training or practices/processes ■■ Are careful of the way language can unintentionally reinforce minority status; e.g. referring to female board members as ‘the ladies’ ■■ Regulate the environment carefully, with zero tolerance for those who create hostile board environments ■■ Seize opportunities for feedback from board members through consistent evaluations and assessments that help uncover unhealthy behaviour ■■ Facilitate open debate in a safe environment, particularly on ‘uncomfortable’ topics “Every board needs diverse non-executives who think differently and are prepared to challenge. The important thing is creating a culture where that works constructively.” FTSE 100, chair

To build diverse boards you need to: ■■ Be willing to take a chance on board candidates with non-traditional backgrounds, including those with no previous board experience. Make a commitment to mentoring and developing new non-executive directors when they join the board ■■ Create alliances with outside groups that draw a diverse membership ■■ Consider innovative measures; e.g. a shadow board internship to offer high-potential talent early boardroom exposure

The chair and board can have a direct impact on the success of D&I within the organisation by setting the tone that this is a topic prioritised by the board. While tone is hard to abstract, it is a powerful tool that can serve a crucial role in advancing D&I practices within the organisation. It is through the behaviours and priorities that the board chooses that directors have an ability to create and enact change. “If the diversity and inclusion topic is not on the chair’s agenda, then it is not a surprise when the organisation fails to deliver.” FTSE 100 deputy chairman

Just hitting certain numbers isn’t enough. To maximise the value of a diverse boardroom, a chair must also create an environment that encourages participation from all members. “Chairs who are able to truly get the best out of all the voices in the room tend to be genuinely curious about different points of view and experiences. They identify which voices are not being heard and actively

The chair and board can affect the success of D&I within the organisation by: ■■ Keeping D&I on the board agenda and advocating broader communication ■■ Asking the right questions that prompt executives to find practical solutions ■■ Probing the data, going deep into different functions, geographies and levels ■■ Ensuring a pipeline of succession

www.ethicalboardroom.com

The chair and CEO should embed D&I into the organisation’s strategy. This will empower the business to prioritise the topic in day-to-day operations. “This partnership can make a real difference in terms of progress, as it shows the rest of the organisation that diversity is something both the chair and CEO prioritise.” FTSE 100 CEO “The chair and CEO need to drive these initiatives actively, not passively. This means D&I must be written into the organisation’s strategy. If diversity and inclusion are not in your mission statement, it already shows that the chair and CEO do not truly understand the importance.” FTSE 100 executive director Articulating the ‘why’ for diversity needs to be multifaceted, clearly expressed and tailored to the business. While the business case for D&I is powerful, it is the combination of the economic case and committed leadership that changes behaviour. The chair and CEO need to articulate this message authentically and personally, explaining not only the importance of the general D&I agenda but also its unique importance to their business. The chair and the CEO must make a shared commitment to role-model the behaviours they want the organisation to adopt – namely, purposeful, authentic and inclusive leadership. If senior leaders are simply checking boxes to comply with external pressures, the company remains unlikely to achieve inclusivity and harness the benefits that diversity presents. The board members and executives we spoke with described chairs and CEOs who successfully create inclusive environments as being uniquely dedicated to eliciting well-rounded dialogues. They are careful in their division of airtime throughout meetings and go further to hear from quieter group members. Leaders must model inclusive behaviours.

The CEO delivers results

Though the chair and CEO partner on tone-setting, it is the latter who ultimately delivers tangible results via building a diverse organisation, creating an inclusive ‘open to all’ culture and consistently reinforcing the strategic imperative of this topic. Accordingly, many CEOs are required to cultivate broader transformations that bring culture change (see the graphic overleaf). Winter 2019 | Ethical Boardroom 27

Board Leadership | Diversity & Inclusion What gets measured gets done While some organisations have shied away from counting employees according to their demographic category, respondents in our survey suggested that gathering data on the positions held by diverse talent can offer insight that assists the diversification of teams. It may be possible to investigate the underlying causes, thus enabling targets for improvement.

■ Making the numbers visible to The organisation should see the stats so that they are collectively held accountable Inclusive policies and structures Policies and structures that help to create inclusive working environments, such as mentoring and sponsorship, are critical to success. Naturally, it remains essential to understand what programmes will be most meaningful and effective within a particular organisation. Without such an understanding, policies designed to enhance inclusion may inadvertently segregate certain groups. For example, counterproductivity can be observed when ﬂexible working arrangements are aimed solely at women. “We must make sure that in the drive for greater inclusion in the workplace, we don’t disengage other groups.” Fortune 500 executive director, Asia

CEOs can take a data-driven approach to their D&I strategy by: ■ Going deep into the numbers Although top-level data may suggest positive results, it does not necessarily mean that every area of the business is diverse. By delving into the data, the CEO may identify more specific issues and action a targeted approach ■ Setting achievable and customised targets across regions In global organisations, the diversity within How CEOs can create structures and different geographies may vary, policies that help drive inclusive cultures based on local cultural and historical ■ Develop personalised mentoring nuances. CEOs must set achievable and coaching programmes market-specific diversity targets ■ Support sponsorship programmes to ■ Setting KPIs for senior leaders Within connect high-potential talent with senior this agenda, KPIs help to hold leadership executives. In such programmes, sponsors accountable for making progress publicly endorse next-generation ■ Applying targets within the executives, highlighting their successes recruitment and promotion processes and granting stretch opportunities But this should not skew the hiring ■ Empower diverse talent to talk openly decision. Targets should not compromise about their experiences and to help others the need to hire the best person for understand how to become more inclusive. the job but should ensure that Create forums where employees can diverse candidates are wellbe open about the language or Create an represented within the process environment in which others can safely voice different opinions

Create collaborative opportunities and leverage different perspectives

1 Emphasise D&I as part of business strategy

Hold themselves and others accountable for meeting D&I goals

Make D&I an organisation-level, rather than HR-level, priority

Source: Russell Reynolds Associates Diversity and Inclusion Pulse 2018

Set and communicate D&I goals

4 7 6

Recognise and reward inclusive leaders

28 Ethical Boardroom | Winter 2019

Make a visible commitment to D&I

Communicate the Importance of D&I to the organisation

PARTNERSHIPS ARE ESSENTIAL The chair and CEO must make a shared commitment to rolemodel the behaviours and inclusive leadership

situations that make them uncomfortable, with an understanding that people often get language wrong or cause offense unintentionally. If people can talk freely about such topics, they are more likely to find common ground ■ Encourage diverse talent to speak with their managers about the specific barriers they are facing in their careers and put action plans into place for overcoming these barriers

Diversity is vital for the future-prooﬁng of businesses, creating organisational resilience to effectively mitigate risks and allows for capitalising upon opportunities It’s important to coach and mentor inclusive leaders, with the recognition that diverse teams require different management skills and leadership styles than homogeneous ones do. Increasingly, leaders are recognising that a bumpy transition period is an inherent part of moving towards diversity. Consequently, many leaders can benefit from coaching and mentoring. “Diverse teams are not easy to lead because you have a lot of different kinds of voices and a lot of different kinds of viewpoints and so it takes time” DAX 30 NED As the ultimate role model for inclusive leadership within an organisation, a CEO must not only learn how to manage this effectively but also be proactive in advocating that other leaders follow suit. CEOs and executives should expect some challenges as they embark on new D&I initiatives and look for new leadership strategies to work through them. Creating an inclusive work environment and realising the full potential of a diverse workforce often runs a particularly laborious journey. While some organisations have made significant progress, there remains a need for acceleration of efforts and absolutely zero time for taking one’s foot off the gas. For all the challenges associated with corporate D&I efforts, the accrued benefits of successfully cultivated practices far outweigh the potential foreseen costs. Diversity is vital for the future-proofing of businesses, creating organisational resilience to effectively mitigate risks and allows for capitalising upon opportunities. As we look forward to the next generation of senior leaders, an ability to create a culture and environment that promotes the actualisation of all forms of diversity is likely to serve as a unique and paramount differentiator of success. www.ethicalboardroom.com

Global skilled talent shortages are predicted to hit

85.2

million workers by 2030, resulting in a potential

$8.5 trillion of unrealised revenue.

MIND THE TALENT SHIFT

The countdown to skilled talent shortages has begun. Left unaddressed, this is a crisis that will blow up, not blow over. What will you do to ensure your organisation thrives despite the talent crunch? Get insights from 1,550 global business leaders at futureofwork.kornferry.com

Board Leadership | Reputation

FROM ROCK STAR TO ROCK BOTTOM How your CEO’s reputation can impact your company’s bottom line James Lawn

Co-CEO of Polecat Intelligence

On 7 August this year, Tesla chairman and CEO, Elon Musk, sent out a tweet of just nine words on his phone, suggesting a plan to take his company off the stock market at $420 a share.

future. Asked about it several weeks later on Twitter, the multi-billionaire entrepreneur simply replied ‘worth it’. (See Figure 1, Tesla Compliance Risk Discussion, opposite). While Musk may have proven himself to be a maverick and sporadic liability, it is difficult to imagine Tesla having succeeded in the way it has without his stewardship. Musk has always been heavily involved

with the conversation around his company, generally helping shape it to fit its needs. The world’s most famous CEOs have all had a key role in managing conversations and embodying the company’s messaging and this can be a double-edged sword. Th is instant access creates winners and losers – with CEOs consistently under the microscope, if your CEO doesn’t have a strong personal brand then you will be racking up opportunity costs. Traditional duties of PR focussed on dissemination of corporate news and press releases, damage

While Musk may have sent out this tweet as a kind of joke, the US Securities and Exchange Commission (SEC) didn’t see it that way and Musk and Tesla were put under federal investigation. Musk and the company later agreed to pay $20million each to fi nancial regulators and Musk was to step down as chairman of Tesla but could remain CEO. Under the settlement, Musk must also comply with the company’s communications procedures when tweeting about the fi rm in

HERO TO ZERO CEOs neglecting their reputation online can deﬁne a company’s public perception 30 Ethical Boardroom | Winter 2019

ardroom.com

Reputation | Board Leadership

www.ethicalboardroom.com

Social media is today’s key medium that can make or break CEO reputations, so it’s surprising that 61 per cent of Fortune 500 CEOs still have no social media presence at all Without an individual to give a face to the decision, official company responses are more likely to be received as a manufactured reply from some corporate PR team. Marks & Spencer’s CEO, Steve Rowe, doesn’t have a social media profile and his messages are communicated second hand through the corporate profile. You have to ask how this could have been handled if someone with Rowe’s influence had sent out a few well-timed and thought-out responses, reflecting the company’s messaging?

The fallout from a scandal involving your CEO has the potential to impact your closest partners, too, jeopardising future relationships. Nissan went through this recently when its Chairman, Carlos Ghosn, came under investigation for misleading investors on the size of his salary and misusing company assets for personal gain. Following the incident, according to data from Polecat Intelligence, 20 per cent of all social media postings related to Nissan were related to Ghosn’s soon-to-be firing as chair. Ghosn was the glue holding together one of the most significant business alliances between Nissan and Renault, and now that relationship is in jeopardy. The alliance had helped reshape the industry, manufacturing new product segments and promoting electric cars well beyond their peers. This reliance on Ghosn granted him the role of fixer in business disputes but has now left both companies scrambling for a worthy replacement.

FIGURE 1: TESLA COMPLIANCE RISK DISCUSSION

# POSTINGS

3500 –––– # Compliance risk postings ––– Adjusted close price 3000

Source: Polecat Intelligence

400.00 380.00 360.00

2500

340.00

2000

320.00 300.00

1500

280.00 260.00

1000

240.00

500

STOCK PRICE (USD)

220.00

0 9 Apr 14 Apr 19 Apr 24 Apr 29 Apr 4 May 9 May 14 May 19 May 24 May 29 May 3 Jun 8 Jun 13 Jun 18 Jun 23 Jun 28 Jun 3 Jul 8 Jul 13 Jul 18 Jul 23 Jul 28 Jul 2 Aug 7 Aug 12 Aug 17 Aug 22 Aug 27 Aug 1 Sep 6 Sep 11 Sep 16 Sep 21 Sep 26 Sep 1 Oct 6 Oct

200.00

Tesla drew an average of 54 postings per day from April to July. During that period, Tesla’s stock rose 31 per cent peaking at $380 on 7 August. From the remainder of August to October, conversation spiked at an avergae of more than 400 postings per day off the back of the decisions and behaviours of Tesla CEO Elon Musk. Tesla stock dropped 32 per cent, from its earlier peak, wiping out $18 billion of market capitalisation.

FIGURE 2: REPUTATION DRIVERS FOR M&S 5k 4.5k DOCUMENT COUNT

control and interfaces with the media. With the advent of democratised digital content and social networks, information is communicated in real time. CEOs neglecting their own public reputation, risk others dictating their narrative as anyone with a social media account or blog can make statements about them, regardless of fact. Of course, there will always be the internet trolls, but there should be an active effort by CEOs and their PR teams to crowd out this coverage with a strong and trusted online presence. Google search results are seldom removed and taking down Twitter posts can take days, so CEOs can’t afford to wait until a crisis to develop a positive online reputation. Social media is today’s key medium that can make or break CEO reputations, so it’s surprising that 61 per cent of Fortune 500 CEOs still have no social media presence at all. Granted, examples such as Musk show how much quicker it can be to cause significant damage to a company’s reputation than build it, but there are myriad examples to fit any CEO’s style. Amazon’s Jeff Bezos, one of the most recognisable CEOs, used his considerable public presence to become the spokesperson for the company’s wage hike of up to $15 per hour for its warehouse staff. This gave his audience a face to attach to the new policy as well as offering a level of accountability. Bezos even managed to secure an endorsement from Bernie Sanders over Twitter, a move which was unlikely to happen if the decision was pushed through Amazon’s corporate social account. The decision did come under some scrutiny across social media for being just another business ploy, with some employees using the news to platform concerns about cuts to bonuses and stock handouts. However, Bezos bore the brunt of the criticism and helped prevent a PR backfire as people tend to hold back on their judgements if there’s a person at the other end of their posts rather than a faceless business. Contrast this with Marks & Spencer, which recently went through a PR backlash against its ‘sexist’ Christmas window display in Nottingham with some going as far as to describe it as ‘vomit-inducing’. The display shows Marks and Spencer’s line of women’s ‘fancy little knickers’ next to a display for men’s suits sparking off criticism of sexist stereotypes on social media. The national papers picked up on the story and conversations around Marks and Spencer’s following the news were dominated by negative reactions (see Figure 2, right). The company issued a statement defending its decision, stating that it features a ‘variety of must-have Christmas moments’ but the reputational damage was done.

Impact: Low ■ ■ ■ ■ ■ High

Impact:

2631

3.5k 3k 2.5k 2k 1.5k 500 0

Impact: Impact:

779

Environment

Impact:

437

654

Social impact

Innovation

Impact:

664

Impact:

374

Business Business compliance continuity

Culture

Among the six core reputation drivers for M&S, a high volume of conversation is focussed mainly on culture (document count), as diversity issues and concerns gather pace and highlight risk to the company, relative to other reputation indicators that drive the company’s performance (reputation impact score). Winter 2019 | Ethical Boardroom 31

Board Leadership | Reputation Nissan and Renault’s example of placing all your reputational eggs in one basket shows how companies should do more to monitor their company performance around reputational risk (See Figure 3). T-Mobile CEO, John Legere, represents one end of the scale of a CEO living out their life on social media and positively influencing external company perceptions. He has almost six million Twitter followers and has previously stated that he probably spends six to seven hours a day on social media. Legere uses his immense platform to communicate his rock’n’roll lifestyle to his millions of fans while posting PR messages about T-Mobile. Legere, like the growing business of influencer marketing, has found the perfect balance for attracting people to the company’s message with an intimate look into his life without feeling like he’s only trying to sell you something. Legere understands the personal power of using social media as this year he got himself involved in a love story with a videographer who was using her Twitter to live tweet a romantic encounter near her on an airplane. As this story began to go viral, it was hindered by the videographer’s Wi-Fi running out and her having to buy more. In stepped Legere, who picked up the story on his Twitter offering free Wi-Fi to the videographer to carry on the developing story. This small act from the CEO earned him wide and endearing support with some

Twitter followers going so far as to say that Isla has stated that he wants Inditex they were now planning to switch their to be a low-profile company, but his humble entire families to T-Mobile’s network. leadership style is complemented by his While not every CEO or company will insistence on focussing PR on what the be able to communicate this effectively to consumer is looking for and places the their intended audience, it underscores the spotlight on the front-line employees who opportunities of social media and instant are trusted to determine their product communication. The larger selections. He’s earned the the organisation, the more loyalty and respect of Inditex’s CEOs don’t likely intended audiences are consumers and employees, need to be a to perceive them as corporate setting the stage for the faceless behemoths out for company’s immense growth household name their money. and turning it into Spain’s or have an This is something many most valuable company. politicians picked up on Social media and the extraordinary years ago. The sitting US democratisation of digital personality to president cottoned onto content have redefined the social media’s power of the significance of Marshall have a positive personal long before he McLuhan’s soundbite that effect on their announced his campaign the medium is the message. company’s for the White House. Most The technology we use importantly, the President comes to define us and CEOs reputation and Legere figured out that can’t afford to allow others to in order for it to be effective, define them. Chief executives, their communications had to come from the from the smallest start-ups to the biggest horse’s mouth or would risk being taken for multinationals, must understand and a manufactured appeal for popularity. become part of the conversation or risk CEOs don’t need to be a household name or their company’s reputation. There is no have an extraordinary personality to have a set path to effective CEO communications positive effect on their company’s reputation. but it should play to the strengths of the Harvard Business Review’s CEO of the year, individual, such as Legere’s outlandish Pablo Isla of Inditex (Zara’s parent company), personality or Isla’s humility. If you can evades the spotlight where he can, famously find the perfect PR formula, you could be avoiding his own store openings. on your way to the next superstar CEO.

SOCIAL MEDIA POSTINGS IMPACT

FIGURE 3: REPUTATION IMPACT OF GHOSN FALLOUT 4.4k 4.2k 4k 3.8k 3.6k 3.4k 3.2k 3k 2,8k 2.6k 2.4k 2.2k 2k 1.8k 1.6k 1.4k 1.2k 1k 800 600 400 200 0

■ Nissan Motor ■ Renault ■ Mitsubishi Motors

Nissan’s Ghosn arrested for alleged financial misconduct Automaker prepares to sack car boss, claiming misuse of funds

Source: Polecat Intelligence

Fractured Nissan board gathers for high-stakes clash over Carlos Ghosn

Nov 11

Tue 13

Thu 15

Sat 17

Mon 19

Wed 21

Fri 23

Nov 25

Tue 27

Thu 29 December Mon 03 Wed 05

Fri 07

Dec 09

Automanufacturers Nissan, Renault and Mitsubishi Motors were all impacted by the Ghosn affair, with each company registering a high volume of conversations as the contagion spread across online and social media (4,000+ postings). The triple alliance and tied investments among the three manufacturers, that once stood as the bellwether for global car manufacturing success, took its toll on the reputation of all three brands over time, in the aftermanth of Nissan Chairman Ghosn’s direct actions. 32 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

Board Leadership | Performance

Board malfunctions Why some boards of directors don’t perform to their full potential and what can be done about it

■

Jean Pousson

Senior Consultant with the Institute of Directors (IoD)

Boards, like families, are dysfunctional – it’s purely a question of how dysfunctional! It would be naïve to assume that simply assembling a group of highly qualified (and highly paid) professionals in a team guarantees that they will operate harmoniously and effectively. In the UK, recent troubles at Carillion, BHS, Patisserie Valerie and Eddie Stobart – to name but a few – have highlighted where their boards did not perform as expected by all of their stakeholders. Every board malfunction will have its own set of circumstances but, in my experience, there are issues that keep cropping up. ■ Size Some boards are simply too big. Many very large organisations operate very successfully with a board of just seven or eight directors. The size of the board should not be commensurate with an organisation’s size but should depend on its complexity and the skill sets that are required. A board that is too big will result in unfavourable dynamics, cluttered agendas and discussions that end up being too superficial in a race to finish the meeting on time. I have had discussions with numerous directors who admitted to not contributing when they should have done, for this very reason. ■ Meeting set-up The wrong setting, wrong seating, wrong time, wrong timing, bad agendas, and board papers not sent in before the deadline all contribute to a bad meeting. These are easy fi xes but often the issue of legacy prevents change. One chair told me that its board ‘always meets on a Monday’ with no reasoning behind it beyond habit. ■ Decision making Incredible as it may sound, I have observed board meetings

34 Ethical Boardroom | Winter 2019

■

where decisions are not made even after lengthy discussions! It is good practice to mark some agenda items as ‘for discussion’ and others ‘for decision’. Th is sends a clear message that decisions have to be made by the board. Mix and composition There should be a healthy balance of experience on the board and diversity should not be limited to gender or ethnicity, but should encompass thinking, expertise and age, because experience is great – as long as the future resembles the past. Unfortunately, uncertainty is intrinsic in nature and woven into organisational life. The board composition, therefore, needs to reflect a balance of capabilities that can cater for changing industry dynamics. Dynamics Directors may not see each other regularly, particularly if they’re based in different locations, so it may take a while for strong relationships to develop within the group. We always recommend the whole board (including non-executives) gets together for dinner the evening before its meeting, which allows for both social and business catch-ups and is a very good way to prepare for the next day’s session. Personal agendas Directors may have confl icting agendas, depending on who they represent, and they can easily fail to recognise that, as a board, they have collective responsibility to contribute to the success of the company. Here, good chairmanship and a lack of bias around the table is required to smooth these potential sources of confl ict. Inductions Despite a huge amount of guidance on this topic, many newly appointed directors are still not getting sufficient training or an induction before they join. This means that they effectively have to learn during the actual meetings and are unable to make any meaningful contributions. Training/continuing professional development (CPD) Many years ago, a chairman told me, ‘when you become a director you will have two job descriptions. The technical job description that the CEO will appraise and your director job description that the chair will appraise’. The two jobs are very different. CPD should therefore be a requirement for both

newly appointed directors and longstanding members. If directors are not sure where they might have skills gaps, there are useful online tools that can help. These review competencies across key areas of the job, including skills, knowledge and mind-set, and benchmark them against professional standards. ■ Responsibilities I see many directors blissfully unaware of their legal and regulatory responsibilities and unable to critique and add value, even where discussions merit challenge. They rely on technical experts and are too scared to ask what they consider to be a stupid question. But so often it is the stupid question that brings out the truth: ‘why are we doing this?’, ‘what could go wrong here?’. When lawyers or finance professionals start engaging in ‘loophole talk’ (i.e. ‘we have found a loophole that will legitimise this transaction’) it’s potentially a red flag. Again, the stupid question, ‘why do we need a loophole?’. ■ The CEO It’s not unheard of for successful CEOs to forget what made them successful and start inhabiting a made-up celebrity persona. They may think they are infallible and, like Julius Caesar, develop ‘tired ears’ and stop listening. Worse still, fellow directors may not challenge effectively if they feel intimidated by someone’s past successes. The board therefore becomes ‘chloroformed’ and dangerously passive. There is the old joke that if two people always agree, then one is clearly superfluous! ■ The chair As board facilitators, the c hair is there to ensure the leadership team operates well, to manage the dysfunctionalities already mentioned, to deal with bad behaviour and silly political games and to ensure full contribution from all. However, Omerta (the Sicilian Mafia’s code of silence) has no place in the boardroom. The chair should also possess a solid, strategic antenna (more on that later) and his/her role extends far beyond the board meeting. A good chair will always be in touch with all of the board directors. I know one chair who makes a point of contacting all directors a few days after each board meeting to get more feedback and thoughts as to how the meeting went.

www.ethicalboardroom.com

Performance | Board Leadership BROKEN BOARDS Leadership failure can consume a whole business

I see many directors blissfully unaware of their legal and regulatory responsibilities and unable to critique and add value, even where discussions merit challenge

Board Leadership | Performance ■ Chair vs CEO The dynamics between these two individuals is a source of constant interest and sometimes bemusement. I have sat at board meetings where you would be forgiven for thinking that the CEO was, in fact, the chair. Conversely, I have seen board meetings where you would struggle to quickly identify the CEO. ■ Non-executive directors (NEDs) Legally, non-executive directors have the same statutory responsibilities as their fellow executives. They bring independent judgement and constructively challenge directors; they are not there to make up the numbers. NEDs have a key role to play to maintain a level of professionalism in terms of their technical expertise and director expertise, but not stray into executive territory, particularly if they have come from high-profi le executive positions. ■ Humility and delegated matters No director can claim to have knowledge and expertise on all board matters. Business is complex and there are always things that can blindside a board. Equally, the board is not the only decision-making body; some matters have to be delegated, otherwise it would have to meet every day. It always amazes me when directors suddenly all become experts or there is incessant micro-management, which results in unworkable agendas. Never be shy of seeking professional advice, even though the final decision (and responsibility) rests with the board. Humility should never be confused with failure – far from it. ■ Strategy The board is responsible for setting the strategic direction of the organisation but, sadly and all too often, it simply does not have the nous to take the organisation forward. If strategy gets too little air time, the board has the wrong conversations, it confuses tactics with strategy, its reviews are superficial and any decisions are based on who shouts the loudest or on poor assumptions. Current financial success can often hide impending strategic failures (ask Nokia), which is why the chair needs a good strategic antenna, ensuring that the process of strategy creation is robust, which will hopefully lead to value-creation outcomes. ■ Risk This is an integral part of running any organisation and it is the board’s role to set the tone and oversee good practice. Regrettably, risk management can become very staid and formulaic. I often

36 Ethical Boardroom | Winter 2019

look at companies’ risk registers but see no new risks listed – yet we know that these emerge all the time. Some risks may not be sufficiently decomposed. Cyber risk, for example, can manifest into a multiplicity of different outcomes. In addition, risk may not be monetised, i.e. the financial impact of an eventuality might not be recognised in terms of revenues, profitability, cash flow and ultimate solvency. A question that I always ask boards and directors is: ‘reflecting on the last 12 months, what has surprised you? And should you have been surprised?’ ■ Feedback A trend I’m seeing increasingly, and which I applaud, is where boards take a few minutes to reflect at the end of the meeting to consider how it went: what worked well and, perhaps, what worked less well. On each occasion where I’ve observed it, this feedback is owned by a different director and done in an honest and sincere environment, not in a point-scoring manner. More formally, it is good practice for the board (and its directors) to subject themselves to regular reviews, preferably carried out by an external expert. Directors are typically the highest paid individuals in the organisation, so why not subject them to some appraisal? Such appraisals can take many forms, but the recommended methodology would include: ■ Sight of the last board evaluation report ■ Sight of the last 12 to 18 months board and committees’ minutes ■ Directors (and other senior personnel who may also attend board meetings) completing a comprehensive, anonymous questionnaire, exploring their knowledge and understanding of all aspects of corporate governance, risk, strategy, board dynamics and more. ■ Analysis of any significant variances in the responses

■ Analysis of each director’s response against the average response ■ One-to-one interviews with each director, lasting about an hour to an hour and a half (possibly going back later with further questions) ■ Observing a typical board meeting ■ Preparation of a report and presentation to the board for discussion ■ Feedback after three to six months to see what actions have been undertaken Directors are often well aware of issues within the board, but it takes an outsider with no vested interest to point them out. The one-to-one interviews also allow the external facilitator to ask some really hard questions, such as: ■ What would make someone not like you? ■ What are fellow directors saying behind your back? ■ Is your voice being heard at board meetings? ■ Have you ever felt like resigning? Why didn’t you? ■ Are the organisation’s values evident in the boardroom? ■ Reflecting on your board meetings, what would you change and what would you keep? ■ How do you monitor your individual performance as a director? ■ What mistakes have you made as a director? ■ What are the biggest risks facing the board (as opposed to the organisation)? ■ If you became chair, what would you do differently?

In summary

A collection of good directors does not automatically mean a good board. Teams are riddled with dynamics that are often difficult to see, spot or even correct. We are dealing with a collection of high-powered individuals who will all have experienced success differently, and who will have many different views on the issues and solutions. Some boards work well, some succeed in spite of themselves while others simply fail. Success in organisations has never been so fragile; nothing is forever and therefore the responsibility falls on the board to navigate the organisation, set the direction, and steer with care and sensitivity. Directors are people after all. As a recruiter once told me: ‘We advertise for CEOs, and human beings turn up’. Good luck!

UNDERSTANDING BOARD FAILURES Strong leaders will ask the right questions www.ethicalboardroom.com

ProfessionalDirector™

World-class, university level director education delivered to you completely online. • Work at your own convenience and pace to earn your Professional Director™ designation! • Gain conﬁdence to meet the responsibilities expected of today’s board member • Build corporate governance knowledge in your business and sector

info@professionaldirector.com | www.professionaldirector.com PROMO CODE for 10% off: ETHICAL

Board Leadership | Advertorial

TALKING TECHNOLOGY Digital tools can make governance easier and more efﬁcient

EGM: A framework for building trust in business Enterprise governance management brings technical tools and resources to govern at the highest level and deliver long-term success and sustainability Building trust is a critical corporate challenge. A litany of scandals and high-profile governance failings has eroded public confidence in businesses’ ability and desire to operate in an ethical, responsible manner. Re-establishing and strengthening stakeholder trust is vital if corporations are to survive and thrive in today’s volatile and uncertain environment; it’s a topic that is high on the boardroom agendas of organisations of all sizes. At the same time, 38 Ethical Boardroom | Winter 2019

Anderson Dy, PhD

Vice President of Sales for Northern/Eastern Europe and Africa, Diligent Corporation businesses and their boards are aiming to become more efficient, prioritise long-term strategy and meet their obligations in an increasingly complex compliance landscape. Faced with these challenges there’s growing recognition of the potential of strong corporate governance to be the framework upon which renewed trust and transparency can be built. Sound governance, proactively managed across the enterprise, sets the tone

for all the organisation’s engagements with stakeholders. It provides transparency around corporate actions, risk-taking and responsibilities, and helps businesses respond to the concerns of the rising number of activist investors who are making their presence felt to those sitting around the boardroom table. Promoting effective governance, supported by appropriate processes and technology, is a key responsibility of the board and company secretariat. It’s a challenge that many boards are grappling with right now: how to apply technical tools that power effective and informed decision-making and robust www.ethicalboardroom.com

Advertorial | Board Leadership advantage. McKinsey reports that ‘boards with better dynamics and processes, as well as those that execute core activities more effectively, report stronger financial performance at the companies they serve’. In this case, financial and non-financial motivations for good corporate governance align to pull in the same direction. On the other hand, the regulatory frameworks developed in response to the failings of the past put pressure on boards to keep their house in order or risk the penalties of non-compliance. Recent updates to the UK Corporate Governance Code and its extension to large, private companies under the Wates Corporate Governance Principles are unambiguous in their requirements for effective stakeholder engagement and robust application of corporate governance principles. Additionally, as the digital world develops, more stringent regulations around data privacy and cyber-responsibility add to the burden of compliance. Finally, acting as both carrot and stick are evolving expectations around environmental and social governance. Stakeholders are rightly concerned about the performance of organisations as corporate citizens. The risk of reputational damage and legal or financial penalties for poor performance in this area are significant, meaning organisations that perform well have the advantage. These powerful drivers of performance goals and The first step compliance demands are on the road to creating an understandable focus on governance in many EGM is often – and new the deployment organisations pressures on those responsible of an electronic for stewardship and oversight.

board portal – Mounting pressures offering greater on the company secretariat flexibility for In light of the challenges directors, the above, today’s boardrooms have broader and more burden on diverse responsibilities than the company ever. The necessity of getting the right information to secretariat is directors to enable robust, reduced informed decision-making

strategic oversight of the organisation. In this article, we’ll examine the drivers for enterprise governance management in the light of the pressures faced by modern boards. We’ll also look at examples of UK and European businesses that are deploying enterprise governance management and the benefits that this can deliver.

The carrot and stick of corporate governance

There are undoubtedly two sides to the drive for good corporate governance. On the one hand are the tempting carrots of greater efficiency, clearer visibility of corporate responsibility and the potential for stronger financial performance and competitive www.ethicalboardroom.com

has never been higher. Th is is having a significant impact on the role of the company secretary. A recent report by consultancy Grant Thornton found that 80 per cent of company secretaries say their role has grown in responsibility and breadth, with the majority of this increase being attributed to regulation and associated compliance.1 Despite this growth in workload, a survey by executive search specialists Leathwaites found that more than three quarters of company secretaries expect headcount to stay the same or decrease.2 With more work to do and no extra people to do it, the company secretariat is facing a

resource crisis that threatens to derail their efforts to adapt to this more dynamic, demanding corporate governance environment. It’s not surprising that Leathwaites’ survey saw company secretaries rate improving efficiency as one of the most important challenges they face in the coming year, second only to improving the use of technology and data. These intrinsically linked aims are prompting organisations to explore enterprise governance management, the discipline of applying technical tools and resources to the full range of governance needs in a bid to transform efficiency, security, communications and compliance. The focus is on enabling the board to get swift, straightforward access to all the information it needs to perform more effectively, creating a framework that supports transparency and builds trust with stakeholders.

The benefits of digital enterprise governance management – improved efficiency Stretched resources and stressed colleagues were a familiar story for Tiziana Thomas, who is assistant company secretary at specialist retirement financial solutions provider Just Group Plc. Her experience of creating and distributing board packs was typical of many organisations: “Building board packs had become frustrating and stressful for that team. It was taking three people an entire day to print, bind and despatch packs of up to 800 pages through the post. Staff were frequently in the office until midnight in the evening preceding the board pack release and often had to request assistance from other administrators within the company to get the job done. On top of that, the post wasn’t always reliable so even materials sent out in good time didn’t always arrive when required.” The fi rst step on the road to enterprise governance management is often the deployment of an electronic board portal. Th is was the approach taken by Just Group, which implemented Diligent Boards in 2016. The portal replaces hard copy board packs, providing a central, ultra-secure location for board meeting materials. Directors access the portal 24/7 from their preferred device, so they can review and annotate materials whenever convenient. As well as offering greater flexibility for directors, the burden on the company secretariat is reduced as printing, binding and dispatching is eliminated. Tiziana recalls: “Suddenly all that frantic activity and cost in getting board packs out to directors disappeared.” It also means that last-minute changes – unavoidable in fast-paced organisations – can be carried out quickly and easily, without the need to reprint documents.

Winter 2019 | Ethical Boardroom 39

Board Leadership | Advertorial Digital support for board activities isn’t just limited to board materials. It can also make meetings more efficient, freeing time for directors to focus on strategic discussions. Tiziana explains: “Time is precious in board meetings. We have to use it wisely and we increasingly found that procedural activities were taking up excessive time. We wanted to reduce the time directors spent on voting to give more time for strategic debate in meetings. As a financial services company, we are heavily regulated so there are always a large number of policies that must be reviewed and voted on. We recently trialled Diligent’s electronic voting facility so directors could review policies and vote on them prior to the board/ committee meeting. This was very successful and popular with directors.” Further efficiencies arise from features such as electronic meeting agendas and minutes, which can be automatically generated and completed through the board portal. Agenda items are linked to relevant supporting documents, so directors can easily access the right materials during meetings. Minutes with assigned director actions can be swiftly created and circulated and follow-up reminders of actions sent to directors via the portal between meetings. While these are straightforward uses of technology in isolation, bringing them together via a board portal means that they are secure, accessible and auditable, supporting better board performance.

Improving security in a high-risk environment

Privileged corporate information is a prime target for industrial espionage and nation state threat actors, with exfiltration tactics becoming increasingly sophisticated. Therefore, companies must be confident when deploying a digital solution that they also understand and address third party cyber-risk to keep their assets safe.

Secure communications – enabling directors beyond the boardroom

While board materials are ultra-sensitive, communications between the company and its directors outside of the meeting schedule are equally vulnerable. Regular communication between directors is essential to strong board performance but, historically, the channels through which this takes place have been a real pain point. Non-executive directors in particular may use personal email addresses and phone networks that are outside corporate control to conduct sensitive conversations and share documents. This introduces a further level of risk that must be managed. Messaging software incorporated into a secure board portal eliminates this vulnerability, as all communications between directors are securely encrypted. The portal can also be used to share documents for consultation, with

administrators able to set access levels and prevent documents being forwarded or saved to unsecure systems. This has been a further benefit for Just Group’s Tiziana Thomas, who introduced Diligent Messenger to her board: “There’s no need to password-protect files, like we would with email. Also, we can send large files that email systems reject.” Adding secure messaging to the enterprise governance management mix also reduces the likelihood of spear phishing or whaling attempts succeeding, as directors grow accustomed to using only the proprietary channel for communication.

Simplifying compliance and ongoing visibility

While security and administrative benefits are an important feature of enterprise governance management, there are further advantages to be gained by applying technical tools to manage complex issues, such as entity management. As companies grow and the compliance landscape intensifies, managing local compliance in multiple jurisdictions becomes difficult. Often compliance activities become isolated in departments, with data frequently stored in spreadsheets, resulting in inaccurate or incomplete reporting. This means the board cannot gain oversight of the full compliance picture. An

GOVERNANCE ECOSYSTEM Mitigate risk and plan for strategic growth

Improving security is an important aspect of enterprise governance management. The potential impact of data breaches has dramatically increased following the implementation of the General Data Protection Regulation and boards are under no illusions about the costs – financial, legal and reputational – of suffering a breach. While many headlines around data breaches focus on cyber risk, the regulation applies equally to hard copy breaches. This is particularly relevant to board meeting materials. Hard copy board materials, sent out by post or courier, put the company’s most sensitive information at risk. They are exposed to the possibility of accidental loss, unauthorised access and unsafe disposal. This is unacceptable. Moving to a digital solution has clear benefits in terms of controlling information access and distribution, but the transition is not without risk. Entrusting a company’s most sensitive documents and communications to a third-party digital system requires assurance that it is protected to the highest standards. This means state-of-the-art encryption, secure servers and an ongoing supplier commitment to maintaining the most advanced defence against evolving cyberthreats. 40 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

Advertorial | Board Leadership entity management solution offers a single source of truth, ensuring that real-time corporate entity information can be easily viewed by the board. It also includes processes and workﬂows that assist staff in reviewing and measuring compliance. Th is is an area coming under increasing scrutiny, not just from a point-in-time perspective, but also in terms of the ongoing processes required to support compliance. For example, the introduction of regulations, such as the Senior Manager & Certification Regime (SM&CR), which will affect 47,000 financial services organisations in the UK, will bring with it a significant ongoing compliance burden that will require support from technology to be successfully managed.

Managing board performance – evaluations and intelligence

We live in a world where data is available at the touch of a button and this is changing expectations of how we monitor everything, from business performance to personal fitness. Board performance monitoring has to evolve to keep abreast of both the requirements of the corporate governance code and the expectations of investors and

stakeholders. A full external evaluation of the boards of listed companies is only required once every three years, but the fast pace of commerce means it’s increasingly expected that board evaluation will be ongoing and reported annually to stakeholders. A comprehensive enterprise governance management solution includes an evaluations module, making it easy and cost-effective to create regular director evaluation surveys and collate the results automatically into reports. This means businesses can ‘take the temperature’ of the board, assess director engagement levels over time and identify early signs of issues arising with board dynamics, all without placing undue workload on the company secretariat. Regular evaluations enable boards to work on continuous improvement, and to achieve this it is important that directors are kept up to date with the latest factors affecting the governance world. To that end, Diligent’s Governance Cloud also includes an Insights module, offering relevant and timely content on corporate governance topics. Directors can stay up to date with the latest information and incorporate what they learn into board activities, thereby strengthening board performance.

By adopting advanced process and The challenge management tools, companies can gain of change Despite the benefits stronger governance performance, deploying technology greater transparency and accountability, of to support all the strands of corporate and demonstrate a sound foundation governance, change of and proof of process on which to build any sort can be difficult the valuable asset of stakeholder trust to manage. While

company secretaries may be crying out for their boards to make the digital switchover, chairs and directors aren’t always so willing. Th is was underlined in Leathwaites’ survey of company secretaries, which found that only eight per cent of chairs were supportive of introducing technology to the function. Similarly, Grant Thornton’s study found that ‘technology use was inconsistent and has not necessarily improved quality or efficiency’. These statistics echo with Katy Maughan, PA and administrator to the company secretary at European specialist building products distributor, SIG Group (LON: SHI). Although the business had invested in a board portal to improve efficiency, directors were reluctant to use it, preferring to have meeting materials in hard copy format, as well as hosted in the portal. This was costly, time-consuming and insecure, so when Diligent acquired SIG Group’s previous portal provider in 2012, Katy took the opportunity to get directors on board with digitisation. She carefully managed the switch over to the new system, avoiding the board’s busy periods and considering the directors’ needs alongside the technology aspect.

www.ethicalboardroom.com

The difference this time was getting the right support for directors as the system went live. Directors had face-to-face training with Diligent’s customer support team and ongoing support available from the 24/7 customer support service. Katy explains: “The availability of knowledgeable, friendly support is a major bonus for us. I can confidently refer directors to the helpline with any queries, and they always report that they’ve had a great experience.” Th is positive introduction worked for SIG Group. Directors became confident using the portal and soon saw the benefits for secure communications outside the meeting schedule. The biggest testament to the success of the move came from the directors themselves: “I was preparing confidential audit tender documents, and one of the directors said: ‘Why not just put it on Diligent?’” recalls Katy. “That really shows how they have come to appreciate the benefits of using the board portal.” It’s clear from SIG Group’s experience that the way change is introduced and supported is as important as the technology that enables it. The company is now fi rmly on the pathway to effective enterprise governance management.

EGM: A performance advantage Board responsibilities are evolving all the time, growing in complexity and breadth. It therefore makes sense to ensure that corporate governance is managed at the highest level. All the of benefits of digitising board processes and responsibilities are valuable, even in isolation, but when brought together under a unified, integrated approach they really represent a competitive performance advantage for organisations. By adopting advanced process and management tools, companies can gain stronger governance performance, greater transparency and accountability, and demonstrate a sound foundation and proof of process on which to build the valuable asset of stakeholder trust. Th is will enable corporations to survive and thrive in today’s volatile and uncertain business environment.

1 https://www.grantthornton.co.uk/globalassets/1.-memberﬁrms/united-kingdom/pdf/documents/is-the-role-ofcompany-secretary-ﬁt-for-the-future.pdf 2 https:// www.leathwaite.com/wp-content/uploads/CompanySecretary-Global-Survey-Results-Paper-2018.pdf

Diligent Corporation

1-3 Strand, London, WC2N 5EH, UK +44 (0)20 7605 7400 www.diligent.com info@diligent.com

Winter 2019 | Ethical Boardroom 41

Board Leadership | Board Composition

The New Generations within boardrooms A board’s agenda is increasingly crowded, but a forward-thinking board will leave room for understanding and helping management address the ‘New Gens’ challenges Much is being written about what is diﬀerent about Millennials and its implications for the workplace. But less attention has been given to why this is also a board, not just a management, topic. Some directors do not yet see the direct relevance for the board. They perceive the matter primarily to be a HR issue, one for management to deal with. Other boards may appreciate its larger implications but see it as a challenge to come, rather than one necessarily requiring the board’s attention today. The terminology commonly used does not help. Boards often hear the topic being referred to as the ‘Next Generations challenge’, implying it is of ‘next’, not immediate, priority. An alternate term is the ‘New Generations’. This term conveys more compellingly the notion that those who make up the Millennial population – Generations Y, Z, and beyond – are not just coming.1 They are already here. This article argues that the ‘New Gens’ merit being part of the strategic and supervisory deliberations of today’s boards and offers five practical prescriptions to jump-start board action.

42 Ethical Boardroom | Winter 2019

Gabe Shawn Varges

Senior Partner at HCM International & Chairman of the GECN Group

Recognise that the New Gens are the human face of the digital revolution Boards today are slowly coming to terms with how blockchain, artificial intelligence, and big data can affect their company’s business model and competitive environment. As they do this, they are discovering that the challenge is not just about technology; it is also about how to make their company’s culture more receptive to the types of transformation that digitisation requires. Further, it is about how to increase the capacity of existing employees to innovate and imagine new ways to enhance company competitiveness. To this end, well-conceived training and coaching efforts can be of value, as can realigning the performance management and incentives system to reward agile thinking and execution.

But, at a certain point, this question needs addressing: Can the change go quicker or deeper by looking beyond the company’s current talent and adding new ingredients to the mix? If what is sought are individuals more attuned to the digital needs of the company, is it sensible to ignore the talent pool to whom employing and leveraging new technologies comes naturally? Th is talent pool is the New Gens. Any digital agenda that does not consider how this population can contribute to the company’s change efforts is at best incomplete, and at worst unsustainable. Indeed, as digital natives, the New Gens are the human face of the digital revolution and, therefore, an instrumental part of a company’s digital strategy.

www.ethicalboardroom.co

Board Composition | Board Leadership Ensure management understands 2 that the New Gens are a strategic

topic, requiring a strategic response In our work with clients in multiple industries across continents, we are finding growing corporate awareness that ‘something feels special’ about the New Gens compared to prior generations. Many companies are experiencing what the research bears out: that while not absolute, relative and sometimes meaningful differences can be found in the New Gens on topics, such as: ■■ Career time horizons, i.e. how long they can imagine being in the same position or with the same employer2 ■■ Their work habits and preference of how, when and where to work ■■ Their attitudes toward hierarchy and rigid structures that shape how quickly people are given responsibility and are promoted ■■ Non-financial and financial incentives, including different views on base pay, variable pay and company benefits3

■■ What the employer offers for career development, including supporting further education or more engagement in volunteer community work ■■ The nature, timing and frequency of input on personal performance A board will want to know whether management at their company is on top of these trends. It may wish to have management report to it regularly on how the company is working through the implications of the New Gens on matters such as: ■■ Recruitment and retainment ■■ Workplace arrangements ■■ Organisational structures ■■ Performance management ■■ Compensation and rewards ■■ Career development Given the many dimensions involved, it is also appropriate for the board to expect management to articulate a comprehensive strategy to address and manage the New Gens challenge. The board can add value by critically reviewing such strategy and

providing constructive guidance. Delaying is not an option. The challenge is here. The New Gens are expected to represent more than 50 per cent of the workforce by 2020 and as much as 75 per cent by 2025.4 management is taking 3 Ensure concrete steps to implement

a sound New Gens strategy One immediate step the board can request management to take is to do a generational mapping. When thoroughly and systematically done, such mapping helps the company concretely visualise how the various generations are represented in the company and in the various units and roles across the enterprise. ■■ Are there units or functions where there is an overrepresentation of Baby Boomers or Generation X members and a paucity of New Gens?5 ■■ Are the New Gens at the company automatically placed in positions having less opportunity to generate ideas or have exposure to senior management? ■■ Are the company’s New Gens who are in promising positions or on the list of high potentials only from Generation Y, or does it include also some from Generation Z?

NEW GEN BOARD LEADERS The younger generation of board members are bringing knowledge of key digital issues w.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 43

Board Leadership | Board Composition The latter question is of special significance as New Gens are not a monolithic group. Subtle but important differences are detectable, for example between older Gen Y members, such as Facbook’s 34-year-old Mark Zuckerberg, and younger Gen Z members, such as LinkedIn’s Sneha Keshwani. The latter, for example, runs, at the age of 24, global mobile growth for LinkedIn, a position calling not just for digital and entrepreneurial prowess but collaborative know-how to forge sustainable partnerships for the company across borders.6 After gaining a better understanding of the company’s demographics, a next step is to determine where the skills and insights of the New Gens could best be leveraged. For example, could the company benefit from having the perspective of a Gen Z member in a product development or consumer research team? Or on a taskforce charged with improving the company’s recruiting strategy? The challenge in pursuing innovative approaches is that they may run up against cultural precepts at the company. There may be ingrained views on what seniority or age is a ‘minimum’ to carry out certain roles or be involved in certain projects. For example, a company may welcome New Gens on a project to test artificial intelligence for procurement but may hesitate to include them on ‘sensitive’ projects, such as revamping the company’s governance decision-making processes or re-evaluating the compensation approach. Th is is where the board could be of help. It could nudge management not to permit hierarchy or tradition stand in the way of tapping into what the New Gens have to offer. Th is includes the area of succession. Part of good governance is to have contingency plans for key positions that become vacant. In today’s environment, corporate succession planning that is unduly influenced by age or job seniority detriments the company if it automatically excludes candidates from the New Gens. In some cases, the internal forces may be strong enough to require more creative experimentation. For example, one major international insurance company – in an effort to recruit high-performing young talent that would otherwise be attracted to start-ups and industries more ‘sexy’ than insurance – has initiated an internal unit that re-creates a start-up feeling and gives those recruited for this role better incentives to innovate, collaborate and have more impact than is normally possible in more structured organisational units.7 closer as a board 4 Get to the New Gens

If it is going to provide oversight of management on the New Gens, the board itself needs to get better acquainted with 44 Ethical Boardroom | Winter 2019

DIGITAL SAVVY New Gens bring new skills and perspectives

THE CHALLENGE OF MILLENNIALS — AT A GLANCE ■ The term New Gens conveys more compellingly the notion that those who make up the Millennial population — Generations Y, Z, and beyond — are not just coming, they are already here ■ The New Gens are expected to represent more than 50 per cent of the workforce by 2020, and as much as 75 per cent by 2025 ■ The central problem is that many boards lack any member who is under 50. This means there is typically a very large age gap even between the ‘youngest’ board member and a Millennial ■ Even social media-savvy Facebook currently has only one board member under 40, all others being 47 years and older ■ There may be ingrained views at a company on what seniority or age is a ‘minimum’ to carry out certain roles or be involved in certain projects them. Some boards have made progress in piercing the CEO/executive committee wall and are gaining exposure to managers immediately below the ‘chiefs’ in the C-suite, sometimes referred to as the ‘C minus 1’ level. Boards are achieving this by requiring periodic direct reports from such managers, rather than having the CEO or another executive committee member present on

their behalf. More significant are efforts by some boards to meet personally with C minus one managers outside of board meetings and hear directly their views on the company’s business. While helpful, these efforts may not expose the board to younger employees since New Gens are not yet commonly represented at the C minus one level. Thus, boards need to pursue other strategies to reach the New Gens. One option is for the board to request management to allow it to have periodic exchange of views with a cross-section of employees from Generations Y and Z. Another is to suggest to management that it includes New Gens on the company’s key taskforces and projects, including those having impact upon generational, digital and other transformative change at the company. The board in such cases could also request the taskforces to make reports to the board and to have their New Gens members present findings or answer board questions directly. However, if the board wishes to gain even more meaningful insights into the New Gens, it could consider a ‘reverse mentorship’ programme. At many companies, it is now common to have more experienced managers serve as mentors to younger employees. The reverse mentorship concept flips the table. www.ethicalboardroom.com

Board Composition | Board Leadership

Under such a programme, a promising New Gens member is assigned to a board member. If properly designed and operated, the programme creates an informal, yet regular, platform for discussion and sharing. In the safe space of a one-on-one conversation off the record, the board member could ask without embarrassment, for instance, about a new term or technology he or she does not understand, or could get the New Gens partner to share what is on the mind of younger employees at the company. As in the case of other mentorships, it cannot be a forced exercise. It is made available to board members but is not mandatory. Directors are given a choice of the young people with whom they wish to ‘partner up’ for the mentorship, rather than having management do the matching. the New Gens, 5 Consider directly or through an advisory

council, to be part of the formula for increasing board effectiveness Boards are under considerable pressure to increase their own performance and be more effective at providing strategic and ethical stewardship.8 Since part of the current challenge relates to guiding their company through the turmoil of the digital revolution, a board cannot avoid asking the hard www.ethicalboardroom.com

nature are timely, not only due to the relentless pressure for boards and companies to respond to the digitisation and related challenges, but because in a few years there will start emerging a viable pool of potential board members from those New Gens leaders who – in some cases even as teenagers – have successfully launched or led start-ups. These include young CEOs, who while not yet 40, already may have a decade or more of executive experience under their belts.10 Until the board is ready to take the ‘age plunge’ and take a chance on a New Gens member, it could consider an intermediate step. Some companies have long histories of having, next to their statutory or official board, an advisory board. Such a body is made up of individuals who provide company additional perspectives and serve as a sounding platform for prospective corporate initiatives.11 Advisory boards have no governance authority but can play a valuable complementary role to the official board. For example, to help the company address the digitisation challenge, some companies today are employing this technique, though it is not always clear if the advisory bodies being created owe their duty principally management or In today’s environment, to to the board.12 corporate succession Having an external planning that is unduly advisory body to the board composed of influenced by age or New Gens is a viable job seniority detriments transitional solution. To have more independence the company if it question of whether its and bring the most automatically excludes value to the board, the members possess the bandwidth to skilfully members are recruited candidates from and swiftly act in the by the board itself. To the New Gens aforementioned areas. avoid confusion with The demographics of the board, the body is given boards would suggest not. Some studies put a different name, such as ‘council’ and it is the average age on boards at more than 60, made clear that its role is purely advisory. with 25 per cent of boards having an average How the board uses this advisory body is age of nearly 65.9 While not encouraging, these fully at its discretion, but it could task it statistics per se are not the key problem as to provide recommendations and input they are simply averages. The central problem on any matter, including on the company’s is that many boards lack any member who is New Gens strategies and initiatives. under 50. This means there is typically a very large age gap even between the ‘youngest’ Whatever approach a board chooses, it board member and a Millennial. Even social is important that it does not perceive the media-savvy Facebook currently has only New Gens as a ‘special interest group’ or a one board member under 40, all others being constituency that only needs to be ‘serviced’. 47 years and older. Instead, the forward-thinking board sees the While for most boards recruiting a New New Gens as part of the solution for navigating Gens member is not a realistic current the strategic, operational, financial and talent option, revisiting the criteria of what challenges that arise in a digitising world. qualifies a person for the board could be an With respect to the board itself, considering eminently practical exercise to undertake a New Gens member or at least a New Gens now. Should age per se be a disqualifier? advisory council can be a way to ‘upskill’ the How could the notions of board diversity board more quickly and heighten its ability and renewal be enriched by looking beyond to help management cope with the multitude gender or ethnicity to also consider the value of knotty issues engendered by generational that an energetic and fresh younger member and technological change. Footnotes will be run in full online. could bring to the table? Deliberations of this Winter 2019 | Ethical Boardroom 45

Global News Latin America TTSE-listed companies lack governance

Vale under pressure after dam disaster

Push to develop aspiring Latinos Two-thirds of companies listed on the Trinidad & Tobago Stock Exchange (TTSE) do not meet corporate governance standards for annual reports, a report has found. A year-long study from the Arthur Lok Jack Global School of Business used 26 internationally recognised benchmarks for annual reports and corporate governance, according to Newsday. Each of the 27 companies listed on the TTSE received one point for every criterion met. Barbados-based financial group Sagicor topped the rankings with a score of 23, while media company Guardian Media, cement producer Readymix, industrial estate firm Plipdeco and consumer supplier Unilever all tied for last place with just two points. None of the companies listed reported executive compensation, all but one reported directors’ shareholdings, six had no women on their boards. The West Indian Tobacco Company led the ranking with 50/50 gender parity on its board.

Fintech activity in Latin America strengthens

The Latino Corporate Directors Education Foundation (LCDEF), established to increase the number of US Latinos serving on corporate boards, has added to its own board of directors. Six new board members will join the LCDEF in its quest to develop and place aspiring Latino and Latina board-qualified executives in the highest levels of corporate governance. The LCDEF provides educational programming and thought leadership to grow the pool of board-qualified US Latino executives prepared for board service. “Our newest board members not only are world-class leaders but also embody the mission of LCDEF and bring talent, expertise and energy to the table,” stated Ana Dutra, LCDEF co-chair.

Brazilian mining giant Vale has suspended dividend payments to shareholders and performance-related executive bonuses following the Brumadinho dam collapse. The company has also unveiled new emergency measures, as well as financial and psychological support for the families of those affected. Hundreds are still missing after the dam burst and sent a torrent of sludge into local offices and the nearby town. State prosecutors said they have frozen 11billion reais (£2.2billion) of assets belonging to Vale — the world’s largest iron ore miner. Meanwhile, Brazil’s acting president Jair Bolsonaro Mourao revealed a government taskforce is mulling proposing a change of Vale’s top management.

The number of financial technology start-ups in Latin America has increased by around two thirds since May 2017, according to a report. The Fintech in Latin America 2018: Growth and Consolidation report by Inter-American Development Bank (IDB) has identified 1,166 fintech start-ups in the region. With 380 start-ups, Brazil leads the region’s financial technology market, followed by Mexico with 273, Colombia with 148, Argentina with 116 and Chile with 84. Thirty-five per cent of the fintech companies in Latin America were founded or co-founded by women — above the global average of seven per cent. Gabriela Andrade, financial markets lead specialist at the IDB, said: “While fintech companies with women in their founding teams work in various segments, it is interesting to point out that one out of three of these companies focusses on servicing excluded and underserved segments of the population.”

46 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

securing banking

valyoues

It’s all about customer experience. Digitalization and customer expectations are driving the future of financial services. Put your customers first by offering top of the art ID management solutions and digital payments services that will make you “top of wallet”. G+D Mobile Security is a part of the G+D Group with more than 11,000 employees worldwide. Our 5,700 experts in over 40 sales and partner offices all over the world are glad to advise and support you with years of experience and comprehensive solutions that let you meet the challenges of a connected financial industry and capitalize on its opportunities. For more information, please contact mobilesecurity@gi-de.com Follow us on:

Social icon

Rounded square Only use blue and/or white. For more details check out our Brand Guidelines.

https://twitter.com/GieseckeMS

https://smart.gi-de.com/

https://www.linkedin.com/company/ giesecke-devrient-mobile-security

Latin America & Caribbean | Advertorial

NEVIS: MAKING PROGRESS Transparency and exchange of information for tax purposes reach international standards Heidi-Lynn Sutton

Regulator, Nevis Island Administration

The Federation of St. Kitts and Nevis has always been at the forefront of transparency issues, having joined the Global Forum Joint Ad Hoc Group on Accounts (JAHGA) in 2003, a group of OECD and non-OECD countries who developed the JAHGA Paper Enabling Effective Exchange of Information: Availability and Reliability Standard in 2005.

Th is outlined common standards that should be implemented by all participating jurisdictions to facilitate effective exchange of information, particularly in relation to the maintenance and access to reliable accounting records. These accounting transparency standards now form part of the Global Forum’s terms of reference to monitor and review progress towards transparency

and exchange of information on request for tax purposes. St. Kitts and Nevis was also an active member of the OECD Global Forum’s Sub-Group on Level Playing Field Issues which was established in or around 2003 to ensure that the high standards of transparency and exchange of information were developed in a way that was fair and equitable for all Global Forum members. The Federation formally joined the OECD Global Forum on Transparency and Exchange of Information for Tax Purposes in 2009. The Global Forum is recognised as the main international organisation with competence to assess and monitor countries’ compliance with the international standards of transparency and exchange of information for tax purposes. As part of its commitment to adhere to highest of international standards, St. Kitts and Nevis actively participated as original members of the Peer Review Group during the period 2011 to 2014. The Group is responsible for carrying out in-depth monitoring and peer review of the implementation of the standards. In 2014, the Phase 2 Peer Review Report of St. Kitts and Nevis’ exchange of information practices was published. A largely compliant rating was assigned following a robust and comprehensive period of assessment. The Federation recently underwent its second-round peer review assessment and obtained an overall rating of largely compliant. This means that St. Kitts and Nevis is in

compliance with the international standards. The report was approved at the Peer Review Meeting on 10 to 13 September 2018 and was adopted by the Global Forum on 12 October 2018. The Federation’s legal, administrative and regulatory frameworks were assessed against the Global Forum’s 2016 Terms of Reference as they relate to the handling of exchange of information on requests during the period 1 July 2014 to 30 June 2017. St. Kitts and Nevis received a rating of compliant for eight elements and largely compliant for two elements. It should be noted that the report confirmed the following: ■ The availability of ownership information was confi rmed in St. Kitts and Nevis’ exchange of information practice ■ A regulated business is required to keep updated beneficial owner information. In addition, regulated businesses are required to ensure that documents, data or information under identification procedures are kept up to date and relevant by conducting reviews of existing records, including cases where inconsistencies are discovered ■ The Companies Ordinance, Nevis Business Corporation Ordinance and the Nevis Limited Liability Company Ordinance contain adequate enforcement provisions applicable in cases of failure to keep ownership information as required under the law. Applicable sanctions span from monetary fi nes and administrative measures, such as prohibition of activity and termination of the legal entity

ST. KITTS AND NEVIS An island country in the West Indies 48 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

Advertorial | Latin America & Caribbean ■■ Regulated businesses, including service providers, are prohibited from opening or operating financial services products held in fictitious names, as well as operating anonymous accounts ■■ The proportion of service providers subject to AML/CFT inspections is high in comparison to the other types of regulated businesses that are reviewed. On average, 20 service providers are reviewed each year, which means that each service provider should be examined at least once every five years. Those service providers reviewed by the Financial Services Regulatory Commission (FSRC) Nevis branch during the review period, are responsible for 97 per cent of the IBCs and LLCs registered with the Registrar in Nevis. The frequency of these on-site visits seems to be adequate to ensure compliance with legal obligations as required under the standard. Also, the FSRC has taken significant action against those licensees that fail to comply with their obligations ■■ The supervision of anti-money laundering and combatting the financing of terrorism (AML/CFT) obligations is adequate to ensure banks’ compliance with their CDD obligations in line with the standard. The FSRC carries out off-site and on-site inspections covering a significant number of banks annually and applies a variety of enforcement measures in cases where deficiencies are identified. ■■ During the review period, St. Kitts and Nevis received 14 requests for banking information, including requests for beneficial ownership information. St. Kitts and Nevis was able to fully respond to all of these requests It is against this backdrop that members of the public should read with extreme caution the article by Oliver Bullough in the international edition of The Guardian newspaper on 12 July 2018.1 The excessively verbose piece contains countless unsubstantiated claims, misinformation and innuendos and, in my opinion, discredits and undermines the considerable progress St. Kitts and Nevis has made to ensure that the Federation complies with the highest of international standards. We would like the desire to publish sensational articles to be replaced with the desire to issue fact-based, balanced and well-researched pieces. This two-part article will summarise the legal, regulatory and administrative frameworks governing AML/CFT requirements and transparency and exchange of information for tax purposes in Nevis. The Anti-Money Laundering Regulations, 2011 (AMLR), Anti-Terrorism (Prevention of Terrorist Financing) Regulations, 2011 (ATR) and the Financial Services Implementation of Industry Standards Regulations 2011 www.ethicalboardroom.com

(FSIISR) with appending guidance notes require all regulated entities to identify, verify, obtain, maintain and monitor beneficial owners of legal persons. The legislation is enforced by both the St. Kitts and Nevis branches of the Financial Services Regulatory Commission (FSRC). The FSRC is the ultimate regulatory body for financial services and for AML/CFT for St. Kitts and Nevis. It was established by the Financial Services Regulatory Commission Act, which was passed by the National Assembly on 20 October 2009. The FSRC monitors compliance by regulated persons and entities under the Proceeds of Crime Act, the Anti-Terrorism Act and such other Acts, regulations, codes or guidelines relating to money laundering or the financing of terrorism. The above legislative and regulatory frameworks apply to all regulated entities in Nevis that conduct fiduciary and financial services business in the following areas: the registration of international companies, the formation of trusts, the establishment of multiform foundations, international

As part of its commitment to adhere to highest of international standards, St. Kitts and Nevis actively participated as original members of the Peer Review Group during the period 2011 to 2014 insurance companies, money services businesses, mutual funds, credit unions, international banks and the provision of citizenship by investment services. As regards to the island of Nevis’ ongoing efforts to maintain its reputation as a responsible and well-regulated jurisdiction, in 2014 the Nevis branch of the FSRC strengthened its risk-based regulatory oversight of all regulated entities. In May 2015 the branch adopted a risk-based supervision (RBS) framework, which is applicable to both off-site and on-site examination of said regulated entities. The RBS framework includes the identification and assessment of risks and the quality of risk management oversight provided by compliance, internal audit, external audit, risk management, senior management and the board. Comprehensive on-site examinations of regulated entities in Nevis are conducted pursuant to the Financial Services Regulatory Commission Act, Cap 21.10 (FSRC Act) to ensure that the Act and enactments specified in Schedule 1 to the Act are being complied with and that the regulated entity is in a sound financial position and is managing its business in a prudent manner. During an

on-site examination, examiners from the Nevis branch of the FSRC will determine, among other things, whether there are appropriate policies and procedures established to ensure compliance with AML/ CFT legislation and identify risk appropriately. In order to achieve this, examiners will review all relevant customer files of the regulated entity as well as the citizenship by investment applications to ensure that the requisite know your customer (KYC) documents are obtained, maintained and up-to-date for all beneficial owners. The branch has also implemented procedures to ensure that only fit and proper persons hold directorship, shareholding and senior management positions in regulated entities. The licensing renewal process has been streamlined to ensure that fitness and propriety assessments were also performed where changes in key personnel have been observed. The timelines for processing licensing applications and procedures for conducting compliance audits were issued by the regulator. Guidelines for the appointment of the compliance officer/reporting officer were also adopted by the FSRC and have been implemented by the Nevis branch and compliance/reporting officers are also subject to a renewal process at the start of each year. The author of The Guardian piece has been informed of these developments and correspondence was sent to him reiterating Nevis’ position on the said issues, corroborated with links to press releases, international reports, media sources, legislation and administrative practices. For the period February 2014 to September 2018, the FSRC-Nevis Branch conducted 114 full-scope and follow-up on-site examinations in accordance with its RBS framework and on-site examination procedures. The branch also undertook enforcement actions in 49 instances. Said actions included the issuance of warning letters, suspension or revocation notices and the granting of restricted licences. Further, during the period February 2014 to September 2018, the FSRC-Nevis Branch received 96 requests for information from regulatory, law enforcement and government agencies. All requests were responded to in a timely manner. These actions demonstrate Nevis’ commitment to maintaining its status as a reputable and well-regulated jurisdiction. https://www.theguardian.com/news/2018/ jul/12/nevis-how-the-worlds-most-secretive -offshore-haven-refuses-to-clean-up

Nevis Island Administration

P.O. Box 689, Main Street Charlestown, Nevis 1 869 469 1469 www.nevisfsrc.com Hdsutton@nevisfsrc.com Winter 2019 | Ethical Boardroom 49

Board Governance | Committees

Nomination committees in Sweden and the UK Why combining two approaches to one problem will ensure a more cohesive team of directors

Sophie Nachemson-Ekwall and Colin Mayer CBE

Sophie is afﬁliated researcher at the Stockholm School of Economics. Colin is the Peter Moores Professor of Management Studies at the Saïd Business School, University of Oxford; Centre for Economic Policy Research (CEPR); European Corporate Governance Institute (ECGI)

The board of director nomination process is a particularly important, but largely ignored, aspect of corporate governance. Its importance derives from the significance of nominations in the functioning and success of the company and the degree of confidence investors place in the board. There is growing recognition of this and increasing interest in the divergent approaches that the UK and Sweden take to the nomination process. Th is article draws on research using material published by the Swedish Shareholders Association on ownership 50 Ethical Boardroom | Winter 2019

policy (2017) and a working paper on nomination committees (NCs). The aim is to reassess the conventional view of the NC as an internal committee of the board on which independent members sit and nominate successor members of the board. We conclude with a discussion of the possibility of achieving better outcomes by combining features of the external and internal process.

Time to focus on the nomination committee

Identification of appropriate members of the board is a primary determinant of the operation and success of a company. As such, the role and legitimacy of the NC cannot be underestimated in corporate governance. In particular, the NC can be instrumental in both promoting the type of large, long-term shareholdings that are a prerequisite to effective engagement by institutional investors and a means by which that engagement is exercised. In addition, the NC provides a basis for resolving potential confl icts that arise between different shareholders, most notably between dominant and minority shareholders. Yngve Slyngstad, chief executive of the Norges Bank Investment Management (NBIM), the world’s largest sovereign wealth fund, recently demanded that a majority of independent directors should have ‘fundamental industry insight’. At least two

should have worked in the industry of the company (Financial Times, 30 October 2018). The position taken by NBIM reflects growing societal pressure on institutional investors to undertake engaged responsible corporate governance. More institutional shareholder engagement has also been proposed in the Kay Review (2012) and the revised Shareholders’ Rights Directive (2017).

There is not one simple NC

A comparison of the British internal NC, which has become the standard model in most countries, and the Swedish external NC, illustrates divergent approaches to nominations. Both countries embody what is termed ‘shareholder primacy’, namely legal, regulatory and institutional structures that privilege shareholders over the interests of other parties, and both countries have a substantial presence of institutional investors as well as national pension funds. Sweden, just like the UK, is at the forefront of Europe’s most liberalised and active market economies, based predominantly on self-regulation as against legal statute. In the UK, the NC is an internal committee of the board on which independent members sit and nominate successor members of the board. The UK corporate governance code requires a majority of members of the NC to be independent non-executive directors. In Sweden, the NC is an external committee in which shareholders play an important role in the selection process. The internal system of the UK delegates the nomination of new members of the board to its non-executive www.ethicalboardroom.com

Committees | Board Governance

members. In Sweden, on the other hand, the nomination process resides with representatives of shareholders themselves. The difference reflects contrasting views on ownership and governance of fi rms. In general, Swedish companies have large controlling shareholders who have incentives to exert significant influence over the nomination process. The Swedish Companies Act grants a single shareholder or group of shareholders controlling 50 per cent of the votes at the AGM the right to nominate all the directors of the board. The influence of large shareholders can be intensified through multiple voting shares (Series A shares assigned 10 votes and B shares assigned one vote), and more than half of listed companies in Sweden have multiple voting stocks. The Swedish Companies Act closely parallels that in those of other Nordic countries, which together define a Nordic model of corporate governance, distinct from both the classic Germanic stakeholder governance and the Anglo-American shareholder governance. It is often argued that this effectively solves the monitoring problem present in dispersed shareholder regimes. By giving the largest shareholders a presence on the NC, the nomination process encourages their direct engagement in the appointment process and mitigates the shareholder disengagement problems that aﬄ ict the UK internal system. Th is also works well with the Swedish ‘consensus-culture’ and close-knit society. Trust between the majority shareholder and minority shareholders is pivotal in Swedish corporate governance. Sweden www.ethicalboardroom.com

is famous for its extensive minority rights, including a strict board neutrality rule during takeovers that allows shareholders to decide on takeovers and the right to have a minority auditor appointed. Concerted activities among shareholders are encouraged rather than discouraged, as in the UK. Any single shareholder may both talk at the AGM and nominate directors to the board. Only one executive can be elected to a Swedish board, usually the CEO and approximately half of listed company boards do not include the CEO.

Strength of the Swedish nomination committee system Inspired by the Cadbury Code in 1992, the Swedish external NC was developed by the

The nomination committee can be instrumental in both promoting the type of large, long-term shareholdings that are a prerequisite to eﬀective engagement by institutional investors and a means by which that engagement is exercised Swedish Shareholders’ Association, with the support of a group of leading domestic institutional investors. It was put into practice for the fi rst time in 1993, after the failed merger between Swedish vehicle conglomerate Volvo and French Renault, which left Volvo without a board of directors, but it took until 2005 before the NC became standard Swedish procedure.

That Sweden settled for external shareholderappointed NC (rather than a board committee) can further be explained by the Swedish popular movement tradition, with civil society democratically structured (föreningstradition). In these organisations each member is assigned one vote and director nominations and elections occur with the help of external nomination committees, made up of members nominated by different groups at the AGM. To avoid the NC becoming dominated by a controlling shareholder, the Swedish Code states that at least one member must be independent of the largest shareholder. A typical NC will be made up of one or two representatives of the controlling shareholder, the chair (who is often associated with the controlling shareholder) and two or three (other) institutional investors. A number of studies show that the Swedish external NC has had a positive effect on shareholders’ engagement in the nomination process of directors. It has increased confidence in the board function, broken down the ‘old boys’ network’, enhanced the recruitment of female board members, put more focus on competencies, such as industry know-how and expertise, and reduced both the free-rider and collective action problems. Also, the external NC has professionalised board recruitment in small and medium-sized companies, where both executives and owners often lack access to a network of relevant qualified people. Winter 2019 | Ethical Boardroom 51

Board Governance | Committees The Swedish institutional investors´ commitment to engage in the NC is increasing. Research shows how Swedish institutional investors have begun to take larger stakes in investee companies that are evaluated over longer time horizons than was previously the case (Nachemson-Ekwall, 2017). In the process, institutional investors engage in the NC on a longer term basis, collaborating both with controlling shareholders and other long-term institutional investors.

Dilemmas related to the quality of independent directors

The Swedish external NC has drawbacks. One is that foreign institutional investors tend to abstain from participating, partly as a result of lack of familiarity with the process, and partly because they find it costly and time-consuming. Consequently, the NCs tend to be an all-Swedish affair. Secondly, there are potential divergences of interests between different types of shareholders, notably between large, well-informed and small, uninformed, shareholders. This is especially troubling in SMEs that often lack enough institutional capital. Thirdly, the NC is exposed to interventions by short-term and activist hedge funds as well as competitors (which might be large shareholders), thus limiting the information-sharing ability of the NC. The most delicate issue relates to the uncertainty of the integrity of the independent directors. The Code requires that at least two independent directors should be independent of the main shareholders. But this can be illusory. In the case where a shareholder or group of shareholders controls more than 50 per cent of the votes at the AGM, these owners effectively control the appointment of the entire board, including all the NEDs. Also, an extensive study of board activity in 36 large Nordic companies led by professor Sven-Erik Sjöstrand (2016) shows that dominant shareholders in general do not appreciate the work of the NC and handle the enrolment of the most significant directors outside of the NC. A survey made by proxy consultant Nordic Investor Services (2010) reveals problems

relating to insider information and institutional investor representatives, who are often corporate governance specialists, lacking company-specific competencies. A list of the institutional investors on the NC compiled from AGMs in 2016 reveals investment professionals sometimes engaged in more than 10 NCs. There are studies that highlight possible concentrations of power in the hands of the NC. When the NC only represents perhaps 10 to 15 per cent of the total shareholdings, it lacks true legitimacy in the eyes of minority

A flexible application of internal and external nomination committees may help to address conflicts of interests in corporate governance while promoting sustainable wealth creation in the interest of the company and its shareholders as a whole shareholders. The external NC also faces difficulties in dealing with controlling shareholders that do not wish to collaborate with minority shareholders. The book, Corporate Governance in Modern Financial Capitalism: Old Mutual’s Hostile Takeover of Skandia (Kallifatides, Nachemson-Ekwall and Sjöstrand 2010), suggests that the externally appointed NC may handle problems of short-termism or stakeholder interest only to the extent that a shareholder responds to social pressures and questions of legitimacy. In addition, the book highlights the tendency for institutional investors to ‘appoint their own’ rather than more representative members of the NC, as originally envisaged by the Swedish popular movement.

Reflections on how to move the NC forward

The British internal NC addresses some of the shortcomings in the Swedish external

NC, while at the same time having its own deficiencies. On the positive side, the UK procedure keeps the nomination process independent of any particular shareholding group and promotes the fair treatment of all shareholders. Britain has also become the role model for the implementation of a general Stewardship Code, addressing best practice for both institutional investors’ engagement in a dialogue with the board and the assignment of a special senior director to oversee a qualitative dialogue. On the other hand, the British ownership market is highly dispersed and suffers from a serious free rider problem, giving rise to the phenomenon of the ‘ownerless corporation’ with no investor playing a sufficiently active governance role. Neither the Swedish external, shareholder-led NC nor the UK internal, independent director-led NC is without its problems. It is unrealistic to believe that a Swedish-style NC could or should be adopted in a UK dispersed ownership system, nor that a UK NC would be appropriate in the Swedish dominant owner model. However, there might be advantages in combining elements of the two. For example, some board positions could be nominated externally and by internal committees or there could be greater scrutiny of internally nominated directors by an elected external committee. Above all, a flexible application of internal and external nomination committees may help to address conflicts of interests in corporate governance while promoting sustainable wealth creation in the interest of the company and its shareholders as a whole. References: Nachemson-Ekwall, S and Mayer, C (2018) Nomination Committees and Corporate Governance: Lessons from Sweden and the UK, Working paper, Saïd Business School nr. 12. Nachemson-Ekwall, S (2017) Leveraging on Home Bias: Large Stakes and Long-termism by Swedish Institutional Investors. Nordic Journal of Business. Vol. 66 No. 3, pp.128–158. Autumn. Nachemson-Ekwall, S (2018). Sweden: The Swedish Shareholders’ Association Proposes 200 Policy Changes to Strengthen the Voice of Small Shareholders International Company and Commercial Law Review, ICCLR. Issue 1. January.

ADDRESSING CONFLICT Boards must recognise the importance of the nomination committee

52 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

KEEPING IT ABOVE BOARD “Essential reading for boards who want to stay ahead of the governance curve”

Board Leadership • Board Governance • Activism & Engagement Technology • Regulatory & Compliance • Risk Management twitter.com/EthicalBoard

www.linkedin.com/company/ethical-board-group

Board Governance | Pay Gap DISSECTING GENDER PAY DISPARITY Less than 11 per cent of Russell 3000 CFOs are women

Pay disparity: How do female CFOs fare? Findings in gender pay inequality and opportunity disparity among CFOs at Russell 3000 companies Malcolm Adkins & Wes Hart

Malcolm is Vice President and Wes is MD at Pearl Meyer, Houston

While the UK is ahead in the process, gender pay gap and gender opportunity concerns are steadily making their way onto the list of top governance and compensation considerations for public company boards of directors in the US.

Numerous business publications have cast a spotlight on gender pay equity issues. Conversely, we’ve seen research from Harvard Business Review1 that may indicate female CEOs at US firms take home more than their similarly situated male counterparts, along with similar findings that once they make it to the senior management ranks, women may be paid up to 10 per cent more than their male peers.2 With this as a backdrop, we set out to thoroughly study data on CFOs at Russell 3000 companies to determine the scope and scale of both gender pay equity and gender opportunity disparity. We began with three avenues to pursue:

1 than their male counterparts? female CFOs make less (or more) 2 Do as a percentage of CEO pay than Do female CFOs make less (or more)

their male counterparts?

54 Ethical Boardroom | Winter 2019

number of female CFOs higher 3 Isorthe lower than we would expect,

based on basic demographic facts?

We chose to review the CFO position for a number of reasons: ■ Every company reports a principal financial officer (aka CFO) ■ With the exception of the CEO, this is the most universal and compatible position in a public company ■ Unlike operational executives (e.g. presidents and division heads), the core responsibilities of top finance positions are largely consistent, with CFOs and other senior financial leaders often moving between and across varying sectors and industries We based our study on information from Main Data Group, which provided the total compensation data for Russell 3000 CFOs, as well as the CEO to CFO pay ratio information based on proxies fi led in 2018.

Findings on pay disparity

Pay gap is the aggregate average female total compensation compared to the aggregate average male total compensation. Female CFOs make, on average, 90.7 cents compared

to $1.00 for males. Th is gap, however, is misleading as executive pay levels are strongly related to fi rm size and industry (and the distribution of women across fi rm size and industry vary meaningfully). To understand whether there are gender-based pay inequities, we completed an in-depth statistical assessment using multiple regression, which allows us to examine how multiple factors play a role in predicting compensation. Based on our comprehensive regression analysis, we were able to conclude that gender is not a statistically significant factor in predicting total compensation for CFOs in the Russell 3000. Said another way, from a statistical perspective, factors other than gender account for any pay inequities. Key variables that played a role in predicting individual compensation include company revenue and industry. Company assets, market cap, EVP status, total years of work experience and whether the firm pays dividends are also statistically significant but have a minor influence. Similarly, gender was not a statistically significant factor in predicting the ratio of CFO total pay to CEO total pay, nor did the presence of a female CEO influence CFO total pay levels.

Findings on opportunity disparity What does this mean? While our findings

www.ethicalboardroom.com

Pay Gap | Board Governance showed no pay inequity in the area of compensation as related to gender, there is unquestionably a disparity in opportunity based on gender at the CFO position. Overall, the percentage of Russell 3000 companies with a female CFO is 10.9 per cent. We would have expected to find 20 per cent to 25 per cent of the CFO ranks to be female. Th is clearly indicates that companies have a long way to go to achieve gender opportunity parity throughout the executive ranks. With US employment low and companies riding a robust economic wave – at least for the time being – in many industries, it is surprising that companies may be leaving talent on the sidelines. Across the various company size-by-revenue bands, the percentage of female CFOs is fairly consistent. We do see that the largest companies (more than $5billion in revenues) are more likely to have a female CFO and the smallest companies (under $150million in revenues) are least likely to have a female CFO (see Figure 1). However, we found a wide opportunity disparity across industries, as sorted by their major Global Industry Classification Standard (or GICS) code (see Figure 2). Generally speaking, operating executives, such as subsidiary presidents and top division executives, are very industry-centric with deep knowledge of the industries in which they operate. On the other hand, legal, accounting and financial disciplines tend to require less industry-specific expertise. So, then why is the prevalence of female CFOs so much higher in certain industries, such as consumer discretionary, materials, and IT, as opposed to others such as telecom, real estate and energy?

Conclusions: discover challenges and provide opportunities

So where do we find ourselves? When it comes to opportunity and the position itself, women make up nearly half of the employed US labour force and enrol and graduate from higher education institutions at rates higher than men, yet less than 11 per cent of Russell 3,000 CFOs are women. And, while the results regarding any possible gender-based pay equity at the position may seem surprising, there may be several more obvious driving factors that set the CFO position apart, the most likely being that CFO pay levels are required to be disclosed publicly and benchmarking compensation levels across peers provides a straightforward source of pay equity information. Where they have female named executive officers (NEOs), companies may be consciously, or unconsciously, positioning CFO pay competitively for all those visible individuals to signal both to the external market and to various internal constituencies that the company does not have a gender pay disparity issue. Of course, opportunity disparity is another matter. www.ethicalboardroom.com

We do see that the largest companies (more than $5billion in revenues) are more likely to have a female CFO and the smallest companies (under $150million in revenues) are least likely to have a female CFO Perceived challenges to addressing opportunity disparity: ■ Recruiting and retaining women in some industries may be difficult ■ Differences in negotiating style may impact promotion and salary increases ■ Limiting impact of maternity leave on women’s career progression ■ Ensuring performance metrics do not have implicit gender bias ■ Managing risks: litigation, financial and reputational Potential opportunities for improvement: ■ Examine career paths and opportunities, and aggressively determine ways that position women as higher performers in the same way as other successful employees

■ Assess and mitigate gender biases in performance evaluation processes ■ Broaden the array of talent definitions ■ Consider ‘career re-entry programmes’ and not solely for women and/or former employees, but for anyone with high potential who has left the workforce for a meaningful period of time In addition to rethinking perceived challenges and exploring opportunities to improve, companies will want to examine themselves broadly to mitigate the typical situation where below a certain level within the organisation women and men are equally represented but above a certain level, usually mid- to upper-management, there are markedly more men than women. Th is pattern is often quite stark. For example, one level in the company may be 48 per cent to 50 per cent female but the next level up is over 70 per cent male. Finally, companies should adopt a mindset that it is a competitive advantage to take the lead in attracting and retaining a diverse talent pool, particularly from underrepresented and underutilised groups. We Know Female CEOs Get Paid More, But We Don’t Know Why, Harvard Business Review, March 13, 2017 Leslie L, Manchester C, Dahm P. Why and When Does the Gender Gap Reverse? Diversity Goals and the Pay Premium for High Potential Women, Academy of Management Journal. 2016;60(2):402-432. doi:10.5465/amj.2015.0195 1

FIGURE 1: FEMALE CFOs REPRESENTATION BY COMPANY REVENUE Under $150m

8.3%

$150m to Under $499m

11.2%

$500m to $1bn

11.0%

$1bn to $2bn

10.7%

$2bn to $5bn

10.6%

$5bn to $15bn

13.3%

over $15bn

14.0%

All firms

10.9%

FIGURE 2: FEMALE CFOs BY INDUSTRY Materials (15)

15.0%

Consumer discretionary (25)

14.8%

Financials incl. banking (40 )

11.7%

Information technology (45)

11.2%

All firms

10.9%

Real estate (60)

10.8%

Consumer staples (30)

10.2%

Health care (35)

9.3%

Utilities (55)

9.0%

Industrials (20)

8.8%

Energy (10) Telecommunication services (50) 0.0%

6.9% Source: Main Data Group

Winter 2019 | Ethical Boardroom 55

Board Governance | Technology

THE POWER OF DIGITAL How software can enable positive change in your business’ communication channels Fraser Doig

Product Marketing Executive, Ideagen

Companies of every size will struggle with communication issues at one point or another. But as organisations grow and expand globally, the ability to communicate effectively gets more and more difficult and the associated risks get more and more critical. Failures in communication and effective collaboration between the various arms of the business (as well as the all-important head) can lead to chronic workplace problems, such as frequent mistakes, a drop in efficiency, failed expectations and poor morale. Making developmental changes are a crucial part of improving those channels of communication and this is where the internal audit and risk management functions are perfectly placed to offer vital assurance that such changes are implemented and acting as intended. If managed correctly, honesty and transparency are paramount and, with them, a whole plethora of positive outcomes can be realised. In order to make the most of this however, building relationships and working collaboratively with the board, audit and the risk department as well as other stakeholders is the key to success. Thankfully, in today’s digital age, new and innovative software solutions are bringing ways to enable this type of interconnectivity, helping businesses across the world to grow, drive sales and improve customer experience.

Age of digital transformation The driving force behind the need for more effective digital communications is that we are increasingly reliant on digital solutions to drive our business. New technologies are rapidly changing the way companies look at how they operate and communication is a key priority for now and the future. In order to stay relevant and continue to deliver value to customers in the age of digital transformation, it is imperative that businesses embrace not only the 56 Ethical Boardroom | Winter 2019

technological changes that are impacting the world, but also the cultural change that comes with it. Th is means critically evaluating what ‘business as usual’ looks like, identifying where the shortcomings are and taking action on what improvements need to be made. The enormous value that effective communication brings to businesses – particularly though internal audit – is an area that Tracie Marquardt, chartered professional accountant and Europe’s leading audit communication specialist, is extremely passionate about. Marquardt has been training, coaching and consulting audit teams in Europe, Asia, Africa and the US since 2005, working with more than 20 of the DAX30, multiple European organisations and privately owned global companies. Back then, Marquardt realised that there was a gap in the knowledge of many businesses: “Historically, technical audit skills were always thought to be the most important. Nowadays everyone, from the Institute of Internal Auditors (IIA) to LinkedIn groups, recognises that communication skills are even more important. One can learn the technical skills, but that’s not enough anymore to be successful. Relationships are key and communication skills help one build stronger relationships.” Globalisation is one of the biggest drivers for this emphasis on communication. As well as physical borders, time zones, language barriers and cultural differences all impact an international organisation’s ability to convey their message in a clear and transparent way. Marquardt understands the important role internal audit has to play in enabling this. “I believe internal audit is perfectly positioned to facilitate positive change in their organisations,” she says. “My passion is helping them communicate their key messages clearly, concisely and persuasively on an international stage. It’s important because auditors don’t just work in their native countries anymore: they travel the world and work in multicultural environments. Therefore, they need to be culturally aware and employ communication skills at every turn. My goal is to help them do their job successfully. Excellent communication skills ensure better audit results and therefore more added value to the business.” Th is isn’t merely the opinion of one person: better communication is proven to bring added value to businesses, as

evidenced by a Willis Towers Watson study, which demonstrated that, by implementing effective communication measures to share their value proposition across the business, organisations were able to generate 47 per cent higher total returns compared to organisations that failed to prioritise internal engagement.1 When the needs of the business and the stakeholders are understood clearly, results can be delivered confidently and efficiently. These principles are just some of the

Technology | Board Governance benefits Marquardt sees coming from effective communication in internal audit. “Audit departments can benefit enormously from this, as it helps to build trust and confidence and facilitates cooperation between different areas of the business,” she says. “Auditors have to walk the walk, not just talk the talk. By being curious and aware, as well as asking excellent questions and being excellent listeners, auditors can go above and beyond being mere box tickers to supporting the business’ decision makers with key insights.” Th is is clearly seen as a must-have for organisations today. A recent IIA study, Core Competencies of Today’s Internal Auditor, found that communication skills ranked

fi rst and second for internal audit staff and managers. 2 Another IIA study found that more than 50 per cent of CAEs consider communication skills to be the top attribute they look for in new team members. 3 Without it, organisations risk creating a disconnected structure with little capability for collaboration and fragmented communication processes. Such an approach also fails to meet the needs of the senior executive management team and the board of directors. “It doesn’t make sense for internal audit to work in a silo with no communication and collaboration with the rest of the business,” says Marquardt. “Knowing the objectives, understanding the strategies, risks

and opportunities – this is the only way to truly add value to the business.” Developing this close relationship with senior management is one of the best ways internal audit can prove to be invaluable to an organisation. When auditors know what the board really cares about, they are able to communicate exactly what it is the board needs to know, not what the auditor thinks is important. When they understand the objectives and strategies that are driving the business, the audit strategy is focussed on the right areas and risks – both existing and emerging. In order to do this effectively, it is widely recognised by institutions such as Deloitte4 and the IIA5 that innovations in technology are enhancing the impact and influence of both internal audit and risk management.

DRIVING DIGITAL TRANSFORMATION Innovative technology is boosting the power of internal audit

www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 57

Board Governance | Technology

Digital communication: a step towards greater assurance

It is not merely the efficiencies of a more streamlined workflow and a central, paperless system that software can provide. Many organisations have come to realise the positive changes to organisational structure that occur in their business after implementing software. With a more structured, logical and productive way of working, employees become more forward-looking, they are more engaged with stakeholders and become more focussed on delivering great business value. A UK-based financial company came to discover this when it implemented risk management software in an effort to integrate and digitalise its work. Since doing this, the fi rm have managed to transform the way they communicate risk throughout the business, as it now finds that everyone has ownership of their own risks and it has much better, useful conversations. Since implementing the software, the company has more effective discussions about

emerging risks and is able to take a more forward-looking approach to future risks. Just as Marquardt instils the principles of effective communication into the audit departments she coaches, the software application helps this financial company’s employees work together to do their jobs successfully. All the fi rm’s risk managers are aware of what they need to do and they are able to provide updates in real time when everyone is together. This change in attitude has had far reaching repercussions, enterprise-wide and has seen the software grow into an integral part of its operations. The software is now used by their compliance, audit and business continuity departments and is applied to a variety of functions, from data protection to incident and action tracking. Risk management – a function that was once considered to be the 58 Ethical Boardroom | Winter 2019

remit of a select few experts – is now on the radar of every member of the business and is being made visible on a departmental and an organisation-wide level. Whether it’s an internal auditor conducting risk assessments, a manager tracking actions, an analyst logging incidents or a senior executive accessing reports, the software brings it all together into a central system that gives everyone the complete picture. These are benefits that have had a major influence over how the organisation operates: its culture has changed and the maturity of its risk function has significantly improved. This culture shift is the crucial difference that installing software has made to the business. Better communication means that there is less ambiguity, individuals are able to be more concise and be instigators of positive change. When the work is made easier through software, organisations find that they can do much more and they can do it more efficiently and effectively. Being risk-aware has become a mindset and with that mental awareness comes a more tangible

lagging in terms of level of risk management programme investment and maturity, and 74 per cent of global risk management executives state that their ability to forecast critical risks will be more difficult in three years. The primary reason for this, according to those surveyed, is a ‘continued lack of cross-organisation collaboration’. It is Gartner’s opinion that ‘by 2021, more than 50 per cent of large enterprises will use an integrated risk management solution set to provide better decision-making capabilities to propel digital business’. For companies of every size, trying to communicate and collaborate through paper-based or legacy systems is almost guaranteed to lead to greater risk exposure. Manual processes are inherently slower, with more mistakes inevitably slipping through the cracks. Further exacerbating this, channels of communication often end up being a combination of paper and digital, using tools that have been acquired over a long period of time. Th is means that making changes to the status quo will be much more difficult. Communication in a digital TRANSFERRING DATA business is fully integrated, meaning that Software enables vital information can be accessed quickly businesses to transfer from a centralised location. Given that new complex information risks are emerging almost daily and having a much greater impact on businesses than ever before, it is no wonder that more organisations are investing in software. Having the capability to transfer complex information between multiple stakeholders while under pressure is crucial for effective, informed decision making during a crisis, or indeed any high-stakes environment. It is undeniable that digital transformation is a momentous driver of organisational change this century. It is up to those organisations to ensure that they take the necessary steps to keep To truly see the value digital up to date with these changes transformation can bring to the and don’t expose themselves to business, organisations must also unnecessary risk. Implementing robust software that facilitates embrace the cultural change that clear lines of communication will allow them to adapt and grow and collaboration within the business is just one step on the preparedness to deal with future and journey towards technological maturity, but existing risks. With the software, the it is a vital one that enables developmental business now has better accountability, has change and better assurance. To truly see improved the way it measures progress and the value digital transformation can bring increased the level of communication across to the business, organisations must also the organisation from departmental staff to embrace the cultural change that will allow board members. them to adapt and grow. Engaging with board members on matters 1 https://www.towerswatson.com/en/Insights/IC-Types/ of issues such as risk was recently identified Survey-Research-Results/2009/12/20092010as a critical necessity by Gartner, the Communication-ROI-Study-Report-Capitalizing-onEffective-Communication 2https://na.theiia.org/iiarf/ global research and advisory firm, in its Public Documents/Core-Competencies-for-Todaysexamination of integrated risk management. Internal-Auditor.pdf 3http://theiia.mkt5790.com/ What it found was that, at the pace with CBOK_2015_10_Imperatives/?webSyncID=250ba7560930-797b-ac37-0465dd5e7824&sessionGUID=b2769018which the business risk landscape is evolving, e7c4-ed67-b48d-11e1c9a03468 4https://www2.deloitte. many industries are struggling to keep com/content/dam/Deloitte/at/Documents/risk/at-deloitteup. In fact, 65 per cent of CEOs and senior global-chief-audit-executive-survey-2018.pdf 5https:// executives believe their organisation is www.iia.org.uk/media/1689824/risk-in-focus-2019.pdf www.ethicalboardroom.com

LOOK TO THE IIA FOR RESOURCES ADDRESSING ETHICS, GOVERNANCE, BOARD-LEVEL CONCERNS, AND MORE

Visit The IIAâ&#x20AC;&#x2122;s new Stakeholder Resource Exchange to gain an in-depth understanding of internal audit best practices. Sign up for a free subscription to Tone at the Top, a bimonthly publication with concise information and perspective on top-of-mind issues and guidance for boards, audit committees, and senior management.

2017-0871

www.theiia.org/StakeholderResources

Board Governance | Risk

Prioritising a board’s New Year’s resolutions In early 2018, the National Association of Corporate Directors (NACD) in the US released its Governance Outlook: Projections on Emerging Board Matters report. It listed areas that board members said they most needed or wanted to improve on (see Figure 1). Since it is early January 2019 as I write this article, the items on the NACD board improvement priorities immediately evoked memories of New Year’s resolutions from years gone by – a ﬂeeting, good idea often created in an euphoric/intoxicated state on New Year’s Eve, but one that is often quickly discarded in favour of activities that are easier to address – e.g. I want to lose 25 pounds, I want to improve my fitness, I should drink less, I want to reduce my golf handicap by five, etc. A key question the NACD should have asked right after it asked the survey question, is ‘what tangible steps are you and/or your board(s) going to take in 2018 to actually improve on areas you say are the most important board improvement areas?’ I suspect, and a new NACD 2019 update survey confi rms, that progress on these self-identified top 2018 board improvement priorities has been slow. In my experience this is because boards generally have not been demanding and discerning customers of the information they receive from 60 Ethical Boardroom | Winter 2019

Directors need to be more demanding and discerning customers to meet escalating risk oversight expectations Tim J. Leech

Managing Director, Global Operations at Risk Oversight Solutions management, risk specialists and internal auditors. An alternative, and very plausible, explanation for slow progress on these priorities is that director responses to the 2018 NACD survey are more akin to New Year’s resolutions – not really top/urgent priorities if they are really hard to do. Th is article discusses the top four 2018/2019 improvement priorities identified in NACD surveys by directors; lists what I see as the top ‘risks’/barriers to boards actually achieving them; and closes with a single tangible, and relatively easy, step directors and boards that really want to stick to their top board improvement resolutions can take to improve.

Board improvement 2018/2019 The board’s understanding of risks and opportunities affecting company performance Th is improvement priority has taken on new

importance as powerful institutional investors have started to demand evidence that boards are actively participating in the company’s strategic planning process. Larry Fink, CEO of BlackRock – the world’s largest investment fi rm controlling trillions of investment dollars – reiterated the importance it attaches to this dimension of board performance in his January 2018 letter to CEOs of the biggest companies in the world. He Said: “In order to make engagement with shareholders as productive as possible, companies must be able to describe their strategy for long-term growth. I want to reiterate our request, outlined in past letters, that you publicly articulate your company’s strategic framework for long-term value creation and explicitly aﬃ rm that it has been reviewed by your board of directors. Th is demonstrates to investors that your board is engaged with the strategic direction of the company. When we meet with directors, we also expect them to describe the board process for overseeing your strategy.” Fink goes on to elaborate why BlackRock and many other powerful institutional investors around the world are focussed on this dimension: “The board’s engagement in developing your long-term strategy is essential because an engaged board and a long-term approach are valuable indicators of a company’s ability to create long-term value for shareholders. Just as we seek deeper conversation between companies and www.ethicalboardroom.com

Risk | Board Governance

Risks/barriers to improving the board’s understanding of risks and opportunities affecting company performance

Some CEO’s don’t want boards to know the risks that could impact top strategic objectives Although it is unfortunate, some CEOs still prefer boards that are largely passive and don’t ‘interfere’. In some cases, these CEOs have played a major role in selecting board members who are less likely to aggressively challenge the strategic direction they want to pursue. Some CEOs discourage robust discussions of risks to strategy in fear that boards won’t approve the direction they want to pursue. Boards often receive very little information on the real top risks to strategies being proposed/implemented The reason institutional investors are escalating their demands for increased visible involvement of boards in strategic planning and oversight of top value creation objectives isn’t because the majority of boards are doing a fine job already on this dimension. It is www.ethicalboardroom.com

because it simply hasn’t been happening at a level satisfactory to major institutional shareholders in a lot of corporations. Why it hasn’t happened may not be more complicated than boards haven’t demanded it, perhaps because board members who are/were CEOs and CFOs don’t/didn’t provide their boards with much rigorous information on risks to top objectives. A less sinister reason is providing boards with a proposed strategy that comes with tough, objective, and rigorous risk assessment analysis simply isn’t the way it’s been done in the past. Strategic planning staff and senior executives engaged in strategic planning have often not been trained to formally identify, assess and report on risks to top objectives I completed a quick review of the ﬂedging strategic planning professional associations that have emerged along with curricula at top MBA schools. There was little mention of the need for strategic planning specialists, or senior executives generally, to learn technical, state-of-the-art risk assessment

treatment strategies, if any have been identified, isn’t very high. ERM frameworks used by risk groups around the world are primarily ‘risk centric’ not ‘objective centric’ and often don’t link directly to strategy or performance Research surveys regularly confirm that the vast majority of ERM frameworks in use in the world today focus on what could go wrong/hazard type risks, often in isolation from objectives or performance on top strategic objectives. Few companies today start the ERM process by creating a list of top value creation/strategic objectives (objectives capable of driving sustained value creation over the longer term) and value preservation objectives (objectives that could seriously hurt share value if not achieved), and then decide which of those objectives warrant the cost of formal risk assessment. Even fewer ERM frameworks call for conscious decisions from senior management with board oversight on the level and sophistication of risk assessment rigour (i.e. the amount of

FIGURE 1: FOR YOUR BOARD, HOW IMPORTANT ARE IMPROVEMENTS IN THE FOLLOWING AREAS OVER THE NEXT 12 MONTHS Top 10 most important board improvement areas based on % ranking improvement over the next year as ‘important’ or ‘very important’) The board’s understanding of risk opportunities affecting company performance

71%

The board’s monitoring of the strategy execution

67%

The board’s contribution to the strategy development process

67%

Source: 2017-2018 NACD Public Company Governance Survey

shareholders, we also ask that directors assume deeper involvement with a firm’s long-term strategy. Boards meet only periodically, but their responsibility is continuous. Directors whose knowledge is derived only from sporadic meetings are not fulfi lling their duty to shareholders. Likewise, executives who view their board as a nuisance only undermine themselves and the company’s prospects for long-term growth.2 The NACD report confi rms that the 2018 top board improvement priority is still the number one priority for board directors they surveyed in late 2018: “It’s therefore no surprise that for the second year in a row, according to results from the 2018–2019 NACD Public Company Governance Survey, a large majority of directors, almost 70 per cent, report that their boards need to strengthen their understanding of the risks and opportunities affecting company performance. They believe that their boards struggle to keep pace with fast-moving developments that can create or destroy business value. In a 2018 NACD poll, 62 per cent of board members said that they view atypical, disruptive risks as much more important to the business environment today as compared to five years ago (and none said that they were less important). In the same poll, only 19 per cent of board members reported that they are either extremely or very confident in management’s preparedness to address atypical, disruptive risks, while an overwhelming 82 per cent of them indicated that they were either extremely or very confident in management’s ability to address known risks.”3

Oversight of risk management

58%

CEO succession planning

58%

The quality of dialogue with management

58%

The follow through on recommendations coming out of board meeting

58%

The candour of board discussions

58%

Oversight of M&A The rigour of board decision-making

skills. Two McKinsey strategic planning experts who authored a very relevant book called Strategy Beyond the Hockey Stick, talk about massive slide deck presentations to boards on management’s proposed strategic plan where a discussion of risks is relegated to slide number 148, perhaps in the hope that boards have glazed over by then and aren’t paying much attention. Many board presentations on corporate strategy I have reviewed over the past 30 years from global companies I have worked with provide only passing mention of ‘risks’ to strategy, but it is obvious that the level of rigour applied to come up with the top risks to the top strategic objectives, particularly the top residual risks after considering management’s pro-forma risk

57% 56%

time and effort they believe specific top strategic objectives warrant). When risks are shown in isolation from the objectives they relate to the still very popular corporate ‘risk heat maps’, it implies you can assess and make good resource allocation decisions fi xating on specific risks in isolation. In reality, most objectives have 10 or more important risks that create uncertainty that the objective will be achieved. Objectives frequently conﬂict and compete for corporate resources and executive and board attention. When risks are analysed in isolation, not analysed in terms of the composite impact of multiple risks on the certainty of achieving an objective, it is very common that wrong and dangerous conclusions are reached on acceptability of the residual risk position. Winter 2019 | Ethical Boardroom 61

Board Governance | Risk Internal audit work not linked directly to top value creation and value preservation objectives For more than 30 years I have promoted the idea that internal auditors should link all their work, including the audit plan, audits, and all audit reports, to top value creation and value preservation objectives. It is disappointing, but fair, to say that after 30 years of diligent global effort, I have convinced only a small percentage of internal auditors globally to move from traditional process-centric/ control-centric/compliance-centric/ risk-centric methods to objective-centric risk assessment. I tried convincing the Institute of Internal Auditors (IIA) a few years ago to offer training to teach internal auditors how to conduct objective-centric risk assessments. I made some progress, but there was no willingness at the IIA at the time to actively promote objective-centric risk assessment driven and owned by management with quality assurance done by risk groups (the second line), and internal audit (the third line) as a core audit method. Even when COSO ERM 2017 framework update unequivocally confirmed all enterprise risk work should start with corporate strategy and top objectives to achieve those strategies, few risk groups or internal audit departments have made the move to objective centric assessment, perhaps because of the lack of visible and strong support from risk specialist associations and the IIA. This is true in spite of the fact the IIA is a founding member of COSO since the late 80s and, presumably, had significant input into the COSO ERM update.

Top four board improvement priorities are highly correlated The NACD fall 2018 survey confirms that the number one board improvement priority for 2018 has taken on even greater importance and is still the number one board improvement priority for 2019. The top four 2018 highly correlated board improvement areas cited earlier include:

The board’s understanding of risks and opportunities affecting company performance The board’s monitoring of strategy execution The board’s contribution to the strategy development process Oversight of risk management

2 3 4

All four top board improvement priorities are significantly impacted by the risks to priority number one, described above. The core reasons that these four highly correlated areas are still top board improvement priorities include the following: Strategic planning and formal risk assessment It has not been standard practice 62 Ethical Boardroom | Winter 2019

in many companies to submit corporate strategies being considered and supporting top objectives to rigourous risk assessment processes. Many executives who drive the strategic planning process have little or no formal risk assessment skills training. This means less reliable fact-based information on the key ‘risks’ that create uncertainty that strategies being considered and supporting objectives will be achieved. Corporate strategy documents rarely include information on the key ‘risk treatments’ planned to manage top risks identified, if any. Lack of agreement on what the word ‘risk’ means A large percentage of companies around the world as well as internal auditors and risk specialists would appear to have not really embraced the generally accepted definition of the word ‘risk’ – ‘the effect of uncertainty on the achievement of objectives’ (ISO 31000 2018). Without an objective there can be no ‘risks’. It would seem logical that top objectives should warrant the most rigorous risk assessment efforts. If one really accepts the ISO 31000 2018 definition of ‘risk’, a definition very close to the COSO ERM 2017 definition, it would seem obvious that

It is disappointing, but fair, to say that after 30 years of diligent global effort, I have convinced only a small percentage of internal auditors globally to move to objective centric risk assessment applying formal risk management methods to a company’s strategic plan should be a mandatory step in all companies. Since corporate strategy and supporting objectives are almost always considered to be the obvious ‘top strategic value creation objectives’, it would seem logical that they should also be candidates for fairly rigourous risk assessment – both during the formulation of strategy and after when the strategies and supporting objectives are being implemented. All too many companies, explicitly or implicitly, define ‘risk’ as bad things that could happen. The new COSO ERM framework released in 2017 calls for radical changes to how enterprise level risk is approached in the majority of companies. Unfortunately, it appears the COSO ERM update has had limited impact to date. Because many corporate strategies don’t include much in the way of disclosing top residual risks to achievement, or strategies to treat those risks it makes it difficult for boards to do a better job on priorities 1 to 4

To have a really engaged discussion of strategy and supporting objectives, the process must be designed to encourage it. This is not the case at many organisations. Even a quick read of the McKinsey principles book Strategy Beyond The Hockey Stick makes it clear the strategy development approach at many companies does more to discourage board engagement in strategic planning and oversight of implementation than it does encourage it. Companies need to do a better job of articulating what management sees as top risks to strategy and how they plan to treat/respond to those risks if boards are going to increase their engagement in the strategy development and execution phases. (Note: ‘treat’ is the word ISO 31000 uses. ‘Respond’ is the word COSO ERM uses.) Few companies today use a risk assessment methodology that links objectives, risks, risk treatments and performance I have believed for more than 25 years that it is absolutely essential that the risk assessment methodology used for ERM frameworks and internal audit should start with top objectives; identify and assess risks – situations that create uncertainty that the objective will be achieved; identify what ‘risk treatments’ are in place to treat top risks; and clearly describe performance produced by management’s decisions on how to treat risks. Unfortunately, in spite of my best efforts, only a small percentage of companies today use a risk assessment approach that includes all those elements. Demonstrating correlation between top objectives, risks, risk treatments and performance is a key element that must be present if management at all levels is going to accept responsibility for risk management and reporting and boards are going to more effectively participate in and oversee the strategic planning process. Few companies see any role for their risk functions when one exists or internal audit in strategic planning In a significant percentage of companies today, internal audit departments and risk functions were created to respond to regulatory requirements, not add real business value. Few were created by CEOs or boards who see these functions as a way to help the company increase certainty/reduce uncertainty that top value creation/strategic objectives will be achieved. Unfortunately, the traditional methods used by a majority of internal audit departments and risk functions today are such that CEOs who have taken this position are, in fact, quite justified in their decision not to encourage/require involvement of risk functions and internal audit in strategic planning or oversight of implementation of strategic plans. The traditional methods used by risk groups and many internal auditors today are not well equipped to provide important roles in www.ethicalboardroom.com

Risk | Board Governance strategy development and risk assessment of strategy and supporting objectives. What can boards that really want to achieve their top improvement priorities do? It’s simple – require the company/companies they oversee to implement objective-centric enterprise risk management and internal audit. Companies all over the world have implemented some combination of processcentric, risk-centric, control-centric, and compliance-centric assurance methods. This is the main reason boards now cite the four top improvement priorities listed earlier and institutional investors are unhappy. Few have implemented management-owned, objectivecentric assurance that starts by defining top value creation/strategic objectives; and top value preservation objectives; make conscious decisions on who will be the ‘owner/sponsor’ responsible for assessing and reporting on the objectives, the target level of risk assessment rigour; and who, if anyone, will provide independent assurance on those objectives. This simple step immediately forces true integration of effort between the first, second and third lines in the popular ‘three lines of defence’ framework. The first line owns responsibility for doing formal risk assessment on strategies and objectives that are deemed important enough to warrant the cost of formal risk assessment. The risk group, where one exists, the ‘second line’, is responsible for helping the first line do a good job on this task and objectively reporting on progress and reliability of management’s reports on risk status linked to top objectives. Internal audit, ‘the third line’ is responsible for providing independent assurance on assessments done by the first with the help of the second line and providing reports to the board on the entity’s risk management processes. CEOs, the fourth line, and the board, the fifth line in the framework we promote, oversee and actively participate in the process (see graphic, right).5 A diagram showing the core elements of the objective-centric risk assessment approach we promote is below. The focus is on knowledgeable decisions on the acceptability of what we call ‘residual risk status’ and ‘certainty’ of achieving top objectives. It is the only methodology I am aware of that explicitly links objectives/ risks/risk treatments and performance data. More details on what objective-centric ERM is and the business case for change can be found in an article in Conference Board STEP 1 Populate ‘objectives register’ with top value creation and value preservation objectives

RiskStatuslineTM End result context (implicit or explicit)

Internal/external context Threats to achievement/risks Risk treatment strategy Risk mitigators/controls Risk transfer, share, finance

(Selected consciously or unconsciously)

Residual risk status/certainty

Acceptable?

NO Re-examine risk treatment strategy and/or objective and develop action plan

STEP 2 Assign objective owner/sponsors and identify risk assessment rigour (RAR) and independent assurance level (IAL) targets www.ethicalboardroom.com

External and internal environment The organisation seeks to achieve its objectives Threats to achievement/risks These are real or possible situations that create uncertainty regarding achievement of the objective Risk treatments Manage uncertainty that the objective will be achieved by mitigating, transferring, financing, sharing or accepting risk Residential risk status Information helps decision-makers assess the acceptability of the retained risk position and the level of certainty that the objective will be achieved. (Status data includes performance data, potential impact(s) of not achieving the objective, impediments and any concerns regarding risk treatments in place) Is the residential risk status/certainty acceptable to the work unit? Management? The board? Other key stakeholders? (i.e. managed within risk appetite/tolerance)

YES

Acceptable? YES – MOVE ON

Director Notes/Harvard Governance Blog titled Board Oversight of Long Term Value Creation and Preservation: What Needs to Change and the spring 2017 issue of Ethical Boardroom titled Building Businesses for the Long Term: Focussing ERM and Internal Audit on What Really Matters: Long Term Value Creation and Preservation.

The way forward

Public company board members surveyed by the NACD in late 2017 and 2018, many whom are on the boards of global companies, have been clear on what they most need/want to improve on. I believe that the primary reason these areas have been identified as top priorities by directors is because the

STEP 3 Confirm decisions made in steps 1&2 on objectives register, risk assessment rigour and independent assurance levels with the board

Statement of an end result objective e.g. customer service, product quality, cost control, revenue maximisation, regulatory compliance, fraud prevention, safety, reliable business information and others

STEP 5 Consolidated report including ‘composite residual risk ratings’ prepared for senior management and the board

STEP 4 Owner/sponsors complete RiskStatuslineTM and internal audit/ other assurance groups complete independent assurance work

companies they oversee do not use objective-centric assurance methods. This article recommends that directors that really want to improve their performance should simply demand that the company/companies they oversee implement objective-centric ERM and internal audit. This easy and simple step will lead to dramatic and immediate improvement on the top four improvement priorities identified by board directors. It will also respond to increasingly strident calls from powerful institutional investors for increased engagement of boards in strategy development and oversight and, most importantly, increase certainty/reduce uncertainty that top value creation and value preservation objectives will be achieved while operating within the company and board’s risk appetite/tolerance. 1 2018 Governance Outlook: Projections on Emerging Board Matters, National Association of Corporate Directors (NACD), January 2018 2Larry Fink’s Annual Letter to CEOs, January 2018 ( https://www.blackrock. com/corporate/investor-relations/larry-fink-ceo-letter as of January 2019.) 32019 Governance Outlook: Projections on Emerging Board Matters, National Association of Corporate Directors, (http://bit.ly/2VmWKAE) 4https:// corpgov.law.harvard.edu/2017/08/24/board-oversight-oflong-term-value-creation-and-preservation/ 5see http:// bit.ly/2P3J6iA for more details on Five Lines Of Assurance

Winter 2019 | Ethical Boardroom 63

Global News Europe

Renault unveils board shake-up Renault has appointed a new chairman and chief executive after Carlos Ghosn (below) resigned from both roles. Michelin CEO Jean-Dominique Senard (right) joins as new chairman and Ghosn’s former deputy Thierry Bolloré as CEO. Ghosn resigned following his arrest in Japan amid claims of financial impropriety. The scandal has rocked the French car maker and its alliance with Japan’s Nissan and Mitsubishi Motors. Renault holds around 43 per cent of Nissan, which in turn owns a controlling 34 per cent stake in Mitsubishi Motors. Nissan, the biggest partner in the alliance by sales, has a non-voting 15 per cent stake in the French partner.

German investors challenge pay reforms Investors have criticised proposals by Germany’s corporate governance commission to crack down on opaque bonus schemes at all listed German companies. According to FT.com, investors say the reforms are too inflexible and that shareholders should get a legally binding vote rather than an advisory vote on pay schemes. The draft corporate governance code calls for the introduction of clawbacks to bonuses, giving a company’s supervisory board the power ‘to retain or reclaim variable remuneration if justified’ by ‘extraordinary developments’. The new draft also suggests that long-term incentive plans should be entirely stock based, with shares vested for four years.

Over-60s dominate UK boardrooms The number of chief executives of FTSE 100 companies who are aged more than 60 has doubled over the past 20 years, according to the UK Spencer Stuart Board Index for 2018. At the end of 2018, there were 19 chief executives of FTSE 100 companies in their sixties – but the age of all board members is also increasing. The 2018 study found that, on average, FTSE 100 chief executives have been in post for 5.1 years and are aged 54.3 years. Spencer Stuart said the average age of non-executive directors in all UK companies was 60.6 years, with men averaging 61.3 and women 58.

64 Ethical Boardroom | Winter 2019

Pernod Ricard under activist scrutiny Activist hedge fund Elliott has put pressure on French spirits group Pernod Ricard to improve its governance and investor returns. In December, Elliott revealed it had taken a 2.5 per cent stake in Pernod Ricard – the world’s second-biggest spirits maker, which sells Martell cognac and Jameson whiskey. Elliott said it had identified ‘inadequate’ corporate governance with a ‘lack of outside perspectives’ as a key reason that Pernod Ricard has underperformed its peers. In response, Pernod Ricard has appointed business veteran Patricia Barbizet to the newly created role of lead independent director. Pierre Pringuet, the former CEO of Pernod Ricard, will step down from his role as vice chairman of the board of directors, but will remain a director.

Former Tesco boss takes legal action Chris Bush, former managing director of Tesco, has launched legal against the supermarket chain, claiming unfair dismissal after he was cleared of false accounting and fraud. Bush, along with fellow director John Scouler, had been accused of masterminding a fraud that triggered the biggest financial crisis in the supermarket chain’s 100-year history. But the pair were acquitted after a judge at Southwark Crown Court dismissed a case brought by the Serious Fraud Office (SFO), stating it was ‘so weak’ it should not be before a jury. Tesco’s shares plummeted by nearly 12 per cent, wiping £2billion off the share value, when it announced in September 2014 it had previously overstated profits by a quarter of a billion pounds. According to City A.M., Bush — who worked for Tesco for more than 30 years – has instructed law firm Slater and Gordon in an employment claim alleging unfair dismissal against Tesco.

www.ethicalboardroom.com

Relax. You’ve got a strong partner by your side. At the Swiss Exchange, you benefit from unique strengths: the highest market share of Swiss equities and the widest range of asset classes. All traded with the fastest and most secure tech nology. So you can stay relaxed in any market situation. And be cause we are constantly evolving, this partnership also helps you advance. You can count on it: www.six-swiss-exchange.com

Corporate Governance Awards | Introduction

Corporate governance high on Europe’s agenda European Award Winners 2019 Corporate governance is an issue high on the agenda in Europe. In the UK, new directors’ remuneration requirements for quoted public companies form part of a substantial package of corporate governance reforms. The country’s biggest companies now have to disclose and explain every year their top bosses’ pay and the gap between that and their average worker. Following the introduction of the new regulations – which came into force at the start of the New Year – it is now a statutory requirement for UK listed companies with more than 250 employees to disclose annually the ratio of their CEO’s pay to the median, lower quartile and upper quartile pay of their UK employees. Alongside the pay ratio reporting will be a new statutory duty on companies to set out the impact of share price growth on executive pay outcomes. Th is duty was established to provide more transparency for shareholders and to allow them to assess whether discretion had been exercised before pay awards are fi nalised. In France, Pernod Ricard – the French spirits maker under pressure from activist investor Elliott – has appointed French

66 Ethical Boardroom | Winter 2019

businesswoman Patricia Barbizet to the newly created post of lead independent director on its board, in a bid to improve its governance. According to the company – the world’s number two in wines and spirits – Barbizet’s new role will be in charge of the board’s shareholder engagement

In the UK, new directors’ remuneration requirements for quoted public companies form part of a substantial package of corporate governance reforms

relationship and will submit proposals to continue to improve and reinforce Pernod Ricard’s governance profi le. Barbizet will also chair the company’s nominations, governance, sustainability and responsibility committee. The company claims such evolution of Pernod Ricard’s governance reflects the company’s willingness to strive for continuous improvement. In Germany, a redrafting of the country’s corporate governance code outlines an intention to ‘allow as many as possible investors to use the code when assessing corporate governance of German companies’. The objective of the code’s reform is to ensure that it better fulfi ls its ambition to promulgate standards that are essential in the view of as many stakeholders as possible. The Ethical Boardroom Corporate Governance Awards recognise and reward outstanding companies who have exhibited exceptional leadership in the area of governance. The awards highlight the important role that corporate governance plays in dictating a company’s success and a board’s contribution to the creation of long-term value. Ethical Boardroom is proud to announce its Corporate Governance Awards Winners in Europe.

www.ethicalboardroom.com

The Winners | Corporate Governance Awards

AWARDS2019 Beverage Diageo PLC

EUROPEAN WINNERS

Automotive Volvo Group Sweden

Financial Services Barclays PLC Oil & Gas Royal Dutch Shell PLC UK Leisure & Hospitality TUI AG Transportation & Logistics Deutsche Post DHL Group

Engineering Schneider Electric SE

Insurance Allianz SE Germany

Pharmaceutical Sanofi S.A. France

Conglomerate Nestlé S.A Switzerland

Telecommunications Teléfonica S.A.

Aerospace & Defence Leonardo S.p.A. Italy

Utilities Iberdrola S.A. Spain

www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 67

Europe | Gender Diversity

Where are the women in ECA boardrooms? When I first began advising companies in Eastern Europe and Central Asia (ECA) on corporate governance some years ago, the degree of uptake on issues around gender diversity in the boardroom was minimal. Today, it’s a different story.

Often, when I meet with representatives of companies that work with the IFC, they acknowledge the importance of diversity. They readily volunteer information about the number of women on their boards and their path to improving gender diversity throughout the organisation. Some of this attitude shift can be attributed to the increased global spotlight on gender inequality. It’s also a result of seeing first movers reap the benefits from the presence of women on their boards. There’s another dynamic at play as well. Companies in the region are faced with a new reality: investors care about this issue. And it will become increasingly diﬃcult to raise funds without demonstrating commitment to diversity. IFC, for instance, has mainstreamed a focus on environmental, social and governance considerations, including boardroom diversity, into its core investment due diligence – part of its overarching mission to create markets and equal opportunity. Progress towards aligning with international good practices in these areas is now a condition of IFC financing. Women currently represent 30 per cent of directors we place on the boards of our investee companies worldwide and we are pushing toward a goal of full parity by 2030. While investors are looking for more transparency on the diversity issue as they conduct their investment due diligence, activist shareholders and proxy advisors are also putting pressure on their portfolio companies, demanding more on the gender front. Despite the heightened awareness, the situation in boardrooms throughout the region is only slightly better than it was a few years ago. Consider this: in Eastern Europe, women held about 8.5 per cent of board positions as of 2016, according to the International Labour Organisation – just a small uptick from the average of 7.9 per cent in 2012. In Turkey, about 61 per cent of companies listed on the Borsa Istanbul 68 Ethical Boardroom | Winter 2019

Five ways to accelerate the pace of change Merima Zupcevic Buzadzic

IFC’s Corporate Governance Lead for the Europe and Central Asia region reported having female board members at year-end 2018, with women representing about 15 per cent of directors of large Turkish company boards. Here, the overall trend is positive, with a 27 per cent increase in the number of women on large Turkish company boards since 2014. On the other hand, in Czech Republic, Latvia and Slovakia there are fewer women on boards today than in the past.

Board diversity contributes to better company performance

Business studies on gender diversity have repeatedly shown that companies with gender-diverse management teams and boardrooms achieve better financial results on average than companies with homogeneous management and boards. A 2016 OECD report showed that companies with gender-diverse executive committees outperformed those without women in senior positions, achieving an average of 47 per cent higher return on equity and 55 per cent higher gross income. A 2018 Harvard Business Review survey of 1,700 companies in eight emerging and developed markets found a ‘statistically significant’ relationship between diversity in leadership and increased innovation. In Eastern Europe and Central Asia, studies such as a 2018 report by Sabanci University’s Corporate Governance Forum have also connected gender-diverse leadership with an increased focus on ethical conduct and risk mitigation. Th is represents an important role for female leaders in a region characterised by a comparatively under-developed private sector in the early stages of growth. Taken together, such findings should represent a powerful motivating force for ECA companies to prioritise diversity in leadership. Yet, progress remains slow. In fact, it seems as if company decision-makers themselves remain puzzled by this disconnect. After one recent presentation on the business case for diversity in the boardroom and C-suites of ECA companies, an audience member

– a principal in a financial institution – approached me with an interesting observation. “We don’t need to be persuaded of the business case. We know it’s there,” he said. His point: it is one thing to appeal to the rational side of human nature. That will only go so far and there will always be sceptics. It is another thing entirely to persuade people that changing the status quo – one that is often rooted in a complex stew of gendered societal, cultural and family expectations – to achieve a new and more equitable normal is an imperative that yields broader benefits over the long term. How can we accelerate the pace of change, to upend long-held traditions and help ECA companies thrive over the long term by increasing the number of women in leadership? Here are five suggestions.

generational shifts 1 Address in what workers value

Estimates suggest that Millennials will represent 46 per cent of the workforce by 2020. And younger workers – who eventually become the seasoned talent pool from which managers are selected – are accustomed to a different reality than their parents’ generation. They are used to working in collaborative and diverse teams as they likely did at university and they expect a similar level of diversity at work as well as equal pay for equal work. They are more attuned to work-life balance and more concerned about environmental and social stewardship. They will tailor their job searches accordingly, meaning that companies that fail to place a greater priority on such issues could be at risk of losing out on top talent – including capable women who have the potential to become future leaders.

the ‘leaking pipeline’ 2 Fix of female talent

In many countries and in certain industry sectors, there’s a nearly equal divide between the number of male and female entry-level workers. As workers transition into mid-career managerial posts, gender imbalances become more apparent, due in part to the number of women who drop out of the workforce or slow down their career development paths to focus on the family. Th is causes leaks in the pipeline of women with the potential to ascend through the most senior ranks of management. And, since management experience is a key www.ethicalboardroom.com

Gender Diversity | Europe criterion for board qualifications, the drop-off reduces even more the number of women with the skills and expertise to ascend into the boardroom. Itâ&#x20AC;&#x2122;s a global problem that also affects ECA. Only 20 per cent of fi rms in the region have female top managers, IFC research from 2013 has found. And, while there are countries in the region, such as Belarus, where the share of fi rms with women in top management is among the highest in the world, there are also places like Kosovo, which has almost no companies with women at the top. Encouraging women to remain in the job and work their way up the corporate ladder to grow the pipeline requires action on multiple fronts: implementing women- and family-friendly workplace policies, such as ďŹ&#x201A;exi-time arrangements, providing child-care benefits and encouraging women to return to work after stepping off the career track by rewarding alternate experience and offering transitional opportunities for women to ease back in.

GENDER DISPARITY IN EASTERN EUROPE Women in the region hold just 8.5 per cent of board positions

www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 69

Europe | Gender Diversity

female managers 3 Promote into front-line roles

The lack of experienced women with the qualifications to ascend to board positions means that when there is an external push for greater diversity – say as the result of a regulatory requirement or a demand from an activist shareholder – the risk increases that the resulting board appointments are simply tokens. The designated women might not be up to the task. It’s not necessarily because they lack the smarts, skills or business savvy. Rather, it could be that their career trajectory didn’t give them the hands-on exposure to core operations that would enable knowledgeable contributions to board discussions on strategic direction. Frankly, the optics of this situation are worse than if there were no women on the board at all. To address this issue, heightened attention should be on the career trajectory of mid-

professional, I have presented on the value of diversity in leadership to hundreds of male and female business leaders. The single most common thing I hear from the women – regardless of age, experience level or industry – is that they are not comfortable when they reach that long-wanted directorship. The reasons vary. Some do not feel accepted as an equal to their male colleagues and worry that they got the position because of their gender and not their qualifications. Others are insecure about their skills and capabilities. Still others simply feel lonely, since most are the only female member and therefore feel like the odd (wo)man out. Conquering that little voice inside women’s heads that tells them they are not up to the task is a monumental challenge. At IFC, we’ve seen first-hand that women – even the most accomplished and experienced – need training and coaching on how to assert themselves, how to tap into their own

PREPARING FOR A FUTURE DIRECTORSHIP Women in senior positions need to seek out additional challenging assignments

career female managers. In Eastern Europe, the talent pool clearly exists, with women representing 25 to 40 per cent of the midsenior level management ranks in countries throughout the region. But a look beneath this statistic reveals clear stratification by gender and job function: female managers typically supervise departments that support core business functions, while male managers oversee key operational and financial units. The ILO study cites a recent survey of 100 companies by the Montenegro Employers Federation, which found that around 80 per cent of these firms’ female managers work in human resources, communications, or public relations. Important as these functions are, female managers should be encouraged to seek out – and be given equal access to – additional challenging assignments and key operational responsibilities. This will increase their exposure to the broader range of experience and better prepare them fora future that might include board directorships.

in women’s 4 Invest professional development

In my role as a corporate governance 70 Ethical Boardroom | Winter 2019

strengths to build their personal leadership style and how to communicate in high-powered, male-dominated settings. We have teamed with local organisations in Bosnia and Herzegovina, Kazakhstan, Kosovo, Macedonia, Serbia and Ukraine to offer workshops specifically designed to prepare high-potential women for board service. The feedback from participants has been remarkably positive, with many noting a greater degree of self-confidence that has stayed with them well after the training.

the visibility of 5 Raise female candidates

In meetings with company representatives, I often hear a common refrain when I raise the issue of board diversity: ‘we’d like to appoint a woman, but the nominating committee doesn’t have any qualified female candidates’. It’s not that the candidates aren’t there, though. It’s that they might not be visible to those with power over the nominations process who may be relying on their own male-dominated social or business networks to identify prospective directors. Pulling together information on qualified candidates who fall outside of these

networks and making this information easily accessible helps address this issue. Such a seemingly simple fix is having demonstrable results. For example, the database created by Turkey’s Independent Women Directors at Sabanci University is helping Turkish companies tap into a pool of candidates previously unknown to the companies’ nominations committee. Beyond tokenism and merely ticking the diversity box, such databases ensure that companies committed to increased female representation can identify candidates who meet the company’s business needs. Other efforts, such as the global ‘Ring the Bell for Gender Equality’ events associated with International Women’s Day, are raising the profile of female leaders as well. Last year, such events were held at 65 stock exchanges around the world, including those in Istanbul, Tbilisi and Bucharest, highlighting the push for more gender diversity on boards.

The single most common thing I hear from women — regardless of age, experience level or industry — is that they are not comfortable when they reach that long-wanted directorship More work needed

I am encouraged by the successes I have witnessed: a woman-founded small enterprise that grew into a significant market player under her leadership; a board chairman who told me that adding women to his board opened his eyes to unaddressed risks and new opportunities; male business leaders who are speaking to large audiences of their peers about the benefits of gender diversity. Yet, much work remains, particularly in a region with tremendous potential but very real economic and social challenges – including high youth unemployment – and where key industry sectors, such as manufacturing and energy, remain predominantly male. Accelerating the pace of women joining the boards of companies in all industry sectors stands to make a real difference, contributing to private sector growth, expanded economic opportunity and job creation. www.ethicalboardroom.com

WHAT ARE YOUR SHAREHOLDERS LOOKING AT?

More and more institutional investors are integrating ESG factors into their investment processes and creating ESG investment products. MSCI ESG Research provides in-depth research, ratings and analysis of the environmental, social and governance-related business practices of companies worldwide, including: • More than 7,500 publicly traded companies and 650,000 equity and fixed income securities • Over 8,300 corporate, sovereign and government-related issuers • And the holdings of 30,000 mutual funds and ETFs

MSCI ESG Research is committed to robust and transparent engagement with all corporate issuers in our coverage universe. Contact us: esgissuercomm@msci.com

Europe | Directors in Spain

Spain’s ‘micro-proprietary’ directors Several months ago, Georgeson decided to address a challenging and complex issue: to consider the role of the proprietary director – who, in some cases, could be considered an independent director, despite the fact that under Spanish law they cannot be defined as such. A proprietary director is someone who is nominated by shareholders based on the extent of their shareholding. Th is situation, the causes of which are explained below, is creating difficulties for Spanish companies in several aspects related to the configuration of the board of directors’ structure and functioning of its committees. It also has an impact on their own shareholders, especially foreign investors, who, on occasion penalise these type of investors at the general meetings. For all, puts Spanish companies at a disadvantage when compared with other comparable jurisdictions. Recent legislation in Spain has meant that any director with a significant shareholding (normally considered three per cent or more) cannot be considered independent. However, in Spanish companies there is a phenomenon that we have coined ‘micro-dominicales directors’, that is, directors with a three to 10 per cent shareholding, that also comply with the main criteria for being considered an independent director. These micro-dominicales directors are the focus of this article. In Spain, advances in corporate governance matters have intensified in recent years, including several measures in the Spanish legal system, the last of which was the passing of the Spanish Companies Act in December 2014.1 This included, among other reforms, improvements to general shareholders’ meetings, powers of board of directors, mandate terms, mandatory existence of certain committees (such as the appointments 72 Ethical Boardroom | Winter 2019

Spain’s ‘micro-dominicales’ director status should be addressed by the country’s regulators Claudia Morante Belgrano

Head of Corporate Governance at Georgeson for Spain

and remuneration committee), as well as responsibilities of the board secretary. As part of these reforms, and for the first time, different categories of company directors, which until now had been merely recommended, were enshrined and defined in law as ‘executive’, ‘proprietary’, ‘independent’ or ‘other external’. The problem arises with the definition of two of these types of directors, proprietary and independent. ■ Under the new Act, the law does not distinguish between proprietary directors who represent controlling or reference shareholders and proprietary directors who represent significant minority shareholders (i.e that represent between three and 10 per cent) ■ Meanwhile, according to current Spanish law, an ‘independent director’ can not be considered independent if he or she has a significant shareholding. In most cases this means having issued share capital of three per cent. In other words, the current law defines directors with a three per cent or more shareholding as not being independent. These definitions mean that: ■ Spanish companies have greater difficulties when it comes to setting up their boards of directors and cannot benefit from a uniform and adequate level playing field with comparable environments in other jurisdictions

■ Moreover, the legal definition of ‘proprietary director’ prevents directors that represent shareholders who do not have a controlling share from being classified as independent directors. Th is is despite the fact many of them could be classified as such under other regulations and/or voting policies of institutional investors and also by some proxy advisors Th is has led to proprietary directors submitted for approval at general meetings being voted against in cases where the company does not meet the minimum threshold of independence. Th is situation is especially critical because many such proprietary directors who are penalised are really micro-proprietary directors and who, for practical purposes, could be considered independent from a foreign investor’s point of view. Growth in the weighting of foreign institutional investors in the share capital of Spanish listed companies suggests that a new, practical approach – that incorporates improvements using evidence-based analysis – is required in order to make the figure of proprietary director more flexible. Georgeson recognise that the role of the proprietary director could be more flexible to help Spanish companies, but only through the development of regulatory mechanisms and adjustments that would, in turn, allow greater flexibility when compared with other companies around the world. We joined forces with law fi rms Uría Menéndez and Davis Polk & Wardwell to investigate this area, the fi rst empirical analysis of this issue in Spain, in order to understand the singularity of the Spanish experience and propose such a change to the issue of micro-dominicales using the experience and knowledge of the investment community.

Investigation

Researchers conducted two analyses: www.ethicalboardroom.com

Directors in Spain | Europe ■ To understand what the market demanded in terms of proprietary directors and independence; an analysis of the main proxy advisors’ guidelines (ISS, Glass Lewis and ECGS); and the voting policies of the top 100 foreign institutional investors of Spanish listed companies. Such analysis focussed on the share capital limit that would mean a director could be considered independent They concluded there was consensus among proxy advisors and institutional investors that, in order for a director to be considered independent, the maximum limit in terms of issued share capital, was 10 per cent (see table, right) As the table shows, proxy advisors, except ECGS, have a limit of 10 per cent.2 In the case of institutional investors, of the 66 per cent that publish this information, a large proportion (48 per cent) establish a threshold of 10 per cent or more, while 11 per cent have a policy based on local criteria. It therefore follows that this percentage could even add up to 59 per cent, if the regulations change. ■ 130 Spanish listed companies belonging to the Ibex-35 and Continuous Market also analysed to identify listed Spanish companies that had board members with directors that could be affected. 3 In other words, researchers wanted to identify those companies with board directors that generally comply with the different requirements of independence and do not have, or represent, any controlling shareholder, but are linked to a shareholder that owns a significant participation (more than three per cent, but less than 10 per cent of capital). To complete the analysis, researchers also examined the most frequent variables that could affect the independence of a director. These included:

Findings

Criteria analysed

■ Directors with less than 10 per cent of the issued share capital (direct and indirect shares)4 ■ Directors without related party transactions5

1Proprietary directors

398 board members of 130 companies

2 Board

members with less than 10% issued capital

121 board members of 61 companies

3 Board

members with no third party transactions

61 board members of 35 companies

Proxy perspective:

Advisors

10% ISC

ISS Glass Lewis ECGS

< 10% ISC

Top 100 institutional investors perspective: 66% ordinarily make the information public

48% establishes the limit at 10% or more 11% are based on local practice 7% establishes the limit at less than 10%

■ Directors who have been on the board less than 12 years, which is the maximum time period a director can be classified as independent according to Spanish regulations ■ Non-overboarded directors – microproprietary directors should not hold too many directorships in order not to compromise their effective dedication6 ■ Directors that comply with a minimum cooling off period (i.e. a proprietary director needs to be completely disassociated from and have no relationship with the company for five years) Following the analysis of 35 companies in the Ibex-35 and 95 belonging to the Continuous Market, it was possible to conclude that just over a quarter (25.5 per cent) of the companies that have proprietary directors on their boards were in this situation; that is, 35 directors at 28 companies fulfi lled all the most relevant requirements to be considered independent (see graphic, below).

Main conclusions

■ Although the research gave only a snapshot of the situation, the fact that more than 25 per cent of Spanish listed companies are affected by it is concerning. Accepting that this analysis has been undertaken in a specific period of time and new directors will be appointed, while others will leave suggests that the problem is well and truly alive and could affect more companies ■ From the regulator’s point of view, it is noteworthy that the National Securities Market Commission (CNMV) has stated several times that it is looking at the

4 Board

members with less than 12% years on the board

40 board members of 30 companies

5 No

‘overboard’ members

39 board members of 30 companies

7 companies Ibex-35 www.ethicalboardroom.com

Local practice is applied Has a policy for Spain where local practice is applied 3% ISC

6 No problems

regarding ‘cooling off period’ to be considered independent

35 board members of 28 companies

21 companies Continuous Market

difference between micro-proprietary directors and independent ones, and that it could be possible to ‘open the door’ so that such directors can even chair appointments and remuneration committees ■ In November, the CNMV submitted a technical guide on appointments and remuneration committees for public consultation, with the aim of providing best practice recommendations to enable such committees to improve the performance of their duties.7 In the guide, the concept of ‘micro-proprietary’ is already introduced, thereby establishing in the recommendations that among the composition of such committees ‘... it is considered desirable that, in case[s]… [where]…there are proprietary directors among its members, these are preferably ‘micro-proprietary’. When it comes to publicly-traded companies, we believe that appointments and remunerations committees face new challenges, specifically; ■ In order to successfully carry out their duties, they should address the competencies and skills their boards should have: one of the very issues for institutional investors during the recent proxy season in Spain ■ In this context, it is the duty of appointments and remunerations committees to oversee the existence of a ‘board skill matrix’, based on board of directors’ criteria regarding profile needs. Some institutional investors are increasingly interested in this process and also in how these committees provide the necessary mechanisms to ensure that boards have the required skills and structures to meet the challenges they face. For example, a key area most recently highlighted anecdotally by investors is the level of knowledge and ability of boards to deal with cyber breaches While the CNMV completes its efforts to articulate the position of micro-proprietary directors, appointments and remuneration committees should strive to engage with investors in order that such directors should be considered, at least initially, within the parameters of current thinking on market independence. Th is is especially relevant for those boards with this type of director. It will be interesting to see what the CNMV concludes. Footnotes will be run in full online.

Winter 2019 | Ethical Boardroom 73

Activism & Engagement | UK Stewardship Code

TIME FOR A CHANGE The Financial Reporting Council is looking to overhaul the UK Stewardship Code

74 Ethical Boardroom | Winter 2019

www.ethicalboardroom.com

UK Stewardship Code | Activism & Engagement

Looking forward:

The UK Stewardship Code The Code has led the way but needs to be stronger on social issues & ethics The UK Stewardship Code was first published by the Financial Reporting Council (FRC) in 2010. It followed the 2009 Walker report on the governance of banks and other financial institutions, which was prompted by failings in the banking system during the financial crisis. Sir David Walker suggested that the responsibilities of institutional investors should be placed on a fi rmer regulatory footing. The fi rst edition of the Code was based on the then Institutional Shareholders Committee’s investment principles. The goal of the Code was to improve the practice of stewardship of UK listed companies by institutional investors. In 2012, the Kay Review concluded that the purpose of equity markets, to enhance the performance of UK companies and enable savers to benefit was hampered by short-termism, caused by a decline in trust and misalignment of incentives through the equity investment chain. The Review recommendations included changes to the Code to expand the role of stewardship and require investors to engage with companies on strategy as well as corporate governance. Following the review, the FRC consulted on revisions and an updated Code was issued in 2012.

Introduction of ‘tiering’

The Code’s signatory base grew quickly and, by 2012, Code signatories represented 40 per cent of listed equity assets under management in the UK. By June 2016 there were 305 signatories to the Code, of which 215 were asset managers, 75 asset owners (pension funds, endowment funds and charities) and 15 service providers (investment consultants, proxy advisers and research providers). Over this time, the FRC annually assessed the quality of signatory statements. Th is assessment showed that while there were some excellent examples of stewardship reporting, the quality of statements varied, and there

www.ethicalboardroom.com

Jen Sisson

Chief of Staff, Financial Reporting Council were too many perfunctory statements which gave little insight into the quality and practice of stewardship. For this reason, in 2016 we asked signatories to more clearly report on their approach to stewardship. Signatories were tiered according to the quality of their statements against the Code’s Principles. The goal was to distinguish between signatories that reported well and demonstrated a commitment to stewardship and those where improvements were necessary. The tiering exercise resulted in more transparency and improved reporting against the Code and was a first step in signalling higher expectations of stewardship practice. As a result, some investors decided not to be signatories of the Code, but now there are again

In 2010, the UK Stewardship Code was world leading. In the eight years since release, there has been a significant shift in the landscape in which the Code operates more than 300 asset owners, asset managers and service providers who are committing to higher standards of stewardship.

Why are we revising now?

In 2010, the UK Stewardship code was world leading. In the eight years since its release, there has been a significant shift in the landscape in which the Stewardship Code operates. The changing nature of the UK investment market, developments in international stewardship and changing political and societal expectations mean the time is right to consider how to strengthen the Code. At its core, this update is about addressing the stewardship ‘market’ as well as concerns about the Code itself. In 2014, the Law Commission reviewed the legal concept of fiduciary duty with regards to

investment. It stated that ‘there is no impediment to trustees taking account of environmental, social or governance (ESG) factors where they are, or may be, financially material’ and recommended that the government should clarify that it is part of trustees’ duties to consider long-term systemic risks, such as climate change. Building on this, in 2014 the Law Commission also issued its report on pension funds and social investment, which carved out a critical distinction between ESG and ethical factors and began to explore options for regulatory reform. In 2016 and 2017, The Pensions Regulator (TPR) updated guidance for defined contribution and defined benefit schemes respectively, advising that trustees need to take all factors that are financially material to investment performance into account, including ESG factors. In 2018, the Department for Work and Pensions (DWP) issued amendments to the Occupational Pension Schemes Regulations. The investment regulations require funds to take ESG factors into account in their Statement of Investment Principles and disclose a stewardship policy. The governance regulations require the TPR to update its code of practice to cover how the trustees’ system of governance considers ESG factors in investment decisions and assess new or emerging risks, including climate change. There has been a surge in the publication of stewardship codes internationally, with more than 20 countries developing their own codes for stewardship. Although largely based on the UK Code, some of these codes have introduced new requirements or set higher expectations in some areas. For example, higher expectations of ESG integration and commitment to adequate resourcing for stewardship. The UN Principles for Responsible Investment has grown into a major force in the global investment community. In 2018, the PRI has more than 2,300 signatories with combined assets under management of more than $100trillion. This global commitment to responsible investment is reflective of an overall trend; responsible investment, stewardship and ESG integration is becoming more and more mainstream.

Winter 2019 | Ethical Boardroom 75

Activism & Engagement | UK Stewardship Code There has been a variety of other important about investor activity being driven by and influential initiatives, including the short-term financial gain and the lack of EU High Level Expert Group on Sustainable understanding of the fiduciary duties owed Finance, the Sustainable Stock Exchanges to the various stakeholders within the group, the Social Impact Investing Task investment ecosystem. There are also force and many others that are also practical challenges, including fee pressure contributing to a change in governmental on asset managers impacting investment in and public expectations of the role of the stewardship resources and the large numbers asset management industry and the EU of investments held by typical funds. Shareholder Rights Directive (SRD), which There is also a risk that asset owners, will be implemented by the UK in June 2019. who might not be as engaged in stewardship Among other provisions, the Directive will issues as they could be, ‘discharge’ their introduce a ‘baseline’ stewardship code for all stewardship duties to asset managers, institutional investors and asset managers in creating little incentive for asset managers the UK. These minimum requirements consist and investment consultants to pursue better of a mixture of mandatory public disclosures standards of stewardship. and ‘comply or explain’ provisions. The Code has been criticised for no longer MOVING FORWARD being cutting-edge, for being too focussed The Code on the relationship between asset managers needs to and companies and ignoring the rest of the evolve to be ﬁt for investment ecosystem. This makes it hard the future to apply for asset owners and others, which impedes its ability to create a market for stewardship. The Code is currently focussed only on equity investment and doesn’t effectively speak to investments in bonds and other assets and it does not make specific reference to ESG matters, putting it behind other international codes, such as Australia and Japan. Finally, reporting by signatories focusses on policies and principles, rather than on activities and outcomes. The FRC has openly acknowledged these issues and the tiering process has been helpful in The Code has showing were improvements been criticised for need to be made.

What are we trying to achieve?

no longer being cutting-edge, for being too focussed The dispersed and on the relationship fragmented ownership of between asset the UK investment market means that these are not managers and easy challenges to solve. companies and What are we ignoring the rest of the investment proposing? We are reshaping the ecosystem Stewardship Code to make

We wish to have a Code that sets a new, substantially higher bar for the policy and practice of stewardship, which delivers sustainable values for investors and benefits for the economy and wider society. Our extensive outreach with asset owners, asset managers, investment consultants, proxy advisors, companies and other interested groups, along with our initial consultation on the direction of the Stewardship Code, part of the review of the UK Corporate Governance Code, has helped us to identify some common areas of concern with the stewardship ‘market’ in the UK. People feel there is a disconnect between asset owners and asset managers, with little consideration of the interests of ultimate beneficiaries. The rise of passive investment has led some to believe that passive investors cannot engage in stewardship activities effectively – this is a misconception. Others worry 76 Ethical Boardroom | Winter 2019

it stronger, clearer and fit for the future. Our consultation, open until 27 March 2019, proposes a new Code that addresses the concerns raised and puts it back in position as a world leader. Signatories are being asked to report on their own purpose, values and culture, which aligns the Code with the UK Corporate Governance Code and ensures that the right stewardship behaviours are embedded across the signatory’s business. We are broadening the Code to include activities taken pre-investment that will allow it to set high standards for asset owners and asset managers with regard to how they

integrate their stewardship responsibilities into their investment processes, including investment decision making, mandate design and other activities. We are also including a wider range of asset classes, and asking signatories to use the resources rights and influence available to them to exercise stewardship, no matter how capital is invested. The new Code reflects significant developments in sustainable finance, responsible investment and stewardship since the 2012 Kay Review. It recognises the materiality of environmental, social as well as governance (ESG) factors, and signatories are expected to take account of these factors when fulfi lling their stewardship responsibilities. The Code aims to contribute to further demand for an engaged approach to stewardship and investment decision making, which is aligned to the investment time-horizons of beneficiaries. Th rough more detailed provisions and guidance, we are making the Code more applicable to a range of different investment community actors. The Code does not prescribe a single approach but allows signatories to demonstrate high-quality stewardship that is aligned with each signatory’s business model, objectives and activities to fulfi l obligations to beneficiaries and clients. The structure of the Code is now like the UK Corporate Governance Code, with numbered sections, principles and provisions, accompanied by guidance and resources. With this alignment, the new Code aims to improve trust in business through encouraging the investment community to play its part in developing successful companies. Perhaps one of the biggest changes is the reporting expected of signatories to the Code. All signatories, regardless of their category, will be required to make public disclosures about their stewardship activities and their assessment of how effectively they have achieved their stated objectives. This is not restricted to reporting on policies. Reporting will now be in two parts, a statement upon signing the Code and an annual activity report. We hope this reporting will be useful to clients and beneficiaries, allowing leaders to shine a light on the good work they are doing and stakeholders to hold to account those who are stewarding investments on their behalf.

How to respond to the consultation

We need to hear from you! The FRC welcomes comments on the proposed revisions to the Code and a full list of consultation questions can be found in the consultation paper on our website. Comments on the questions set out in the consultation document are requested by 27 March 2019. Responses should be sent by email to stewardshipcode@frc.org.uk www.ethicalboardroom.com

Featuring all sides of shareholder activism and corporate governance

www.13dmonitorconference.com

Activism & Engagement | ESG

ENGAGING IN ESG Climate change, plastic and SDGs are front of mind for investor dialogue The active environmental, social and governance (ESG) dialogue between investors and companies has seen a dramatic growth in importance in recent years. This will certainly continue in 2019, but which topics will be front of mind for the investor dialogue?

Among the many sustainability focus areas for investors, a top three can be identified. First, a dialogue about climate change action with high carbon-emitting companies is here to stay. Next to this, single-use plastic is quickly emerging as a solid topic for engagement due to growing awareness about plastic pollution and upcoming regulation. Lastly, the Sustainable Development Goals will gain solid ground as a common framework and a common language in the engagement dialogue between companies and investors.

on climate 1 Focus change action

remains a key priority

Climate change will remain an important topic for many industries. Fossil fuels and energy-intensive industries still account for about 70 per cent of greenhouse gas emissions. Companies in high-emitting sectors, such as oil and gas, electric utilities and chemicals, are therefore key players in the energy transition. The car and real estate industries are also significantly affected by this development; buildings account for 30 per cent of energy use globally. Recently, many reports were published to show the need for regulators and the private sector to act on this issue. Stronger regulation is expected, and companies will need to deal with it. It is important for investors to take the risks and opportunities of climate change regulation and developments into account in their investment process. Next to this, structural engagement between investors and companies in high-emitting sectors in investor portfolios will contribute to requesting further change. As part of the biggest ever collaborative engagement between investors – Climate Action 100+ – investors make their expectations clear. In this initiative, companies are requested to implement a 78 Ethical Boardroom | Winter 2019

Carola van Lamoen

Head of Active Ownership, Robeco strong governance framework that clearly articulates the board’s accountability and oversight of the climate change risks and opportunities that they face. Companies are also asked to integrate climate risks into their regular risk management framework in order to identify, assess and manage the transition and the physical risks. Furthermore, companies are expected to implement measures and take action to reduce greenhouse gas emissions. Th is includes investments in clean technologies and initiatives that can meet emissionreduction targets. Finally, companies are asked to implement the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD) in their reporting to shareholders and other stakeholders. The number of shareholder proposals on climate change action will continue to be considerable and many of those proposals will be targeted at the most carbon-intensive

The plastic waste problem, including the ocean littering that creates a plastic soup is growing, leading to increasing consumer awareness and regulatory pressure. This also contributes to the expected rapid growth in the reduction of single-use plastic in the engagement efforts of investors sectors. The information coming out of engagement programmes with companies in carbon-intensive industries can be incorporated in the investment decision-making processes of investors. The materiality of ESG issues on the sector and companies’ performance on these issues, will be assessed.

of single-use 2 Reduction plastic: an emerging

topic for investors

The economic progress that has been made in the past comes at a price that is

currently not visible in the profit and loss accounts and balance sheets of companies – the external costs of it. The number of people on our planet is continuing to rapidly increase from 7.5 billion people today up to an expected 10 billion people in 2050. Next to this increase in sheer numbers, many people are moving forward in terms of improving their living standards, which means the old way of our linear economy in making, using and disposing of products is no longer tenable. The expected growth in use of energy, steel, grain products and water will be high for the coming decades and is probably underestimated. The question is whether this is feasible. With this growth in population and resource use, the pressure on the environment will increase even further. At current rates of urbanisation and population growth, global waste generation is estimated to rise to 2.2 billion tons per year by 2025, which translates into 1.42 kg of waste per person per day. So, a different way of thinking is needed: moving from linear to circular; taking the life cycle analysis of products into account in the design. Embedding circular principles into operations will reduce resource consumption, improve resource efficiency and reduce the overall cost of waste management, which is good for the bottom line. The importance of this topic is also reflected in the United Nations Sustainable Development Goals (SDGs), which are discussed later. SDG 12 covers responsible consumption and production, and its sub-clause 12.5 specifically targets the substantial reduction of waste generation through prevention, reduction, recycling and reuse. We specifically see single-use plastics as an issue that is fast rising in importance. Th is is witnessed by the growing amount of shareholder proposals that focus on this issue, such as the shareholder proposal at McDonalds in 2018 to phase out plastic straws. Th is risk is acknowledged by a growing number of investors, many of whom (including Robeco) have joined the Plastic Solutions Investor Alliance collaborative engagement group. A number of companies in the food industry are already taking action on plastic reduction. However, plastic waste is not just a risk for companies: innovation, and thinking about replacing plastic, can also bring opportunities. Packaging companies www.ethicalboardroom.com

ESG | Activism & Engagement

FOCUSSING ON SUSTAINABILITY Companies are integrating climate risks into their risk management framework

focussing on the development of high-quality paper straws are an example of this. The plastic waste problem, including the ocean littering that creates a plastic soup is growing, leading to increasing consumer awareness and regulatory pressure. This also contributes to the expected rapid growth in the reduction of single-use plastic in the engagement efforts of investors. This engagement can focus on companies that use single-use plastic packaging, with the aim of stimulating the transition to recyclable, reusable and/or compostable packaging. Key sectors with whom to discuss this topic are the food and beverage sector and the packaging industry. www.ethicalboardroom.com

SDGs: A common 3 The language in investor dialogue

The Sustainable Development Goals have made quite some impact since their launch by the United Nations at the end â&#x20AC;&#x201C;of 2015. They were agreed upon by many stakeholders around the world, including companies, governments, academics and NGOs. Since the launch of the goals, many asset owners and asset managers have assessed their existing investment portfolios and engagement strategies against them and have started to use them in engagement conversations. The Sustainable Development Goals have quickly become a generally recognised

framework, but although they give a common framework of targets, there is no common framework yet on how to measure the impact that companies can make towards achieving them. Many investors are collaborating on this impact measurement question. In 2019, steps towards harmonisation of the means of measuring the SDG impact can be expected. Robeco and other investors around the globe are contributing to this. There is a growing number of investors that includes the SDGs in their engagement dialogues with invested companies and it is very clear that the amount of investors taking this into account will continue to rise rapidly in 2019 and beyond. Winter 2019 | Ethical Boardroom 79

Activism & Engagement | ESG

Environmental, social & governance ratings Environmental and social proposals continue to be a main focus for investors. So, how do they judge their worth? Environmental, social & governance (ESG) ratings are top-of-mind for public company officials and investors alike, having emerged as a leading priority during 2018’s proxy season.

While the increased focus on these issues is generally viewed as a positive for society, the ratings themselves have come under scrutiny. Shareholders are turning to these ratings in good faith as they make important decisions, but they may not be getting the complete picture.

What are ESG ratings and how are they determined?

Most public and some private, companies are evaluated on their ESG performance by third-party ratings providers. These agencies set out to measure the sustainability and ethical impact of a business. Environmental criteria include carbon emissions, water stewardship and the protection and respect of other natural resources; social criteria apply to a company’s treatment of its internal and external stakeholders and the communities in which it does business; governance criteria factor in the company’s management structure, compensation, internal controls, shareholder rights and audit procedures. While ESG information is, on the face of it, quite valuable to investors as they make decisions about a company, there are a number of concerns about how this data is collected, evaluated and translated into ratings. Methodology, level of engagement with the rated company and the extent of coverage vary widely from provider to provider. Th is lack of standardisation can obviously limit the effectiveness of these ratings for institutional investors and other interested stakeholders. And one of the biggest qualms is that companies are being rewarded for having comprehensive

80 Ethical Boardroom | Winter 2019

Zally Ahmadi

Director of Corporate Governance & Executive Compensation at D.F. King, an AST Company disclosure about their efforts rather than for actually having comprehensive programmes.

The foundations of ESG

While financial gain has always underpinned business and the capital markets, the idea of making a positive impact with these assets is by no means new. Starting in the middle of the 20th Century, trade unions – managing massive pension funds – devised ways to invest their money for the greater good.1 A pivotal period in the history of corporate social responsibility (CSR) and socially responsible investing (SRI) came in the 1970s. With South Africa in the throes of apartheid and the rest of the world looking on in revulsion, companies from around the

While ESG information is, on the face of it, quite valuable to investors as they make decisions about a company, there are concerns about how this data is collected, evaluated and translated into ratings globe began to divest from their dealings with South African entities. They were largely influenced by Reverend Leon Sullivan, a member of the General Motors board, who had developed a code of conduct for US companies doing business with South Africa designed to impose economic pressure and ultimately stem the scourge of apartheid.2 The following decade, James S. Coleman introduced the concept of social capital into the measurement of economic value in an article titled Social Capital in the Creation of Human Capital in The American Journal of Sociology. 3 A decade after that, in 1998,

sustainable business consultant and author John Elkington published Cannibals with Forks: the Triple Bottom Line of 21st Century Business. In coining the phrase ‘triple bottom line’ he put environmental and social factors on the same playing field as financial ones in determining a company’s value (25 years later, Elkington called for a retooling of his own concept in the Harvard Business Review, calling for more focus on personal and environmental wellbeing and less on pure profit and loss).4 In the mid-2000s, the United Nations established the Principles for Responsible Investment (PRI) Initiative through its Environment Programme Finance Initiative and the UN Global Compact. Since 2006, some 1,800 entities have signed on, including hundreds of asset owners, investment managers and professional service partners.5 PRI created a framework that improved the analysis of ESG issues in the investment process and encouraged companies to exercise responsible practices. Over time, studies emerged showing that companies and funds with higher marks for their ESG practices had better financial performances.6 The business of ESG ratings became codified.

A proliferation of ratings providers

There are ‘at least 249 different products that rate, rank or index’ companies from an ESG standpoint, according to Stephanie Mooij, a doctoral researcher at the Smith School of Enterprise and the Environment at Oxford University.7 Some of these rankings have emerged as the preeminent benchmarks, though as yet there is no one gold standard. MSCI ESG Research is one of the largest and most widely used ESG ratings providers. Founded in 2010, MSCI ESG provides coverage for 6,000-plus global companies and 400,000-plus equity and fi xed income securities, using a ratings scale that ranges from ‘AAA’ to ‘CCC.’ Researchers evaluate 37 key issues, separated into three pillars

www.ethicalboardroom.com

ESG | Activism & Engagement

(environmental, social and governance) and 10 themes (climate change, natural resources, pollution and waste, environmental opportunities, human capital, product liability, shareholder opposition, social opportunities, corporate governance and corporate behaviour).8 Launched in 1998, RepRisk rates more than 84,000 public and private companies across 34 global sectors, with a ratings scale that ranges from ‘AAA’ to ‘D’. RepRisk focusses on 28 factors connected to the Ten Principles of the UN Global Compact, which are divided into environmental, community and employee relations and corporate governance issues and also assesses ESG risk exposure over two- and 10-year timeframes. Thomson Reuters keeps a database on 7,000-plus global companies, containing

www.ethicalboardroom.com

ESG information based on the companies’ own annual reports and websites, corporate sustainability reports, SEC fi lings, news coverage and more. For one in seven of these companies, the data dates back some 15 years. Thomson Reuters covers 400 metrics and integrates the data into the workflows of academics, asset managers, corporates and investment bankers/advisors.9 Sustainalytics emerged in 2008 and also covers 7,000-plus global companies, dividing 70 key ESG issues and indicators across environmental, social and governance lines. These indicators are broken down into three categories: preparedness, disclosure and performance. Glass Lewis has also partnered with Sustainalytics and utilises its 0-100 ratings in the Glass Lewis Proxy Paper. The ISS E&S QualityScore is one of the newer ratings, having been launched in February 2018. With its zero to 100 classification system it takes into account some 380 environmental and social factors, in areas, such as environmental risk management, human rights, waste, toxicity, product safety and quality. Other popular ESG yardsticks abound. For example, Bloomberg provides ESG data on more than 11,000 companies using 700-plus indicators sourced from company fi lings and third-party information.10

REACH FOR THE STARS ESG ratings are coveted but lack standardisation

Winter 2019 | Ethical Boardroom 81

Activism & Engagement | ESG Corporate Knights magazine publishes an annual Global 100 list, an index of the ‘most sustainable corporations in the world’, which it compiles by analysing publicly available, company-verified data against 21 key performance indicators, including resource, employee and fi nancial management, clean revenue and supplier performance.11 The Dow Jones Sustainability Index, which marks its 20th anniversary in 2019, surveys 3,400 listed companies each year and combines that data with investors’ sustainability and risk/return objectives.12

A proliferation of methodologies — and inconsistencies

industry consortiums have cropped up to work towards a more standardised approach to capturing ESG performance. These groups are united in a mission to introduce more regularity to sustainability reporting and yet even they display a lot of variation in their suggested approaches to achieving this goal. Some suggest working within existing legal frameworks while others would rather create something new. Some advocate for introducing industry-specific guidelines while others are focussed on more holistic guidance. The primary point of consensus is in adding more rigour to what is currently a patchwork-like system.

While the intent may be consistent, methodologies vary greatly from one ESG research and ratings provider to the next. Some look at a vast universe of public and private companies, while others are much more limited in scope. Some leverage hundreds of distinct metrics, while others are more tightly focussed. Some companies use letter grades, while some use various numerical scores. As noted above, some providers survey individual companies on their own practices and performance. But many of these scores and lists are compiled using a range of publicly available data, from annual reports to company websites to media coverage, without any participation from the company itself. All of this variation has drummed up an equal amount of scrutiny, certainly from companies themselves, but also from shareholders. For one, these inconsistencies can translate into the same company carrying different ratings simultaneously – to different degrees of positivity. One of the chief complaints comes down to facts versus appearances. That is, the reliance on publicly available data comes with the risk of valuing a company’s disclosure practices more than its actual ESG practices.

A path to more standard, more useful ESG measurements

With so many providers having already asserted themselves over the last 20 years, it seems unlikely that any single one will emerge as the default anytime soon. But that doesn’t mean that the existing providers, with a push from companies, investors and other groups, can’t work towards more standard benchmarks. Enter the Sustainability Accounting Standards Board (SASB), the Global Reporting Initiative (GRI), the Sustainability Consortium (TSC), the International Integrated Reporting Council (IIRC) and the Global Initiative for Sustainability Ratings (GISR) and it’s evident that a number of

82 Ethical Boardroom | Winter 2019

WHAT’S THE SCORE? Inconsistencies in ratings are confusing

A more uniform, transparent approach to collecting data, both from publicly available sources and companies themselves, would breed more consistency from rating to rating, allowing investors to make more informed choices. Moreover, standards would help to alleviate the pressing issue of companies earning higher scores for ‘talking the talk’ rather than ‘walking the walk.’ As it stands, larger companies with greater resources can dedicate more of those resources to disclosure of non-fi nancial practices, over-inﬂating their actual efforts though well-designed and populated websites, glossy reports and marketing and advertising campaigns.

Measuring these companies against the same benchmarks as everyone else can help achieve parity and empower investors to make choices based on the facts. While regulation can be a touchy subject in the business and investment communities, it too could have a role to play in a more standardised ESG environment. At present, regulatory reporting requirements vary widely by jurisdiction and can thus lead to very different ratings for companies operating in the same industry. European companies often boast higher ESG scores than their peers in other regions, for instance.13 This didn’t happen by accident. In December 2014, the European Union issued a directive on the disclosure of environmental, social and governance information for large companies (those with 500 or more employees), requiring them to publish a non-financial statement annually. These rules apply to more than 6,000 listed companies, banks, insurance companies and other companies that have been categorised as public-interest entities – and the EU reviewed nearly two dozen national, international and EU-based frameworks to create them. The required reports cover companies’ policies related to: environmental protection; social responsibility and treatment of employees; respect for human rights; anti-corruption and bribery; and diversity on company boards (in terms of age, gender, educational and professional background). As the European Commission explains: “Appropriate non-financial disclosure is an essential element to enable sustainable finance.”14 While every region harbours different attitudes towards both regulation and disclosure, in order to remain competitive on a global scale, companies all over the world have a vested interest in performing as well as their international peers in ESG ratings. Thus, they too have a role to play in pushing for the adoption of more standardised benchmarks. Gray, Hillel, New Directions in the Investment and Control of Pension Funds, Investor Responsibility Research Center, 1983 2 Lewis, Paul, “Leon Sullivan, 78, Dies; Fought Apartheid,” The New York Times, April 26, 2001 3Coleman, James S., ‘Social Capital in the Creation of Human Capital’ American Journal of Sociology, Vol. 94, 1988 4Elkington, John, ‘25 Years Ago I Coined the Phrase ‘Triple Bottom Line.’ Here’s Why It’s Time to Rethink It’ Harvard Business Review, June 25, 2018 5 ‘About the PRI’ Principles for Responsible Investment, www. unpri.org 6Thompson, Jennifer, ‘Companies with strong ESG scores outperform, study finds’ Financial Times, August 12, 2018 7Mooij, Stephanie, ‘Reporting fatigue and the ESG rating and ranking industry’ Corporate Citizenship Briefing, July 18, 2017 8Huber, Betty Moy and Comstock, Michael, ‘ESG Reports and Ratings: What They Are, Why They Matter’ Harvard Law School Forum on Corporate Governance and Financial Regulation, July 27, 2017 9‘Thomson Reuters ESG data and solutions’ Refinitiv 10‘Sustainable Finance’ Bloomberg Professional Services 11’The 2019 Global 100: Overview of Corporate Knights Rating Methodology’ Corporate Knights 12‘DJSI index family’ www.sustainabilityindices.com 13Doyle, Timothy M., ‘Ratings that Don’t Rate: The Subjective World of ESG Ratings Agencies’ Harvard Law School Forum on Corporate Governance and Financial Regulation, August 7, 2018 14‘Non-financial reporting’ European Commission 1

www.ethicalboardroom.com

Raymond James Activism Response & Contested Situations Practice

A proactive approach, a constant partner Helping corporate clients preserve the long-term best interests of their shareholders

One of the only middle market investment banking firms currently offering this type of support, Raymond James partners with companies to help them prepare for and respond to activist investors and other contested matters. Our Activism Response & Contested Situations practice leverages extensive knowledge of the latest developments affecting activist strategies and institutional investors and provides expertise in four key areas: • Activism Preparedness and Response • Contested M&A • Shareholder Engagement • Corporate Governance Matters We offer the critical advice and resources your company needs to proactively develop the right response plan and team. Reach out to learn more. Duncan Herrington, CFA Managing Director, Head of Activism Response & Contested Situations New York +1.212.856.4382 raymondjames.com/shareholderactivism duncan.herrington@raymondjames.com © 2019 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC 19-ECMMA-0088 KF 1/19

Global News Asia New Singapore Council for board diversity Council will also target organisations in the public sector and people sector, which includes non-government organisations, voluntary bodies and charities. The Council will be chaired by two co-chair persons: Loh Boon Chye, CEO of Singapore Exchange (SGX), and Mildred Tan, chairman of the National Volunteer & Philanthropy Centre. As at December 2018, the representation of women on boards of the top 100 primary-listed companies on the SGX had increased to 15.2 per cent from 13.1 per cent in the previous year, and from 7.5 per cent before DAC first started in August 2014.

Singapore’s Diversity Action Committee (DAC) has been renamed the Council for Board Diversity and has widened its scope to increase women’s representation on boards. As well as boosting the representation of women on boards of Singapore Exchange (SGX) listed companies, the

US challenges tech giant Huawei Chinese telecoms giant Huawei has denied any wrongdoing after US prosecutors filed a plethora of criminal charges against the firm, including bank fraud, obstruction of justice and theft of technology. Huawei has also rejected criminal claims against its chief financial officer Meng Wanzhou, who was arrested in Canada last month. Prosecutors allege Meng — the daughter of Huawei’s founder — engaged in ‘conspiracy to defraud multiple financial institutions’ in 2013 when she attempted to convince bankers that Huawei and a former Hong Kong subsidiary SkyCom were wholly separate entities. According to Asian Review, Huawei has asked suppliers to move some production to China as it braces for possible restrictions on access to US technology.

Jet Airways seeks shareholder approval Debt-ridden Indian airline Jet Airways is to seek shareholder approval to convert existing debt into equity. According to Reuters, Jet Airways has debts of about $1.14billion and owes money to banks, pilots, vendors and lessors. Jet will also seek shareholder approval to increase its

84 Ethical Boardroom | Winter 2019

share capital and allow lenders to nominate a director on its board to help resolve its financial problems. The Economic Times says that Jet’s lenders want to repossess some planes and have forced the airline to ground five aircraft, leading to flight cancellations.

Goldman Sachs boss says ‘sorry Malaysia’ Goldman Sachs CEO David Solomon (inset) has apologised to the Malaysian people for the ongoing corruption scandal at one of the country’s wealth funds. Malaysia has filed criminal charges against Goldman Sachs and two former employees — Tim Leissner and Roger Ng — in connection with a corruption and money laundering probe at 1MDB. Solomon told financial analysts: “It is very clear that the people of Malaysia were defrauded by many individuals, including the highest members of the Malaysian government. For Leissner’s role in that fraud, we apologise to the Malaysian people.” It is claimed that billions of dollars were embezzled from the state fund — set up by the Prime Minister Najib Razak in 2009 — and were used to buy a list of expensive properties.

Bangkok Airways CEO steps down Thai billionaire Prasert Prasarttong-Osoth has resigned from Bangkok Airways after being sanctioned for ‘manipulating the share price of the airline’. Civil sanctions have been imposed on Prasert and his daughter, Poramaporn Prasarttong-Osoth, the chief operating officer at her father’s Bangkok Dusit Medical Services, as well as Narumon Chainaknan, the executive secretary in the CEO’s office at Bangkok Airways. The trio were fined a total of 499.45 million baht ($15.8million) by the Thai Securities and Exchange Commission (SEC) and banned from holding director and executive positions at any securities issuing company and listed company. The SEC said the penalty showed that the offenders were ‘untrustworthy’. However, all three have said that they would appeal the charges to prove their innocence.

www.ethicalboardroom.com

Hosted by

ICGN Annual Conference Hosted by the Tokyo Stock Exchange, 16 - 18 July 2019 Hotel New Otani Tokyo

Re-focusing Corporate Governance for a Sustainable Future

550+

ICGN looks forward to returning to Tokyo for our Annual Conference in 2019. Topics include: ✔

Linking sustainable ﬁnance to the real economy

✔

Strengthening the power and inﬂuence of independent directors over CEO decision-making

✔

Reforming corporate disclosure and audit for 21st Century reporting

✔

Managing risk in times of uncertainty

✔

Shareholder vs. Stakeholder Primacy: Is there an optimum model?

For sponsorship enquiries please contact: Florence.Doel@icgn.org For media enquiries please contact: Milly.Sheehan@icgn.org

Attendees

70+

International Speakers

3 Days

of Innovative Content

VISIT: WWW.ICGN.ORG

Regulatory & Compliance | Contract Management

Is contract lifecycle management needed? Growing complexity and business uncertainty has raised the profile of contracts and contract management as a key business discipline, yet management typically has limited insight of the risks or performance of their contract portfolio. Today’s ethical business needs greater visibility of its obligations, its performance and its supply ecosystem. Is technology the answer – and, if so, what technologies should be used? Every business depends on its ability to structure and manage external relationships and, in most instances, this involves the use of contracts. Multiple factors are making business relationships more complicated, leading to growing interest in the role that contract lifecycle management can play. Regulatory and reputational risk, compliance, cost reduction and revenue realisation – each of these depends on the overall quality and integrity of the contracting process. Yet today, senior management typically has little insight into their contract portfolio, unless or until things go wrong. Does contract lifecycle management (CLM) technology offer an answer? The world of technology is changing at a dizzying pace and there are certainly many developments starting to impact the field of contract and commercial management. Terms such as digitisation, artificial 86 Ethical Boardroom | Winter 2019

Greater innovation and efficiency in business can cut costs and improve business integrity Tim Cummins

President, The International Association of Contract and Commercial Management (IACCM) intelligence, cognitive systems, data analytics, smart contracting, computable contracts, blockchain – these and more – being discussed and promoted for their impact on how we undertake acquisition, form or negotiate contracts and manage trading relationships. But how real are they? How relevant are they? And which, if any, should we be thinking of adopting now?

The situation today

Before we venture too far into the practicality of these emerging tools and systems, we must recognise that few organisations are starting from a blank sheet. While there is currently quite limited software supporting contract and commercial management specifically, that doesn’t mean that there isn’t software impacting it and the way it is done. Most large organisations have implemented some form of enterprise software, most commonly Oracle and SAP. Many on the buy side have expanded these with ‘procure to pay’ systems, that may be modules from their

core provider, or from other suppliers, but integrated into the enterprise system. The challenge with all these systems is that they were designed to drive internal standardisation and efficiency. They typically presume that the implementing organisation has the market power to impose its standard terms and policies onto their trading partners. They were also designed in an era when most transactions were for products; they assumed an overwhelming proportion of contracts would be for commodities and that high levels of standardisation are achievable. These assumptions have also been reflected in the resourcing policies of major organisations, where large groups in the workforce were replaced by automated systems, removing the ability to operate flexibly and eliminating key areas of knowledge or experience. Contract administration was one of those areas. In reality, contract relationships are diverse in their nature and market volatility requires far more agility than ERP systems allow. Contracts – and their associated relationships – are not ‘one size fits all’, so current systems often operate as a straitjacket, not a business value enabler. The greater flexibility demanded by today’s uncertain markets is increasingly enabled by emerging technologies. Th is offers executives the chance to think beyond the enterprise and consider how best to facilitate greater efficiency and effectiveness in their market relationships – essentially, to consider the technologies that enable www.ethicalboardroom.com

Contract Management | Regulatory & Compliance relationship resource planning, or RRP. Therefore, it is right, indeed essential, to explore incremental technologies to support the contract lifecycle.

FIGURE 1: MANAGING SERVICES Source: Gartner, Everest, TPI, Evalueserve, Research and Markets, Zinnov, Global Industry Analysts Inc., Transport Intelligence

The contracting environment

The last 25 years has seen three key trends that have elevated the importance of contracting. The fi rst of these have been globalisation of trade which has led to the breaking down of traditional loyalties and relationships, the lengthening of supply chains and the creation of incremental risks. Second has been the extent of outsourcing, resulting in an average 60-65 per cent of corporate revenues typically being spent on external sources of supply. Th ird is the extent to which business-to-business trade has undergone a steady move away from products towards services and solutions (see Figure 1, right). While the change has been gradual, it is of major significance; it represents a shift from managing delivery of tangible goods to managing the longer term performance of intangible services. Th is fundamentally alters the nature of the contract and the importance of effective contract management. IACCM capability assessments frequently reveal that organisations have not adjusted to shifting market conditions. Many lack the right contract templates or models, the staff to understand and implement exceptions and the resources to manage the results. A lack of meaningful performance data has resulted in the blind and rigid adoption of ‘compliance’, regardless of whether it is actually operating in the business interest.

So, where next?

To understand the issues and then consider the role of emerging technology, we must fi rst appreciate the scope of the activities we

8.21% CAGR

SERVICES $0.75T 19%

GOODS $3.25T 81%

SERVICES

$3.36T 56%

GOODS $2.64T 44%

–1.09% CAGR

1994

2015

■ Goods ■ Other Services Complex Services: ■ IT ■ Logistics ■ Facilities ■ BPO ■ GAAS

are discussing and how these vary between different forms of trading relationship. The graphic below illustrates a typical transactional lifecycle (See Figure 2, below). When buying or selling a commodity, the process is relatively simple and the objective of technology should be to further streamline sales or procurement activities and largely eliminate human resources, for example through robotic process automation (RPA). For many businesses, commodities represent a relatively high proportion of transactions and it makes sense to persist with current investments such as ‘procure to pay’ solutions from established software vendors. These can be further enhanced by considering digitisation – for example, the introduction of electronic contracts, e-signatures and automated review and approval processes, together with enhanced

data analytics to improve the quality and accuracy of oversight and reporting. The goal should be to create more agile and transparent systems and procedures, removing identified points of tension or delay or quality shortfalls – for example in volume or requirements generation, performance analysis or ensuring use of the right terms and conditions. A standard ERP module may be adequate for this, though many organisations supplement that software with analytics tools, such as those offered by Seal Software or e-signature modules that come from a variety of vendors, with DocuSign the current leader. The most efficient are embedding ‘intelligent questions’ into the front end of their systems to ensure requirements are captured and appropriate relationships and terms are formed to support them.

FIGURE 2: TRANSACTIONAL LIFECYCLE (PROCESS) 1. Evaluate

2. Approve

Identify contract model required to support specific bid or proposal OR review counter-party proposed terms for acceptability (determine go/no-go)

Evaluate non-standards and interdependencies. Engage stakeholders required for review and approval

3. Draft Prepare required transactional documents or variations to standard

4. Negotiate

5. Implement

6. Manage

7. Close

Establish strategy, fall-backs, trade-offs; seek to reach consensus (go/no-go); redraft as required

Communicate signed agreement and obligations to all affected parties

Oversee and report on performance; handle claims and disputes; negotiate and record changes

Manage termination or renewal; identify continuing obligations

14 CLM TOOL CAPABILITIES (TECHNOLOGY) Portfolio analysis

Approvals RFX

Drafting

Collaboration with third parties

Obligation management

Disputes

Performance management Change management Management reporting Document repository

Query, Discovery, Artificial Intelligence

www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 87

Regulatory & Compliance | Contract Management For many industries, in the post-award environment there may be benefit in developing robust tracking systems, perhaps based on blockchain, such as those put in place by Walmart and major logistics suppliers to ensure increased visibility and tracking, including verification of the provenance of goods. But while this approach may handle high-volume transactional business, it does not address the issues associated with lower volume, high-value contracts that, for many, represent the majority of spend and, perhaps, also revenue – as well as being a major source of business risk. Therefore, it is in this context that we most urgently need to consider both additional systems and emerging technologies.

What questions should we ask? Procure-to-pay systems typically provide great value in automating simple acquisitions, but they rarely offer a coherent contract management application, nor do they address sales contracts. It is essential to think in terms of the nature of the relationships that the business needs or offers and for each of these: ■■ The extent and nature of risk ■■ The need for resources to maintain manual interventions and/or ■■ The need and justification for complementary tools and systems Considerations should include an understanding of volume, potential severity of incidents and the duration of need. For example, how many of your contracts contain multiple, interdependent obligations? What is the volume of statements of work or service level agreements to process and manage? Factors such as this may generate the need for a system with powerful obligation extraction and tracking capabilities; or perhaps an AI system with natural language processing

(NLP) tools that can support drafting and test for high-risk language; or a blockchain solution that ensures integrity of records and can drive automated performance management through a ‘smart contract’. In general, a high volume of services or solutions contracts is likely to justify the adoption of a supporting technology, which could range from a stand-alone contract lifecycle management (CLM) system, to a dedicated artificial intelligence system that uses NLP to support document standardisation, analysis and production (for example, being used in General Motors to support the production and review of several thousand contracts each week). It will most likely take many years before more complex and high-profile agreements for outsourcing or major programs (where it may be critical to oversee multiple interdependent relationships) are within the capabilities of an ERP-based system. Therefore, long-term manual interventions will be needed unless an alternative dedicated system is acquired, especially to cover post-award performance. Based on contract portfolio analysis, some organisations conclude that it is wiser to acquire a dedicated CLM solution rather than manage the work-arounds demanded by an ERP-based P2P system. Such a decision may be justified, but it needs careful assessment, not only related to integration, but also whether there is an appetite for driving organisational adoption. Many CLM systems have struggled to deliver expected benefits. However, they continue to develop and there are significant advances in ‘ease of use’.

Making sense of the options

Having recognised the need for a CLM system, the next big challenge is ‘which one?’ There is a plethora of choice in the market – more than 200 options, some offering full life-cycle support, others being more niche in their capabilities. Making sense of these

FIGURE 3: 10 PITFALLS TO AVOID IN CONTRACTING of Failure Contract Contracts Limited use clear scope to engage terms and difficult of contract 1andLack 3 5 7 9 goals stakeholders negotiations to use or technology Result: Cause of claims/ disputes

Result: Misaligned interest and future opposition

focus on risk allocation Result: Loss of economic benefit; contract becomes a weapon

understand Result: Users see contract as irrelevant to business needs

Result: Inefficiency and loss of quality in performance and analysis

AVERAGE VALUE EROSION 9.2% Contracts/ Protracted Contracts Poor Weak legal team negotiations 6 lack handover post2 4 8 10 involved late flexibility. from deal team to award process Result: Wrong form of contract and extended lead time

Result: Competitive exposure and delayed revenues

88 Ethical Boardroom | Winter 2019

Insufficient focus on governance Result: Performance management dominated by blame/fault

implementation team Result: Commitment and obligations missed and misunderstood

is challenging, especially since most are offered by relatively small companies and there is significant market consolidation. To assist in identifying and reviewing the best options, IACCM has created an online tool that is free to use which can be found at www.iaccm.com/resources/contractmanagement-software/ Broadly, solutions can be broken into three areas – those that provide content, such as contract templates, precedent and general guidance; those that operate as efficiency tools, primarily contract lifecycle management systems which include those from the major ERP providers, but also now starting to include blockchain; and, thirdly, those that provide analytics, in some cases using AI and cognitive capabilities. Many of the systems offer a little of each of these capabilities, but none currently does so in a comprehensive way.

Tackling other weaknesses

Another way to explore the relevance and value of contract management systems is to explore current process weaknesses. A major reason why executives are often unaware of contract value leakage is the fact that it is rarely viewed as an integrated process with an accountable owner. Activities are typically fragmented and IACCM research has shown that this is the primary cause for underlying performance risk and value erosion. The chart below shows the most frequent issues and their cumulative impact on financial performance. See Figure 3, below. New technology potentially plugs some of these gaps, but only if its introduction is accompanied by 1) process review and redesign and 2) integration with other systems, to ensure required data flows are achieved. Without these actions, there is a high probability of joining those with failed or disappointing implementations.

Conclusion

In summary, there can be little question that we are on the brink of dynamic changes in procurement and contracting processes and methods. Executives need to consider how new technologies can help them escape the constraints imposed by ERP systems and focus their minds on RRP – relationship resource planning. This offers remarkable opportunities to cut costs and improve business integrity. The role and required skills of human interfaces will change dramatically, focussing increasingly on data analysis and strategic initiatives that drive improved relationships, greater value and superior results. Senior management is right to demand better performance and risk management from its contracts, but these benefits will be achieved only if there is executive sponsorship of the overall project and an acceptance that software alone will not be sufficient. www.ethicalboardroom.com

Transparency International ranked 104 multi-national companies on how transparent they are about how they engage with politics...

3 out of 4 companies were found to be keeping the public in the dark over their political activities.

Transparency is the future. Donâ&#x20AC;&#x2122;t get left behind.

Visit transparency.org.uk/cpei and see how your company would compare.

Regulatory & Compliance | Advertorial

Contract management in the digital age The ability to systematically manage contract creation, execution and analysis is key to corporate success There is no easier way to get the boardroom’s attention than coming up with new ways of cutting costs and improving eﬃciency. And yet, there is one aspect of corporate operations – one that promises to do both those things and much more – that has long been seen as cumbersome, time consuming and an obstacle to business: contract management.

That aversion appears to fi nally be changing. A recent Forrester study in the US found that more than 60 per cent of companies polled had plans to improve their contract management methodologies within the next 12 months. And the 90 Ethical Boardroom | Winter 2019

Markus Fabel

Global Head of Quality & Risk Management Advisory at KPMG reasons are myriad. When properly implemented, a professional contract management can reduce expenditures, increase transparency, highlight ways to improve contracting terms, mitigate compliance and regulatory risks, and improve time to market. Indeed, in an era of unprecedented technological change and increasing fi nancial pressures, it should be a cornerstone of any effective business strategy. What, though, is contract management? What must change to implement a successful approach? Where should the focus lie? And what are the specific benefits to each component of an effective contract management?

Structuring the approach

Contractual chaos is surprisingly common. Many fi rms have failed to establish suﬃcient contracting-related processes and lack coordination between entities or business units. As a result, there is almost no consistency in the terms negotiated across the company and little oversight. In addressing this ineﬃciency, it is vital to define each step in the contracting process, delineate clear roles and responsibilities for those involved and ensure consistent implementation. Furthermore, the process must be communicated to the entire company as an important fi rst step in encouraging cross-functional cooperation between key stakeholders in both business and legal functions. Doing so will streamline the contracting process, reducing the amount of time spent on contracting and freeing up internal resources. www.ethicalboardroom.com

Advertorial | Regulatory & Compliance ORGANISING, ANALYSING & MANAGING CONTRACTS An effective system makes it easier to make decisions and monitor maket trends

agile templates that can be quickly adapted to all global markets helps ensure consistency of terms and reduces the effort required to review new contracts. Companies with a low contract volume may consider developing a smart contract template database and a clause library. Companies with higher volume or greater contract complexity, by contrast, should examine the possibility of a digital contracting solution. Such an approach allows several parties to work simultaneously on contracts with intuitive workflows supporting interdisciplinary creation, review and approval of contracts. Additionally, the digital signature enables the signing of contracts at the click of a button, no matter where the principles might be. Streamlining the contracting process will reduce time to market and minimise the effort needed to prepare, review and execute contracts.

Transparency & cost mitigation

Contracting doesn’t end once the documents are signed, of course. And a robust contract management approach also enables the monitoring of a contract’s performance throughout its lifecycle. In the inception phase, key Companies indicators, such as the with higher time spent negotiating volume or and implementing the contract, can greater be monitored and contract improved upon. Later, milestones such as complexity, dates and should examine delivery payment terms can be tracked and the possibility optimised, while of a digital increased efficiency contracting guarantees that deadlines aren’t solution missed. Furthermore, each expired or Setting goals terminated contract provides data that There is no one-size-fits-all solution when can help design and negotiate future deals it comes to implementing a successful with the same or similar clients. contract management approach. Each On the flip side, failure to properly monitor business unit will likely have its own aims, contracts throughout their lifecycles can from cutting costs and increasing revenue be extremely costly. A recent Gartner to reducing regulatory and financial study on the pitfalls of inadequate contract risk. A clear definition of objectives enables management included the example of a the development of a custom-designed large medical manufacturer that had approach that meets the individual needs accidentally extended a multi-year, of all stakeholders. That, in turn, improves $10million agreement that should have been transparency and access to information. terminated due to an auto-renewal clause. Similarly, a US-based manufacturer had Contract standardisation been renewing leases on disused properties and digitalisation in Asia, resulting in six-figure losses These days, even traditionally local that could easily have been prevented. companies are looking to foreign markets Risk mitigation for growth opportunities. But those The above examples are extreme, but there opportunities mean added complexity, with are plenty of other potential pitfalls should local laws, regulations and market practices contracts go unmonitored, including differing across jurisdictions. Developing www.ethicalboardroom.com

regulatory fines, penalties from vendors and civil or criminal actions against the company and its officers. Additional risks include human error and misconduct or fraud. Software vendors, for example, have increased their auditing of users and implemented sizable penalties for licence abuse. Similarly, regimes such as the European Union’s General Data Protection Regulation (GDPR), with fines of up to €20million or four per cent of global turnover, can create huge financial liabilities. Ensuring transparency and term consistency enables companies to identify potential risks earlier and to address them before it is too late.

Analytics and data

Harvesting and analysing data has never been easier. But the frenzied drive to commercialise that information is just one aspect of the trend. An effective contract management regime involving standardised contract terms and the monitoring of key milestones can generate vital and immensely beneficial internal data, allowing for the benchmarking of key clauses and making it easier to improve contract terms. It also allows decision-makers to identify market trends and to improve utilisation within the company.

Negotiation and drafting of contracts

Inevitably, even well-drafted contracts will need to be negotiated and some terms will require modification. As such, it is important to develop a contracting playbook that contains various fallback positions that would be acceptable to the company. Such a playbook should include internal explanations about the logic behind the positions taken in addition to external explanations to be used when elucidating positions in a manner understandable to the client. This will allow for more consistent and effective contracting. It isn’t easy to remain competitive in today’s global economy. Identifying inconsistencies, mitigating risk, optimising data collection and analysis: all of those things can give a company a leg up on the competition. And that is what an effective contract management approach delivers – a message that any boardroom will love to hear.

KPMG AG Wirtschaftsprüfungsgesellschaftv The Squaire/Am Flughafen D-60549 Frankfurt am Main +49 69 9587-3213 MarkusFabel@kpmg.com www.kpmg.de Winter 2019 | Ethical Boardroom 91

Regulatory & Compliance | Fraud

Whistle-blowing in the boardroom Integrity in the workplace has come under the spotlight in 2018, bringing about a need for significant cultural change in both public and corporate entities operating in Australia. Reviews, such as the Royal Banking Commission, have exposed numerous disconcerting behaviours from Australian businesses. In short, there has been a sense of entitlement coming from the top of companies that is destroying the trust between these businesses and the general public. It also highlights the need for Australian companies to embrace policies regarding organisational integrity to ensure their businesses are operating ethically and fairly for all stakeholders.

Fraud: a multibillion-dollar disease Fraudulent activity is nothing new to the corporate world, but it is still incredibly prevalent today. If most people knowing these actions are wrong, why do we see this occur? Th ree common traits have been found to be present in fraud cases. They have become known as the Fraud Triangle – a term coined by Donald Cressey, a prominent criminologist throughout the 60s, 70s and 80s. The triangle has been theorised to be made up of three factors: pressure, opportunity and rationalisation. Looking at the past events detailed by the Banking Commission, there has been pressure to provide revenue and results for the company – creating the motivation for acting unethically and, sometimes, illegally. Once presented with an opportunity to do so, so staff will most likely take it. Offenders then tend to justify their actions as a result of seeing their manager or co-workers using unethical practices to further themselves in the company. Th is leaves them thinking ‘everyone does it’, helping to ease their mind. It is this

92 Ethical Boardroom | Winter 2019

Send a clear message to your stakeholders that ethical behaviour is a fundamental value of your company David Morgan

Managing Director at PKF Integrity Services rationalisation that has bred a mindset of disregarding integrity that has then led to the state that some companies fi nd themselves in. It can sometimes become the collective culture of the organisation, but more often than not develops in pockets of an organisation. What is quite alarming is the scale at which modern businesses are being impacted by fraud schemes. The Association of Certified Fraud Examiners (ACFE) in its Report to the Nations, released in 2018, detailed the trends of the cost of fraud in 125 countries and 23 industry categories

Three common traits have been found to be present in fraud cases. This has come to be known as the Fraud Triangle... made up of pressure, opportunity and rationalisation from more than 2,600 survey respondents regarding investigations over the period of January 2016 to July 2017. The report highlighted that during those 18 months, total losses to companies due to fraudulent activities exceeded $7billion with ‘22 per cent of cases [causing] losses of $1million [or more]’.

It is also concerning that victims who are smaller businesses are affected more than larger corporations, losing ‘almost twice as much per scheme to fraud [than larger companies]’. Disappointingly, it is apparent from the ACFE report that internal control was a contributing cause for these crimes to be undetected for significant lengths of time. Had there been more effective internal reporting policies and procedures, significant amounts of money may have been saved as the perpetrator may have been discovered earlier. We hope that the high-profi le cases and royal commissions that have been highlighted in Australia in recent times, lead to a shift in mindset regarding the importance of integrity frameworks inside the workplace.

A step in the right direction An area that businesses need to get right in their operations is an effective whistle-blowing framework. New whistle-blower legislation is currently in the Australian senate and should be implemented in early 2019. One of the existing requirements under the draft bill is for all large proprietary and publicly listed companies, as defi ned by the Corporations Act, to have a whistle-blower policy in place. Whistle-blowing is a critical action that enables employees to raise awareness of people within their organisation partaking in fraud, corruption and other forms of misconduct. If corporations wish to maintain their integrity, it is essential to prevent, fi nd and deal with any misconduct

www.ethicalboardroom.com

Fraud | Regulatory & Compliance

that transpires within their organisation. Whistle-blowing, as it is often referred to, is an important step in the right direction. What will make this a reality, though, is a culture of balance between trust and good internal controls. The reporting framework only works effectively when an organisationâ&#x20AC;&#x2122;s employees are prepared to speak up. The above is further supported by the recent ACFE report. It found that tip-offs about fraudulent activity make up approximately 40 per cent of initial detection methods with employees providing more than half of tip-offs and nearly one third coming from outside parties. Having had more than 15 years in investigating unethical and illegal practices, I believe whistle-blowing is a critical control mechanism, but it requires a lot more than just a hotline or a policy. Business leaders must also lead from the front. They must encourage employees to make the right choice and speak up. They do this not only by talking the talk but also walking the walk. Ethical, consistent and transparent leadership not only breeds a positive and open internal culture, but also helps deter misconduct in the long term.

Encouraging and embracing hotlines

One of the key tools for businesses to more effectively identify dishonest activity in their company has been a whistle-blower hotline. The ACFE report found organisations that utilised a hotline, detected fraud by way of tips-offs 50 per cent more often than those that didnâ&#x20AC;&#x2122;t. Just by simply having a hotline, they lost $229,000 less when they experienced a scandal.

SHOW FRAUD THE RED CARD Whistle-blowing is a key way to identify fraud and misconduct

www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 93

Regulatory & Compliance | Fraud

A need for change in attitudes Hotlines provide companies with a greater assurance that they have knowledge towards whistle-blowers Despite improvements in some areas of over what is happening in their business. In the whistle-blower framework, there are, contrast, the report said that organisations unfortunately, still significant shortfalls in the without hotlines were more than twice as organisational treatment of whistle-blowers. likely to detect fraud by accident. In most A recent study titled Whistling While cases there will be an individual that has They Work 2 by Griffith University surveyed knowledge of an incident, though they will 17,778 individuals who were reporters, not highlight it until there is a safe avenue to managers, executives and governance raise awareness to the company or through professionals. It revealed that external sources. whistle-blowers are still treated badly by In order to effectively implement a their management or colleagues (principally whistle-blower hotline, a company must be management) in 42.1 per cent of cases trained effectively to professionally receive according to reporters and 34.1 per cent the disclosure of sensitive material and according to managers and governance ensure the effective management of such professionals who dealt with cases. matters. If whistle-blowers want to remain anonymous, companies must also enable this to occur; but also set up processes that enable the organisation to return to the whistle-blower if more information is required or needs to be tested. Getting this balance right is important, not just for the whistle-blower but other stakeholders involved in the process. There is value, too, in organisations electing to use an outsourced whistle-blower hotline service as they are independent. When I managed an outsourced service in a previous role, one of the first questions often asked of me from a whistle-blower was ‘ do you work for the company?’. When I explained that I did not and outlined the role of a hotline provider, the provider’s reporting line into the organisation, and what my role and skills were, rapport quickly developed and trust In order to was built. Whistle-blowers effectively appreciate talking to an implement a independent, objective and skilled professional. Yet, whistle-blower while many companies are MAKING IT EASIER hotline, a company now adopting external TO REPORT FRAUD must be trained hotlines as an option A whistle-blower hotline can help highlight issues for employees, it is not effectively to uncommon for the service professionally to only be symbolic. A What is concerning is worrying trend we find that these results compared receive the with some organisations to the results of the survey’s disclosure of is that they are including predecessor, Whistling a whistle-blower hotline sensitive material While They Work, ‘public just to tick a box. It is sector whistle-blowers and ensure disappointing to see that were mistreated in the effective businesses aren’t properly almost exactly the embracing this service and same proportions’. management of providing the support for A key deterrent of such matters employees to have the whistle-blowing has been courage to contact the how actions will be received by hotline. This can sometimes be because of a co-workers and managers after reporting the strong ethical culture. But often it is because illegal activity. Disappointingly, according to people don’t know they have an option to the research, whistle-blowers experienced report or don’t trust the process. Companies negative repercussions in an average 81.6 per seem to only be concerned with meeting cent of cases, according to reporters (and the criteria placed by regulations, without 66.3 per cent according to managers and properly considering the real benefits that a governance professionals who dealt with hotline provides. cases), including 56 per cent according to 94 Ethical Boardroom | Winter 2019

reporters and 34 per cent according to managers who experienced harassment and/or direct adverse employment impacts. We believe more needs to be done in this space. Creating a culture where people are afraid to speak up inevitably leads to scandal. We see all too often see that when employees feel a lack of trust in the reporting procedures, this leads to a culture of underreporting. It is this company mindset that allows for the decades of malpractice that we eventually see come out of the woodwork just as we are seeing with the Royal Banking Commission. Companies need to be comfortable that there will be mistakes that happen in the business and look to take the opportunity to learn from them and implement changes so it doesn’t happen again.

Building a safer environment for whistle-blowers

There are a number of steps that can be taken to build the trust necessary for employees to feel safe enough to have the confidence that they can report without feeling persecuted. Organisations that are developing an effective reporting framework, must first establish a supportive culture around employees reporting any suspicions of unlawful behaviour. The first step any business must take is to establish a clear set of policies and procedures for employees to undertake when they feel they need to report an incident. The use of signage and banners to promote the policies and procedures regarding whistle-blowing is a great way to educate staff about the availability of the service as well as to encourage the reporting of any suspicious behaviour. In large organisations, PKF has also seen intranet advertising, regular communication from senior management and delivered by those leaders via email, at toolbox sessions, on induction days, etc.

Which type of companies require a whistle-blower hotline?

At PKF Integrity, we have implemented hotlines and dealt with whistle-blowers across a range of industries. Integrity is an issue for all companies, so any business would be wise to implement a hotline. It is common for businesses to think that it wouldn’t happen in their business, but the reality is that fraud is happening to them and it can happen anywhere. The risk of not having a hotline is too high, both financially and culturally. Such a solution seems simple in theory and yet companies are still grappling with the whistle-blower and how to handle them effectively. One hopes improvement continues to occur because it is the best opportunity companies have in uncovering wrongdoing.

www.ethicalboardroom.com

Direct to your Door! Email our team now at subscriptions@ethicalboard.com

Global News Australasia Australia hits diversity targets Women account for 29.7 per cent of all ASX 200 board positions — almost meeting a target set three years ago to have 30 per cent gender diversity on the boards of Australia’s top 200 companies. According to the Australian Institute of Company Directors (AICD), almost half of ASX 200 companies have now met the target. The figures mean that Australia has leapfrogged the UK, Canada and the US in terms of female representation in the boardroom. There are only four ASX 200 companies — AMP, ARB Corporation, Emeco Holdings and TPG Telecom — with no women on their boards. Forty-five per cent of all director appointments in 2018 were women.

‘Bleak’ confidence in Australian business

New Zealand insurance culture challenged New Zealand insurance companies must ‘act urgently and undergo major changes’ to address weaknesses in governance and risk across the sector — a regulatory review has warned. The Financial Markets Authority (FMA) and Reserve Bank of New Zealand (RBNZ) jointly reviewed 16 New Zealand life insurers and identified ‘extensive weaknesses in life insurers’ systems and controls, with weak governance and management of conduct risks, and a lack of focus on good customer outcomes’. Adrian Orr, Reserve Bank governor said: “Public trust in life insurers could be eroded unless boards and senior management transform their approach to conduct risk and achieve a customer-focussed culture. “Ultimately, insurers need to take responsibility for whether customers are experiencing good outcomes from their products, regardless of how they are sold.”

96 Ethical Boardroom | Winter 2019

Confidence among Australia’s business leaders has plummeted, according to illion’s latest Australian Business Expectations Survey. The index for the March quarter stands at 20.9 points, down 7.1 per cent year-on-year and the lowest level since the December 2017 quarter. Expectations for sales, profits, employment and investment in the year ahead have fallen with the largest decline seen in sentiment towards sales. “The slowdown in the economy is beginning to affect business optimism,” said Stephen Koukolas, illion economic adviser. “While not at levels which would signal a hard landing for the economy into 2019, the rising pessimism is pointing at a clear downside risk if the trend continues.”

Kiwi banker charged over fraud scheme A New Zealander businessman has been arrested in connection with a fraudulent NZ$3billion international loan scheme. Andrew Pearse is among three former Credit Suisse bankers charged over the Mozambique-based scandal. As part of the scheme, three companies were formed to borrow billions in loans guaranteed by the Mozambique government to be used on maritime projects in the country between 2013 and 2016, the indictment says. Prosecutors claim the bankers failed to report critical information to compliance staff at Credit Suisse and removed specific loan conditions without approval.

Australian audit standards ‘still lacking’ An investigation by the Australian Securities and Investments Commission (ASIC) has found that one in five audits lacks the desired assurance that company financial statements are error-free. The findings mean some financial statements did not have the necessary support to arrive at an audit opinion because the auditors did not follow accounting standards when doing their work. The ASIC report covered a review of 20 firms, including the six largest with eight other national and network firms and six smaller companies, over January 2017 to 30 June 2018. ASIC commissioner John Price said: “We recognise the efforts by firms to improve audit quality and the consistency of audit execution, which is reflected in some improvements in findings collectively for the largest six firms. However, the overall level of findings still suggests that further work and, in some cases, new or revised strategies, are needed to improve quality.”

www.ethicalboardroom.com

CMY

Minority Shareholders Watch Group (MSWG) was set up in the year 2000 as a Government initiative to be part of a broader Capital Market framework to bring about awareness primarily on minority shareholders interest and corporate governance matters through shareholders activism and engagement with stakeholders. MSWG is a professional body licensed under the Capital Market & Services Act 2007. It is self-governing and non-profit body, funded predominantly by the Capital Market Development Fund (CMDF). It is an important channel of market discipline, encouraging good governance with the objective of creating sustainable value. Since incorporation, MSWG has evolved into a respected and independent corporate governance research and monitoring organization in the capital market. It highlights and provides independent views and guidance to investors.

Risk Management | Organisational Culture

Dr. Caterina Bulgarella & Rebecca Turco

Dr. Caterina is an expert in organisational culture and behavioural ethics, Rebecca is SAI Global’s Vice President of Learning

The importance of cultivating and fostering an employee engagement programme

Undertaking an Ethical Transformation In recent months we’ve seen the impact of employees taking action. From the most recent Google employee worldwide walkout, where more than 20,000 ‘Googlers’ demanded the end of forced arbitration around sexual harassment, better reporting and greater transparency, to the exposure of sexual harassment behaviours at large and powerful Silicon Valley firms, the evidence is palpable.

These most recent organisational culture failure events have certainly turned heads 98 Ethical Boardroom | Winter 2019

and intensified concerns among business leaders and boards to retool their perspectives on what they know about their own organisational culture. The tide is turning; corporate culture and ethics are no longer being viewed as a side project but as a corporate imperative to future-proof an organisation. And it all starts from the top down – and the bottom up. ETHICAL BOARDROOM: Culture is top of mind for CEOs and board members. What role can culture play in creating or preventing risks for an organisation? Is culture itself a risk that needs to be managed? CATERINA BULGARELLA: We are seeing a remarkable acceleration in ethical risk in both large and small organisations across all types of industries.

It’s not surprising. Companies are forced to deal with all types of pressure, day in and day out. Th is pressure, in turn, pushes people to look for shortcuts and/or makes it more difficult for them to make good decisions. Th is is why culture is a key source of risk today. When we talk about culture, we are referring to what a business values – for example, the things that are given priority; the behaviours people are expected to demonstrate; the processes that are used to support performance; how people think about challenges, and so on. An unhealthy culture will heighten ethical risk in a number of ways. It will add pressure; it will reinforce bad habits; it will encourage self-interested decisions. Conversely, a healthy culture will help people remain sensitive to the difference between what is ethical and what is not; it www.ethicalboardroom.com

Organisational Culture | Risk Management will provide the tools to tackle dilemmas in a less biased way; it will engage employees and turn them into owners of the organisation’s ethics.

responsible for the state of ethics in the organisation, reason in a less biased way and actively engage to protect the organisation’s ethical core.

REBECCA TURCO: Culture is the identity of your organisation, it’s the people, the services, products and infrastructure that are the heart of your business. Culture plays a huge role in creating and preventing risks for your business. Many organisations focus on meeting their business and financial goals, they rarely speak about their culture goals or the importance of culture. If you do not have strong ethical culture, then you run the risk of employees focussing on meeting their goals by any means necessary, including potentially unethical and illegal decisions. With the right culture, you see businesses thriving, employees are happy and proud of where they work and they make the right decision for the business every time. They know what risks are acceptable to take, they know what risks they shouldn’t take and they know how to speak up. Culture is more than a word, more than a poster or a saying, it is the DNA of your business and it absolutely needs to be managed and be front of mind for the whole business.

TURCO: The relationship between culture and risk has strengthened over the past few years. Many organisations have focused on investing in solutions to manage their risk, they look to put in tools, processes and people to make sure they TURCO: Employees are one of the understand their risks and what to do if biggest assets and risks to an something happens. The shift we have seen organisation. They are also one of the hardest is that you need the tools and solutions risks to manage because most of the risk that in place to manage your risk as well as an employees face are ones that organisations attention and focus on the culture you are cannot see. With the change in technology creating in the business. The culture that and the way people consume content and use you have within the organisation will drive social media, the engagement of employees is the risk your employees will take. even more critical than ever. Organisations are increasingly putting How many articles have you read where more pressure on their employees to do an employee gets fi red for something more, make more decisions and use happening to them and then goes to social technology to drive business outcomes. media to talk about what happened and how Effectively, what businesses are doing is they have been wronged? The result: the giving employees more accountability and community around them speaks up, they decision-making authority. If we don’t have a boycott the product or culture of always making the they demand the right decision, if we haven’t If your employees service, company responds. Your trained employees on how to deal with these decisions, to are engaged with employees have a very powerful voice, they are understand the risks to the your business speaking to your customers business – both short- and objectives, the every day, they are the long-term – then we aren’t reason you will succeed managing the risk the values of the or fail as an organisation. business is facing. We haven’t organisation, If your employees are increased the capacity to make ethical decisions; and seen as core engaged with your business the values of instead we have put more contributors, your objectives, the organisation, and are pressure on employees to seen as core contributors, make more decisions. business has a business has a higher higher chance of your chance of being successful. EB: Why should CEOs and being successful senior leaders focus on EB: Because risk exists employee engagement everywhere in an organisation, how today more than they have does a senior leadership team balance in the past and what are the pros and the management and mitigation cons of a workforce that is engaged? BULGARELLA: Senior leaders must of technical, process-driven risks actively manage to curb ethical risk vs. human, behavioural risks? BULGARELLA: For a long time, risk and to avoid ethical failure. Risk depends on management has stressed technical, the organisation’s ethical capacity, a layer process-driven risk. Yet, most processes of culture linked to employee engagement. depend on humans making the right call. Two aspects of ethical capacity – ethical So, whether or not we want to separate ownership and ethical voice – are especially behavioural risk from process-based relevant in this context. risk, the truth is that these two categories As an example, would you expect of risk are tied to each other. Th is is why employees to own the organisation’s ethics if the effective management and mitigation they were disengaged? Or would you count of risk requires a focus on behaviour and on them exercising their voice or otherwise decision-making at all times. The benefits taking action to protect the organisation’s of managing behavioural risk in a proactive ethical core while being disengaged? It way go beyond the realm of ethics. would be unlikely. Th is is why employee When people are aware, mature, morally engagement is an outcome we should engaged, and better able to self-regulate, monitor to better understand ethical risk. not only are they positioned to make When employee engagement is low, people ethical decisions, but also they can tend to check out; they may become make better decisions all around. inattentive and more self-interested, and so

EB: How has the relationship between culture and risk management changed in the past three years, and what factors are driving those changes? BULGARELLA: The corporate scandals we’ve witnessed in recent years are creating a new level of awareness. First, it’s becoming increasingly difficult to explain ethical failure in organisations as the wrongdoing of only a few rogue employees. The issues we continue to see are often systemic, tend to lead to some type of domino effect and end up costing too much in terms of lost reputation, brand identity and trust. The public, and even regulators at this point, understand that people do not operate in a vacuum. In addition, plenty of insights indicate that there is far greater risk in regular people being nudged toward a slippery slope by the wrong culture than in rogue individuals doing something unethical. Second, we are also getting plenty of evidence that organisations cannot solve their ethical challenges by simply introducing a set of corporate values. Though this has become a common way for organisations to show good intentions, it has little to do with their ability to actually be ethical. Most organisations that have gotten into trouble over the past years had nice values, yet those values didn’t stop them from engaging in egregious misconduct. These two shifts have real consequences because they reinforce the idea that we need more than policies and values. In fact, we need to build systems and processes that help employees feel www.ethicalboardroom.com

forth. However, when employee engagement is robust, people are more likely to care. Importantly, when it comes to ethical risk, it’s not just generic engagement that is important, but whether employees are morally engaged. Th is deeper level of engagement is especially desirable because it counters certain potential negative effects of out-of-bound engagement, such as a focus on winning at all costs.

Winter 2019 | Ethical Boardroom 99

Risk Management | Organisational Culture Organisations will benefit from this in two ways. First, certain unwanted consequences, such as those associated with ethical failure, will be less likely; second, employees will be more likely to contribute in positive ways. For example, we can expect people to have meaningful insights, exercise initiative to improve current processes, connect the dots in a proactive way, and so on. Th is is to say that when senior leadership starts with culture, they are enabling the very human core of an organisation in all the right ways, sharpening the very impact of process and technical risk management, among other things. TURCO: Organisations shouldn’t think about a balance. They need to connect both the operations risks and the human risks, as both are equally important and will drive business outcomes. Most organisations are focused on the operational, process-driven risks because those are easier to see and are the ones that can be tracked. Human and behavioural risks are much harder to manage because sometimes they cannot be seen. These risks happen outside of business hours, in conference rooms, within teams, in a five-minute phone call, or Skype chat, making them harder to see and harder to fi x. Let’s be honest, if we aren’t looking for them, asking the right questions, and engaging our employees, then we probably think our human risks are low. There is a connective thread that needs to exist between the senior leadership, HR, and employees; the thread that weaves the operational, process-driven risk, with the behavioural, ethical risks sitting within a culture of speaking up and making the right decision at any cost. Understanding where your highest risk employees are within your business helps you start to understand how to manage the operations risks around them as well as their behavioural risks. A modern approach to learning and employee communication are part of the solution. Understanding where employees sit on the risk spectrum will allow you to develop solutions to manage that risk. EB: Changing an organisation’s culture, or rebuilding it, can be extremely challenging. What guidance would you give to those embarking upon that journey to ensure they are successful and focus their efforts and attention in the right places? BULGARELLA: Culture change work is challenging and complex, and this is why it is important to know where an organisation is and what its change agenda needs to be for the next 12 months. There is no way to start an efficient process of culture change without measuring culture fi rst. What are the strengths and weaknesses the organisation presents today? How can we 100 Ethical Boardroom | Winter 2019

direct certain bad habits and what is the smartest way of doing it? What capacities are missing? What are the most pressing gaps that need to close if we wish to reduce risk? Only culture measurement, informed by the right culture measurement model, can provide the right answers to these questions. The ambition for senior leaders shouldn’t be to transform the organisation’s culture in the shortest period of time but instead to identify the right culture architecture and to have a tangible, effective change plan to implement that architecture – one process and one system at a time. TURCO: Start from the bottom up. Empower your employees to drive the conversation around the organisation’s culture and what does need/not need to change. Culture is driven by your employees, the decisions they are making and what they say about the company. They need to be the voice of culture. Top down and middle management need to lead, direct and participate in the culture conversation, but employees are the owners.

Understanding what your employees’ risks are, where they tend to make unethical decisions or struggle with making the right decision, these are some of the assessment points you need in order to understand where your strengths and weaknesses are Take a look at Google: the employees did not accept a culture where misconduct is rewarded so globally they walked out and asked senior management to change their policy. Th is example showed two things about Google’s culture: Somewhere in its DNA, speaking up is encouraged; that employees shouldn’t be afraid to say something; and they are the voice of the business. The CEO and executive suite can make decisions on behalf of the company but they can’t speak for the employees. Employees are building communities around your business and around your brand. They will connect with each other and they will change what they don’t like. If they feel that they don’t have a voice or things won’t change, then they will leave. And while backlash to an organisation’s culture often comes in the form of lost revenue or negative press, the Google walkouts showed that employers who fail to engage cultural issues don’t just risk customer attrition or litigation, they risk losing large swaths of top talent – even if they’re Google.

EB: Whether you are building a new culture or assessing your current culture, some element of measurement needs to exist to benchmark change and understand your strengths and weaknesses. What are some universal data points or indicators that organisations should attempt to measure? BULGARELLA: There are six areas of measurement that are critical. In particular, to establish if and where the organisation is pursuing conflicting priorities, and, therefore, delegating risk to employees, an organisation needs to know three things, starting with what principles of conduct are currently ingrained within their own fabric. It also needs to understand how managers and leaders conduct themselves and exercise their power. And it must clarify the impact of both implicit and explicit incentives (i.e. overt and covert rewards and penalties) on employee behaviour. Gauging ethical capacity is also a must. Specifically, the assessment as to what level of ownership exists across the organisation and various roles with respect to ethics. In addition, an organisation must establish what resources and conditions support ethical reasoning. Finally, the measurement of whether ethical voice is strong or weak. By covering these six areas, the organisation has a real game plan for change and impact. Generally speaking, internal benchmarking should be given precedence over external benchmarking when it comes to ethical risk. Th is is why culture measurement should be conducted periodically and internal comparisons across business units and demographic groups should be performed using the right frame of reference. TURCO: Most organisations release all types of cultural and business surveys on a regular cadence, asking their employees a range of questions to gauge what employee’s thing and feel about the business, their manager, co-workers, etc. This is why we still don’t have universal data points, despite the need for it. These surveys are usually long, not actionable and not distributed in a way where employees feel that they can answer questions honestly. While these surveys are important they do not get to the level of information, you need to manage your culture. Understanding what your employees’ risks are, where they tend to make unethical decisions or struggle with making the right decision, what decision they make when no-one is looking, these are some of the assessment points you need in order to understand where your strengths and weaknesses are. It starts with an honest and transparent story with your executive team, your managers and your employees. To understand what needs to be fi xed, you need to understand what is happening within your organisation. www.ethicalboardroom.com

FACE THE FUTURE WITH CONFIDENCE Protiviti is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Protiviti and our independently owned Member Firms provide consulting solutions in finance, technology, operations, data, analytics, governance, risk and internal audit to our clients through a network of more than 75 offices in over 20 countries.

protiviti.com ÂŠ 2019 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. PRO-0119

Risk Management | Reputation

Onlinereputation We are living in a world where corporate online reputation really is everything in business. Online reputation influences and affects public perception, sales, profit… the list goes on.

As we continue to conduct more of our personal and professional lives in the online space, people routinely search for companies online before doing business with them. According to Forbes Magazine, 65 per cent of people now view the internet as their most trusted source of information, making mitigating reputation risk in today’s digital landscape a modern business essential.1 In a corporate era, where 90 per cent of us never move beyond the fi rst page of each engine results, controlling, monitoring and maintaining a positive presence online is a priority.

Mitigating corporate reputation risks in today’s digital world Roz Sheldon

Managing Partner and Head of Client Services, Igniyte

Marriott International and Talk Talk’s data breaches, all demonstrate the huge fi nancial and reputational impact of not having a clear or workable strategy in place. When Snapchat users reported issues with the platform’s ‘snapstreaks’ function in July 2018, the social media provider responded to users’ concerns with a series of automated messages. Unfortunately for them, people soon realised that the supposedly individual and sincere responses were, in fact, the work of bots. It wasn’t long before trolls were sending the bots irreverent messages – and sharing the Doing nothing is no joke worldwide. While the automated of businesses say service was well-intentioned, and a good longer an option negative content While general awareness of way to answer lots of queries at once, online has already people hated being misled and lost trust the need to understand and damaged their in the brand, putting a big dent in its counter digital reputation business online reputation. When the bot system risk is undoubtedly increasing, the complexity of the risks we’re was exposed, Snapchat remained po-faced, facing are growing, too. Global networks, instead of taking the chance to laugh and multi-channel working and the speed, reclaim its fresh, modern image. transparency and reach of social media In this case, and across the board, trust platforms, are all making it harder to and reputation are clearly linked – especially remain in control of conversations about when companies are asking customers to you and your company, brand or employees. provide sensitive data. So, if personal details As a specialist in online reputation risk, are hacked or misused, brands need to act every day I examine some of the most quickly to regain market confidence. pressing reputation risks and challenges When Marriott International revealed facing companies, brands and senior 500 million customers had been hit by a executives. When it comes to mitigating data leak in November 2018 (the leaks and managing the type of online happened several years earlier but news reputational risk that can affect a company, only became public in 2018), its share price brand, executives, employees – and their dropped by 6.9 per cent overnight. Ongoing value – it really does pay to be in the know. class action lawsuits, from travellers Here, I’m shining a light on the specific risks looking for compensation, are expected to facing businesses and the risks executives leave the hotel giant with a multi-billion and employees pose to brand and company pound bill. Then there’s also the damaging reputation, with recommended strategies to loss of consumer confidence. combat negativity and build an enduring, Talk Talk’s data breach – the most robust online presence. far-reaching of its kind – saw 21,000 sets of customer details stolen and a then record When disaster strikes fi ne of £400,000 imposed by the Information — big brands under fire Commissioner’s Office. While smaller In recent years, I’ve seen some of the world’s businesses may not face huge data breaches biggest brands struggling to rebuild their or system glitches in the same way, they corporate reputations after a series of are vulnerable to potentially catastrophic major crises. Recent cases like Snapchat’s negative content, including trolling, forum automated response to a system glitch and comments on trusted business sites, such as

31%

102 Ethical Boardroom | Winter 2019

Money Saving Expert, from customers or employees, and negative or fake reviews. All the above remain online and visible for many years and can cause a disproportionate amount of harm. Just one negative comment can lead to a highly toxic comment thread, denting consumer confidence and trust. Unfortunately, smaller businesses are less likely to have the resources in place to manage and counteract these attacks, so – as in all cases – having the right strategies and plans in place ahead of time is key.

Reputation risk — the challenge for companies and brands

Companies and brands are waking up to the importance of protecting their online reputations. Investing in professional reputation management services, actively monitoring online conversations and a more proactive approach to policing and responding to reviews are now all part of everyday marketing and PR functions. Throw in a solid crisis communications team and some expert social media management and you could be forgiven for thinking your online reputation is in safe hands. But, as you would expect, in today’s fast-moving digital world, new threats are appearing with alarming regularity, often linked to the success and development of new online channels. So, it’s important to keep an eye on new technological and digital developments. As well as the benefits that recent innovations, such as apps and video content can bring (wider reach, better audience targeting), consider the potential reputation risks they pose too, and how you can prepare for them. ■ Video content remains one of the fastest-growing marketing tools, giving brands and companies the ability to reach much wider audiences, but it can also be used to distribute negative content, so carries real risk. So how do you mitigate these while still harnessing video’s huge potential? How your company can create high-ranking, relevant video content that will appear prominently when people search for your brand ■ It’s important to think about the kind of videos people are engaging with and sharing. How can you create something like this for your business? ■ YouTube is an online force to be reckoned with – and mitigating risk means acknowledging its significance. Coming third only to Google as a search engine and Facebook as a social media www.ethicalboardroom.com

MANAGING YOUR ONLINE BRAND Preventing a crisis is better than curing one

31%

The top three future business concerns/ threats to online reputation are negative press coverage (26%), negative content (20%) and negative social media & reviews (20%)

of businesses are being affected by inaccurate or malicious posts by employees (past/present)

Negative media has damaged or concerned

46%

of businesses — up 29% in the past four years

platform, it is important to share content there – and be aware of any negativity it might hold ■ Chatbots can be an effective way to deal with customer service issues quickly. When questioned in October 2018, customers in India, South Korea, Singapore and the US said chatbot messaging was their preferred communication channel. 2 But as the 2018 Snapchat case showed, chatbots carry an inherent risk. As an impersonal, automated service, they cannot always deliver the personalised service www.ethicalboardroom.com

customers want – and when reputational issues are raised they may remain unrecognised ■ Another major source of risk is negative content appearing on page one of a search and content placement. A 2018 Forbes report revealed businesses face losing almost a quarter (22 per cent) of potential leads when customers come across one negative page one search result article. When they spot three, 59 per cent of browsers turn off. Another 91.7 per cent of people never look further than page one search results – so be sure to audit yours regularly

■ Take control by overpowering uncontrolled third-party content (forums, review platforms, etc) with your own controlled, owned and optimised profi les and websites. That way they are more likely to stay on page one. At the same time, create a consistent and ongoing published plan for content across third party sites ■ Being aware of everything that is being said about your brand is vital, so make sure your monitoring service is working well – and capturing all data. Can you segment data? Think about measuring sentiment as well as volume to provide a clearer picture of your online reputation. Be aware that sentiment can be subjective and some online conversations are more transient than others. So, a negative tweet will have less impact than a negative news headline Winter 2019 | Ethical Boardroom 103

Risk Management | Reputation ■ Understanding reach is also important – if a user has 10 followers it’s unlikely their content will go viral. If their audience is 60,000, you may have a problem ■ Approach digital advertising carefully. Are you using an automated, target-led service? If so, make sure you know where ads are being placed and assess any reputational risk. Are they being placed in apps or across video? Can you find ways to examine setting and context to make sure your online reputation doesn’t suffer? ■ Data protection and inappropriate or tasteless advertising are the most common reputational gaffes – so err on the conservative side when commissioning creative content. Relevant targeting is also key. Platforms provide audience targeting tools, but be aware of the General Data Protection Regulation (GDPR) regulation when using email marketing. Choosing a recognised marketing platform, such as the GDPR-compliant Mailchimp, will help

KEEPING TRACK OF ONLINE OPINION Decide who will monitor social media channela

Review your reviews…

The power of peer-to-peer reviews shows no signs of dimming, with 95 per cent of consumers saying they read online comments before making a purchase. 3 Whether it’s customer-facing platforms, like Yelp and Google, or employee-specific sites, such as Glassdoor and Indeed, you need to be aware of what people are saying about your brand, services, employees and executives – and join the conversation. It’s no longer enough to simply monitor/ gather reviews – genuine engagement is what customers are looking for. According to contemporary research, review responses are closely observed. An overwhelming 82 per cent admit they actively look for bad reviews before deciding to buy and they spend four times as long interacting with negative comments. There is a sliding scale – and ‘five out of five’ reviews may actually be too good to be true. Richard Shotton discusses this in his 104 Ethical Boardroom | Winter 2019

book The Choice Factory, citing evidence from Northwestern University. It looked at 111,000 product reviews and found that when product reviews are near perfect, 4.9 or five out of five stars, fewer people actually go on to buy that product. We should also consider the related phenomenon ‘reputation inﬂation’, where we tend to rate people highly in systems where the ratings are public and visible.4

What’s your CEO’s reputation strategy?

CEOs are a diverse bunch and for every one that is ‘out there’, happy to be the face of the brand boss, there are plenty of others who prefer relative anonymity. But in the digital age, leadership is a resource that must be carefully curated. CEOs must embrace their potential to be amazing online brand ambassadors. When a Google employee criticised the company about its lack of diversity, chief

the case of billionaire entrepreneur Elon Musk. The Tesla CEO is an avid Twitter user whose comments regularly affect the market value of his companies. So, when he accused a British rescue diver of sexually inappropriate behaviour, Tesla’s share price plummeted. Controversial tweets about the company’s finances and possible private ownership plans also saw Musk facing an investor backlash and fines, while a 2018 web link appearance where he smoked cannabis led to a fall in share prices by another six points. Later, in November 2018, Robyn Denholm took over as chair of the Tesla board.

Joined up thinking — employees and reputation management

While leaders have the potential to create and add company value, employees – and this includes those at boardroom level – carry real risk in terms of day-to-day behaviours that go against company values as well as the threats of financial and data breaches. All must be included in any reputation management plan. Having a clear reputation strategy, that sets our clear guidelines and expectations for online employee behaviour, is an important fi rst step. Decide who will own the strategy and liaise with HR, IT and security departments to monitor for inappropriate or negative postings and behaviour. Clearly, employees don’t ever want to feel that they are being watched so bosses need to produce clear guidelines about access to information, social media use and appropriate workplace behaviour. The Information Commissioner’s Office provides advice on how to do this effectively and ethically. Identify key online

The opportunities offered by today’s commercial and social online landscapes are immense. But as digital working advances, so too do the associated risks

executive Sundar Pichai quashed the online reputational risk with his own fast reaction. Breaking off from a family holiday to personally oversee the company’s response, he issued a clear statement to employees denouncing discrimination and attracted praise from business writers and analysts. But not everyone is as bold. A recent social report says only 40 per cent of CEOs are active on social media and only 70 per cent use LinkedIn. 5 A survey from international PR fi rm Weber Shandwick, revealed that executives now feel that 45 per cent of their company reputation and 44 per cent of capital value is directly attributable to their CEO’s behaviour, with 50 per cent predicting that figure will continue to rise.6 As a result, 81 per cent of bosses now feel that external CEO engagement is vital to building a strong business reputation. This blurring of personal and professional boundaries takes careful management. Take

assets and risk assess them – who needs access to them? How can this be supervised?

Conclusion

In summary, the opportunities offered by today’s commercial and social online landscapes are immense. But as digital working advances, so too do the associated risks. Brands, companies, senior executives and employees all need to take responsibility for mitigating these risks; assessing, monitoring and managing risks; implementing preventative measures: and acting quickly when crisis hits. By doing all of the above, businesses and brands can continue to maximise the online opportunities available to them and build a robust and resilient online reputation that consumers trust and engage with. Footnotes will be run in full online.

www.ethicalboardroom.com

Board & Board & Governance Governance SERVICES SERVICES

Reputation Reputation Risk & Crisis Risk & Crisis SERVICES SERVICES

Cyber & Digital Cyber & Digital Governance Governance

Ethics, Culture Ethics, Culture & Compliance & Compliance

Strategic & Strategic & Enterprise Risk Enterprise Risk

Transforming Transforming Risk into Risk into Resilience & Resilience & Value Value

SERVICES SERVICES

WWW.GECRISK.COM WWW.GECRISK.COM

GEC Risk Advisory is to GEC Risk Advisory is to be seriously considered be seriously considered if you are looking for ifseasoned you are looking advice.” for seasoned advice.” L’Oreal, Paris, France L’Oreal, Paris, France

GEC Risk presented a customized workshop GEC presented a customized workshop for anRisk internal training program which drew for aanwealth internal program which drew on of training knowledge and experience onthe a wealth of knowledge experience in field using a range ofand interesting and in the field using a range of interesting and up-to-date resources (infographics/news/case up-to-date resources (infographics/news/case studies/role plays) to engage the audience on studies/role plays) toissues. engage these very complex ” the audience on these very complex issues.” Reckitt Benckiser, UK Reckitt Benckiser, UK

Getting advice that is large Getting that is large companyadvice appropriate but with company appropriate butto with small company attention detail small companydifferentiators attention to detail are important are important differentiators that sets GEC apart from many that sets GEC apart from many competitors.” competitors.” FirstRand Bank, Johannesburg, FirstRand Bank, Johannesburg, South Africa South Africa

Previews are coming in for Dr. Bonime-Blanc’s forthcoming book to be published in spring 2019: Previews are coming in for Dr. Bonime-Blanc’s forthcoming book to be published in spring 2019: IAN BREMMER, PRESIDENT, EURASIA GROUP. NEW YORK, USA. IAN BREMMER, PRESIDENT, EURASIA GROUP. NEW YORK, USA. “A book as impressive in its breadth of content as its optimism, Bonime-Blanc “A book as impressive in itsofbreadth of pressing content as its optimism, Bonime-Blanc offers compelling analysis the most issues of the day, pairing them offers compelling analysis of the most pressing issues of the day, pairing of them with concrete strategies that a wide variety of organizations are capable with concrete strategies that a wide variety of organizations are capable of adopting. For those in the field, a book not to be missed.” adopting. For those in the field, a book not to be missed.”

GLOOM TO BOOM: GLOOM TO BOOM: How Leaders Transform Risk into Resilience and Value

How Leaders Transform Risk into Resilience and Value By Andrea Bonime-Blanc | www.gecrisk.com/gloom-to-boom/ By Andrea Bonime-Blanc | www.gecrisk.com/gloom-to-boom/

CONTACT GEC RISK ADVISORY CONTACT GEC RISK ADVISORY

abonimeblanc@gecrisk.com abonimeblanc@gecrisk.com www.linkedin.com/in/andreabonimeblanc www.linkedin.com/in/andreabonimeblanc @GlobalEthicist @GlobalEthicist

Risk Management | TPRM

Third-party risk management and the ethical boardroom One of the key trends that I observed in 2018 is the increasing number of organisations that are beginning to view third-party risk management (TPRM) as a board imperative. And with good reason – third parties can have a significant impact on the success and reputation of your business. The use of third parties – which include suppliers, outsourcers, licensees, agents, distributors, vendors and the like – is an essential part of any business ecosystem today. So much so, that the Institute of Collaborative Working estimates that up to 80 per cent of direct and indirect operating costs of a business can come from third parties, while up to 100 per cent of a company’s revenue can come from alliance partners, franchisees and sales agents. When your third-party relationships are effective, you benefit from better financial outcomes, innovation and business resiliency. But when they fail, their failures become yours – only magnified.

Keeping track

TPRM is a process that allows management to identify, evaluate, monitor and manage the risks associated with an organisation’s third parties and their contracts. With this increased strategic and operational reliance on third parties comes increased risk, which must be identified, understood and managed. Th is can be a complex exercise as an organisation may have many thousands of third parties and there are many risks that a third party can present, which you can see in the table opposite. With so much at stake, regulators globally are turning up the heat. They have made it quite clear that while organisations can outsource a task, they cannot outsource the responsibility. Increased regulatory scrutiny, however, is just a symptom of the underlying issue – the way organisations do business is evolving dramatically and rapidly. And with this, the way they manage risk and govern their extended enterprise needs to evolve quickly, too. This evolution is challenging – third-party risk management is a relatively new discipline and companies are at radically different stages 106 Ethical Boardroom | Winter 2019

If third-party risk management is showing up on your board agenda more and more often, you’re not alone Michael Saracini

CEO of Aravo Solutions of maturity, depending on their industry, size and culture. From a discipline that has evolved largely from siloed and ad-hoc processes, there’s a growing recognition that a more joined-up, standardised and enterprise-wide view of risk is required.

The role of the board

Progressive boards are recognising that an increased focus on third-party risk makes good business sense, given the importance third parties play in the organisation’s overall strategic approach. In fact, Deloitte believe that ‘those organisations that have a good handle on

When your third-party relationships are effective, you benefit. But when they fail, their failures become yours — only magnified... Regulators have made it clear that while organisations can outsource a task, they cannot outsource responsibility their third-party business partners, cannot only avoid the punitive costs and reputational damage, but also stand to gain competitive advantage over their peers, outperforming them by an additional four to five per cent ROE, which, in the case of Fortune 500 companies, can mean additional EBITA in the range of $24-500million’. But there’s more to board oversight than fiduciary duty. There is a bigger purpose, which has far-reaching implications. Ethical boards and the ‘tone from the top’ that they

and their C-suite deliver, are integral to ensuring that the business acts with integrity and keeps bad business practices – such as corruption, human rights abuses or environmental crime – from their wider business relationships and supply chain. Put simply, boards are not fulfi lling their oversight responsibilities if they don’t take measures to lead ethical business practices across the enterprise, which includes the third-party ecosystem. Research indicates that an organisation’s ability to effectively mitigate third-party risk is tied to greater board involvement. In the Shared Assessments programme and Protiviti’s latest examination of the maturity of vendor risk management, it reported that there is a strong correlation between board involvement in TPRM strategy and TPRM programme maturity. Yet, despite the importance of third-party risk mitigation, only about five per cent of risk professionals feel they had an optimised programme in place, according to a 2018 survey conducted by the Centre for Financial Professionals (CeFPRO) and Aravo. Clearly, there is still significant work to be done when it comes to achieving the levels of TPRM maturity we need to protect stockholders, employees and society at large, as well as comply with evolving internal and external compliance requirements.

What is best practice for TPRM? An organisation with a mature, agile TPRM strategy has immediate enterprise visibility into third-party risk at every level: an overview of the inherent risks across the third-party portfolio, a robust risk profi le of each individual entity and insight into third-party performance related to specific contracts or KPIs. To achieve this level of insight and confidence, organisations can follow a few interrelated best practices: ■ A federated approach A balance of centralised risk management responsibility with participation from business owners and relationship managers allows organisations to standardise TPRM policies and procedures. As a single source of truth across risk domains, a federated TPRM system can generate insights the board needs for high-level oversight as well as be alerted to risks that might be overlooked when information is in www.ethicalboardroom.com

TPRM | Risk Management silos. For instance, in a disconnected system, leaders may not realise that a third party has relationships in multiple critical areas and underestimate the risk they present to the organisation. If that third party crossed a risk threshold (like a change of ownership that signalled a corruption risk), it’s possible that not everyone would be alerted ■ Management of the entire life cycle Assessing third-party risk isn’t a ‘one and done’ exercise. Between onboarding and termination, a third-party’s risk profi le can change, or they may fail to meet contractual obligations and have to go through a remediation process. Juggling documents and spreadsheets for ad hoc TPRM processes or cobbling together disconnected silos of TPRM practice won’t provide the enterprise visibility you need to fulfi l your oversight obligations. The organisation would also be squandering valuable resources trying to analyse and report on data across the third-party ecosystem while increasing potential exposure to unforeseen risks ■ Enterprise visibility While the board sets the tone for creating a culture of ethical behaviour and accountability, multiple people are responsible for executing, sustaining and auditing TPRM policies and procedures. Most of those people also have other responsibilities as well, so it’s important that they can easily and securely receive notifications and view the data they need, based on their roles, whether in a high-level dashboard, detailed reporting, or by drilling down into specific records. As the centralised system of record, TPRM must be able to deliver an enterprise view of the data, based on the user’s role in the organisation ■ Secure agility In addition to changes in risk profile, internal policies and regulatory requirements also change, so organisations need to be able to adapt without prolonged or complicated projects. For instance, the General Data Protection Regulation (GDPR) that came into force last year meant that organisations that hold or processed personally identifiable information for EU citizens will have needed to evaluate their portfolio of third parties to identify which came within the scope of the regulation, assess them for their compliance posture, and ensure reporting and escalation processes were in place for reporting to the regulators. With new regulations, like CaCPA (California Consumer Privacy Act of 2018) coming online, organisations can’t afford to be locked in to rigid systems www.ethicalboardroom.com

Reputational risk A risk from damages to an organisation’s reputation, resulting in lost revenue, increased operating, capital or regulatory costs; or destruction of shareholder value

Geopolitical risk A risk of loss associated with a third party’s ability to meet contractual arrangements due to political, socioeconomic and cultural factors (events, trends, developments) of a specific country or region

Financial risk The risk of loss to the business if a third party is unable to meet the terms of contractual arrangements or to otherwise financially perform as agreed

Regulatory and compliance risk The risk of exposure to legal penalties, financial sanctions and material loss an organisation faces when it (or its third party) fails to act in accordance with industry laws and regulations, internal policies or standards

Cyber/information security risk The risk of financial loss, disruption, or reputational damage from a failure of information technology systems

Concentration risk

Strategic risk

Business continuity and resiliency risk The risk of loss arising from a third party’s ability (or lack thereof) to overcome serious incidents or disasters and resume its normal operations within a reasonably short period

Operational risk

Data privacy risk The risk of financial loss, disruption, or reputational damage from a failure to protect personal information

Bribery & corruption risk The risk of offering, paying or receiving a bribe through an officer, employee, subsidiary, intermediary or any third party acting on the commercial organisation’s behalf

The risk of loss arising from adverse business decisions, or the failure to implement appropriate business decisions in a manner that is consistent with the organisation’s strategic goals 4th party risk It’s not just third parties that bring risk – it extends to their third parties and beyond. This is the risk assumed when third parties use subcontractors to manage part of their service or product

The risk of loss due to lack of diversification. This includes over-reliance on a single vendor as well as geographical concentration of third parties and their subcontractors in a single place

The risk of loss to the business arising from inadequate or failed procedures, systems or policies. Any event that disrupts business processes

RISKY BUSINESS Multiple people are responsible for TPRM policies and procedures

Winter 2019 | Ethical Boardroom 107

Risk Management | TPRM

Building effective TPRM oversight

Identify your risk appetite As part of their oversight responsibility, board members should agree on and articulate what is an acceptable risk and what isn’t. Obviously, there are third-party behaviours that can’t be tolerated, such as clear ethical and criminal violations, but somewhere between the impossible goal of zero risk and unacceptable behaviour, there is a point at which the organisation is willing to accept the risk-to-value ratio. Understanding and evolving the level of acceptable risk requires input and counsel from board members. Larger or more complex organisations may determine varying risk appetites, based on factors such as geography, division or risk type. Certain kinds of risk (such as establishing a critical third-party relationship in a country with high incidence of corruption) call for greater due diligence than others (such as warehouse janitorial services). These thresholds should be built into the TPRM system to trigger automatic warnings and remediation when they are exceeded. and support a 2 Create governance structure

Consistent policies and procedures make it possible for an organisation to identify, analyse and manage risk in a way that can be communicated both internally and externally. To oversee the execution of policies and procedures, many boards are appointing a specific director as the point-person for third-party risk. Some are also establishing managing boards in regions or business units to reinforce both the guidelines as well as the culture of ethical behaviour and compliance. Balancing centralised risk management responsibility with participation from business owners and relationship managers allows organisations to standardise TPRM policies and procedures without having to run a ‘risk business unit’. By investing in technology that automates processes and empowers employees to manage risk in a federated system, organisations can impose centralised control without sacrificing overall productivity. define roles 3 Clearly and responsibilities

With an overall culture of compliance, there should be clear expectations and accountability across all three lines of defence: 1. Those who own and manage risk (e.g. a business owner or relationship manager), 2. Those responsible for overseeing risk management or compliance (e.g. a risk and compliance executive) and 3. Those who validate compliance with third-party policies and procedures (e.g. internal auditors). 108 Ethical Boardroom | Winter 2019

By working collaboratively, these roles efficiently provide the needed third-party risk documentation and reporting, oversight and accountability, and independent reviews. When roles aren’t clearly defined, TPRM may not be given the priority and attention needed to protect the organisation from external risk. regularly 4 Review Alarmingly, a 2018 survey by EY

found that only 22 per cent of organisations report breaches to their boards. Even with the most robust system for managing and understanding third-party risk, the board needs to maintain ongoing oversight. Management should be expected to report on critical KPIs and significant changes, remediation/residual risk and critical relationships that could impact the organisation’s financial or reputational performance. The board should review the overall TPRM strategy annually to ensure that it stays current with organisational goals and the business ecosystem. While it shouldn’t require a complete overhaul, factors such as a change in risk appetite, new initiatives that introduce new risk domains, and changing legislation or enforcement guidance will require adjustments to TPRM policies, procedures and processes.

Regulatory expectations of board members

Recognising the ethical leadership role of board members, regulators are holding them accountable for poor behaviour, which could lead to board shake-ups and even personal liability. Board minutes should reflect board input, review and approval of TPRM strategy as well as remedial actions. Some of the things regulators expect to see included in board minutes of compliant organisations include: ■ A record of attendance and participation in regular third-party review meetings

■ The methodology for categorising critical activities ■ The approved plan for employing third parties for critical activities ■ Third-party contracts for critical activities ■ A summary of due diligence results and ongoing monitoring of third parties involved in critical activities ■ Results of periodic internal or independent third-party audits of TPRM processes ■ Proof of oversight of management efforts to remedy deterioration in performance, material issues or changing risks identified through internal or external audits

Embedding TPRM governance in the organisational culture The role of the board in gaining the acceptance for a TPRM governance programme can’t be overstated. Without organisational buy-in, it’s unlikely the programme will deliver the desired value and results. Creating and sustaining this buy-in requires ongoing support and monitoring as the programme is rolled out as well as over the long term. To help ensure the governance programme is being accepted by the organisation and delivering value, boards should:

■ Provide the right resources for the team implementing the governance programme ■ Encourage effective collaboration between risk, compliance, procurement, and the business, among other teams ■ Incentivise or reward achievement of TPRM organisational metrics (such as through MBOs), when appropriate ■ Implement high-quality training for employees involved with third-party relationships ■ Communicate the importance of TPRM across the enterprise, starting at the top ■ Invest in a technology platform that reflects best practices and enables effective collaboration, communication, and relationship management Overseeing a strong TPRM programme demonstrates the board’s commitment to the financial and ethical integrity of the organisation they lead. It helps to ensure their organisation can deliver the value it should be creating for shareholders, improve relationships with third parties and key stakeholders (such as industry regulators) and uphold fair business practices. UNDERSTANDING THE LEVEL OF RISK Warning systems can monitor when thresholds are exceeded www.ethicalboardroom.com

KEEPING IT ABOVE BOARD

PLACE YOUR ADVERT HERE IT’S THE BEST WAY TO

REACH YOUR AUDIENCE THAT IS SPREAD OVER

60 COUNTRIES to know the latest in

Board Leadership • Board Governance Technology • Activism & Engagement Regulatory & Compliance • Risk Management

“Essential reading for boards who want to stay ahead of the governance curve” Contact: Guy Miller email: guy@ethicalboard.com twitter.com/EthicalBoard

www.linkedin.com/company/ethical-board-group

Global News Africa Absa CEO unveils plan to step down

Remuneration committees ‘need to upskill’ Major South African institutional investors have questioned whether remuneration committees are approaching shareholder engagement properly. According to the 11th edition of PwC’s Non-executive Directors: Practices and Fees Trends Report, investors are sceptical that many listed companies below the JSE top 40 are investing in good shareholder relationships. Investors want remuneration committees to do more to upskill themselves to properly execute

their duties rather than being over-reliant on external consultants and advisors. The PwC report suggests: “We believe the board chairperson and the remuneration committee chairperson should both be aware of their respective roles with regards to the execution of the remuneration committee mandate and shareholder engagement. They also need to actively fulfil those roles throughout the year to ensure that they meet their fiduciary duties.”

CDC backs scheme for more women on boards The UK development finance institution CDC has pledged its commitment to bring increased diversity to companies and organisations across Africa. CDC will support TheBoardoom Africa (TBR Africa) network in a £1.6million partnership to boost the campaign to double female representation in Africa’s boardrooms by 2028. Funding from CDC will enable TBR Africa to expand its membership and client base and support the development of its accredited board training and mentorship programmes tailored to women in the African business community. Marcia Ashong, founder and executive director of TBR Africa, said: “We are proud to partner with CDC Group, one of the leading investors in Africa, as we work to expand our network and help more companies recognise that gender diversity has real social and economic benefit to both business and society.”

Nigeria reform 'a giant stride' forwards Nigeria has unveiled a new code of corporate governance that will ‘promote success and economic growth, lower cost of capital and help to minimise the waste and corruption’. Vice president Yemi Osinbajo unveiled the code, saying it underscored the importance that the current administration attached to ensuring the sustainability of businesses operating in the country. “The code has been long awaited and I believe that it will satisfy our

110 Ethical Boardroom | Winter 2019

desire for higher standards of corporate governance and ethical practices in our business environment and help to rebuild public trust and investor confidence in the Nigerian economy,” said Osinbajo. Speaking at the unveiling ceremony in Abuja, the vice president said that with its introduction the country has taken a 'giant stride' in its bid to become a preferred investment destination.

Maria Ramos, the chief executive of South African financial services provider Absa Group, will retire at the end of February after 10 years at the helm. Ramos, who will turn 60 in February, will be replaced as interim CEO by René van Wyk from 1 March, the company has said. Van Wyk has been a non-executive director on the Absa board since February 2017. Ramos’ decade as chief executive of South Africa’s third-largest bank oversaw the lender’s separation from its former UK parent, Barclays. “With the separation on track and our new strategy as a standalone financial institution in place, Maria feels that this is the right time to retire,” Absa said. “Instead of a South African bank, Absa is now a pan-African financial services provider with a footprint in 10 countries across Africa.”

Governance code for West African companies International Finance Corporation (IFC) and West Africa Regional Stock Exchange have signed an agreement to cooperate toward improving corporate governance practices of listed companies. Under the agreement, IFC will help Bourse Régionale des Valeurs Mobilières (BRVM) ‘design, develop, draft and implement a corporate governance code’. The IFC said its corporate governance programme will work to improve performance of African companies and increase market capacity to attract and retain investments. Adamou Labara, IFC’s acting country manager for Côte d’Ivoire, added: “Through this partnership, BRVM can leverage IFC’s global expertise in corporate governance to help African companies improve their access to capital.”

www.ethicalboardroom.com

AFRICAN ROOTS, WORLD CLASS SERVICE

...THINK www.zenithbank.com www.zenithbank.com

For enquiries and feedback, kindly contact For enquiries and feedback, kindly contact ZenithDirect, our 24hr interactive Contact Centre: ZenithDirect, our 24hr interactive Contact Centre:

+234 1 278 7000, +234 1 292 7000, +234 1 278 7000, +234 1 292 7000, +234 1 464 7000, 0700ZENITHBANK +234 1 464 7000, 0700ZENITHBANK zenithdirect@zenithbank.com zenithdirect@zenithbank.com

Technology | Communication & Risk

A looming challenge for corporate governance Ephemeral and self-destructing messages, use of private communications channels and other workarounds to corporate oversight and compliance Every month more than four billion people send 560 billion SMS text messages worldwide – a 7,700 per cent monthly increase over the past decade. Instant message traffic on apps such as Facebook Messenger, WeChat, WhatsApp, Viber and Line, top 60 billion texts daily.1 As of 2018, Slack says it has eight million daily active users and three million paid users.2 According to one recent survey, nearly 78 per cent of people would like to have a text conversation with a business and 80 per cent of professionals currently use SMS for business purposes. More than half of professionals claim that they cannot stand even 10 minutes without responding to a text.3 Coupled with the emergence of messaging generally are self-destructing messaging services, such as Snapchat, Telegram, Confide, Signal, Wickr, Telegram, Hash, Cover 112 Ethical Boardroom | Winter 2019

Jason R. Baron

Of Counsel in the Information Governance and eDiscovery Group at Drinker, Biddle & Reath LLP Me, SpeakOn, Bleep, and a host of others. Unadorned use of these messaging apps means there may, in fact, be no ‘record’ in any sense that can be captured by any actor or institution subject to regulatory oversight or compliance obligations. Although, admittedly, such applications are less prevalent among business people than they are with the under 18 set, they nevertheless are available to any potential interested party as a means of conducting business – for time-saving efficiency by many, and for less salutary, ‘off-the-books’ uses by some. In 2017, a Washington DC-based public interest group filed a lawsuit against the current White House, alleging that presidential staff were using communications platforms, such as WhatsApp, Confide, and Signal, that allow for self-deletion, while

failing to put into place an adequate archiving scheme for the capture of such messages (either by automated means or by staff copying messages manually).4 The lawsuit was dismissed on the grounds that under existing precedent the court did not consider itself to have jurisdiction to interfere with presidential records management practices. But on its merits, the allegations in the complaint painted a picture of potential widespread noncompliance with recordkeeping policies that simply are not keeping up with the pace of technological change. And so, at the end of the second decade of the 21st Century, we face what might be considered an existential threat to ‘recordkeeping’ as we know it, to the extent that business-related communications are increasingly conducted by employees of www.ethicalboardroom.com

Communication & Risk | Technology enterprises via these types of messaging channels, either on company-owned or employee-owned devices. Shall we give up? Shall we try to rigidly enforce prohibitions on the use of these services? Or, as an intermediate position, shall we ask what data controls are reasonable to contemplate as a matter of governance, compliance and oversight? The question is of an urgent nature, given the accelerating proliferation and use of such applications. Taking a step back, it may first be best to review how we got here, including key milestones and earlier warning signals along the way. Armed with that knowledge, we can take a stab at sketching out a path to better compliance from both the perspective of technology and information governance policy. In 1986, employees of the US National Security Council were informed in a White House guidance manual that email should not be used to convey official records information. That written policy prohibition went unheeded by Lt. Col. Oliver North, John Poindexter and others, who sent to each other thousands of emails (in the form of ‘PROFS notes’) about high-level, sensitive matters of government, including pertaining to the infamous Iran-Contra affair. Such messages were seized as part of an Independent Counsel investigation and subsequently were caught up in decade-long litigation over the record status of email messages residing on backup tapes. The government eventually lost the argument that only email communications that had been printed out were true government records. Subsequently, the Clinton White House agreed to restore emails from backup tapes, including with certain metadata, for placement in government archives and also agreed to put into place a system for email archiving going forward.5

Evolving communication

In the intervening decades, email became the lingua franca of office communications, whereby virtually all public and private organisations comprising more than a few employees have instituted email as a communications channel at least in-house. As history repeatedly has shown, however, institutional policies that enable end-users with access to new types of communications technologies (as email was in the 1980s), coupled at the same time with policy guidance informing those users that they should not use the technology for ‘official’ or ‘business’ communications, have proven to be a recipe for failure from a compliance perspective. In 1995, the introduction of the Netscape browser led to a period of information inflation, in which the number of websites grew from less than a hundred to more than 100,000 in very short order.6 This, in turn, heralded an era where end users could, in theory, access a world of online connections www.ethicalboardroom.com

from their workplace desktops. That said, it was only in the post-2000 era that the world of communications technologies really started to take off, with the introduction of the Google search engine, coupled with platforms represented by Gmail, Yahoo and other providers. For the first time, employees had realistic, easy-to-use alternatives to sole reliance on corporate email networks – which in many cases have been subject to slow-downs, connection issues and glitches of all types. In this same time period, there was an explosion of laptops, mobile devices, personal digital assistants and, most of all, smart phones with the capability not only of accessing email networks (corporate and private), but also downloading a wide variety of apps. It was therefore entirely foreseeable that employees – including some of the most senior level officials – would gravitate to using alternative means to communicate in the course of carrying out various types of business activities. Just as inevitably, in the last half decade or so, controversies over the use of commercial networks and apps to communicate about official business have blossomed. The controversy over US Secretary of State Hillary Clinton’s use of a private email server is the most prominent

A number of controversies have sprung up in countries around the globe, including Australia and Canada where, in addition to many high-level state and federal officials in the US, leaders of all stripes have used private communications channels example of this phenomenon, but she by no means has been alone: a number of controversies have sprung up in countries around the globe, including in Australia and Canada, where in addition to many high-level state and federal officials in the US, leaders of all stripes have used private communications channels – mostly to date involving some form of email messaging – to discuss government business. From a law-making perspective, the US federal government has been out in front by enacting into law in 2014 provisions that require officials who conduct government business by means of ‘electronic messaging’ on a private commercial network to take reasonable steps to forward or copy the messages into an official recordkeeping system (with a ‘.gov’ address).7 Notably, the statute does not prohibit the use of commercial services, but instead provides conditions on use. The statute also includes a

provision for agencies initiating disciplinary measures against employees who fail to adhere to these legal requirements. More recently, the US Department of Justice (DOJ) has focussed on ephemeral messaging in connection with its corporate enforcement policy, pursuant to the Federal Corrupt Practices Act (FCPA). In announcing the new policy rules in 2017, US Deputy Attorney General Rod Rosenstein stated in a speech: “The government should provide incentives for companies to engage in ethical corporate behaviour. That means fully cooperating with government investigations and doing what is necessary to remediate misconduct – including implementing a robust compliance programme. Good corporate behaviour also means notifying law enforcement about wrongdoing.” 8 To that end, under its recent Corporate Enforcement policy (USAM 9-47.120), DOJ has put into place a presumption that companies will receive a ‘declination’, i.e. full remediation credit towards what otherwise would be a substantial monetary sanction, only if the company satisfies certain conditions, including for our purposes here: ‘appropriate retention of business records, and prohibiting the improper destruction or deletion of business records, including prohibiting employees from using software that generates but not does not appropriately retain business records or communications’.9 This phrasing clearly was intended to include ephemeral messaging, although in its scope it may potentially also sweep in very short retention times on email messaging as well (where automatic deletion is set to days, rather than months or years). At a minimum, it is now in the interest of C-suite executives in enterprises that might be affected by FCPA considerations to perform a risk analysis with respect to the pros and cons of continuing allowance of ephemeral messaging as a matter of corporate policy. Arguably, there are substantial financial benefits in mitigating potential exposure to fines, through clear corporate guidance prohibiting the use of ephemeral messaging apps for the conduct of corporate business. On the other hand, ephemeral messaging decreases overall corporate risks in at least three ways: first, by reducing the volume of retained messages that may be subject to cybersecurity threats; second, by controlling over-retention with corresponding litigation exposure due to the inadvertent or default retention of messages with negative consequences; and third, as a matter of compliance with emerging General Data Protection Regulation (GDPR) policies aimed at reducing long-term preservation of records containing personal data on individuals, including sensitive personal data. This same risk factor balancing ideally should be considered by all companies, not just those affected by FCPA policies. Winter 2019 | Ethical Boardroom 113

Technology | Communication & Risk Corporate policies prohibiting employee use of applications are certainly more easily enforceable on company-owned devices, although some kind of software auditing program – automated or manual – would still need to be put into place. However, a substantial portion of the corporate world has adopted some form of BYOD (bring your own device) policies, allowing for employees to opt to carry out corporate business on their personally owned devices. In such cases, although there are ways to embed software auditing for particular devices and apps on a voluntary basis, there would appear to be wide open compliance issues, given the ease with which individual employees may opt to install messaging apps that essentially can go undetected by their employers for some period of time. It remains unclear how true enforcement measures can be put in place that guarantee

FROM WHATSAPP TO TELEGRAM Professsionals are using a plethora of messaging services

compliance with prohibitory policies on messaging, absent implementing potentially near-Orwellian surveillance measures that would otherwise be unacceptable in many corporate settings, including in Europe under the GDPR framework. That said, for companies that encourage the use of newer forms of messaging in the workplace, there do presently exist at least some software apps that essentially include ‘back door’ provisions that allow for corporate monitoring. For example, Slack’s suite of offerings includes a feature option known as ‘Corporate Export,’ which the company describes as ‘a self-serve export tool that permits a workspace owner to export content from private channels and direct group messages as needed and permitted by law’.10 This is a tool that essentially allows for corporate monitoring of employee communications in a manner that for all practical purposes remains opaque to end users. The company provides examples on its Help Centre page where a customer (i.e. the company) may need to export content.11 Best practices in this area 114 Ethical Boardroom | Winter 2019

therefore suggest that when messaging software is allowed in the workplace, a company provides for some form of notice to its employees with respect to any reservation the company makes of the right for it to monitor messaging conducted on such apps.

Tackling the issue

In view of the fast-changing world of ephemeral and self-destructing messaging, here are some practical steps company officers should consider taking as part of a robust information governance programme.

C-suite executives should make every effort to understand the IT environment that exists in their workplace, including on corporate devices as well as on devices owned by employees but used for company business. What kinds of communications apps are being used, by whom and for what

messages need to be managed. While there is no iron-clad, general duty to preserve all business-related communications, under certain circumstances legal holds may need to be put into effect that cover relevant communications on ephemeral apps. Accordingly, encouragement should be given to employees in the first instance to use stable forms of communications (as defined under corporate policies), that reasonably comply with existing record retention practices and which allow for legal holds to be put into effect. Absent an outright prohibition of ephemeral messaging, companies should at a minimum make clear what is permissible and what is expected of employees using either corporate or personal devices, and should provide notice if the company wishes to perform some kind of audit of those devices. of setting expectations in a 3 Asgivena matter corporate culture, if senior officials

show that they are adhering to using more traditional channels for communication, mid-level supervisors and their employees may be readier to toe the line. The counter example of the head of an enterprise being known to use private channels as a means to communicate about company business only incentivises more widespread noncompliance with corporate policies. The genie is out of the bottle: there are a seemingly endless amount of easy ways that we as individuals are all now able to communicate with each other. New forms of technologies pop into existence with each passing year. A corporate strategy that embraces change in acknowledging these

New forms of technologies pop into existence with each passing year. A corporate strategy that embraces change in acknowledging these new ways of doing business, while providing clear, up-to date-guidance is a sensible path forward in the brave new workplace of our future purposes? Executives should consider taking reasonable steps to attempt to control communications, via investing in archiving tools for social media that capture communications on designated apps. As necessary or desirable, companies may consider imposing software blocking the use of certain well known apps to restrain employees from engaging in ephemeral communications. A caveat here is in order, however: such efforts may only encourage users to find less-well known workarounds, especially on their personally-owned devices. record retention policies and 2 Corporate device use policies should be updated

to explicitly include recognition of the fact that business records may be created on messaging applications, and that such

new ways of doing business, while providing clear, up-to date-guidance (and notice) to everyone on staff on what is and is not permissible, is a sensible path forward in the brave new workplace of our future. 1 https://medium.com/bsg-sms/50-texting-statistics-thatcan-quench-everyones-curiosity-even-mine-7591b61031f5. 2 https://www.businessinsider.com/slack-8-million-dailyactive-users-wants-500-million-2018-11. 3https://skipio. com/154-reasons-why-texting-is-the-future-of-business-tocustomer-communication/. 4See Citizens for Responsibility and Ethics in Washington et al. v. The Hon. Donald J. Trump and the Executive Office of the President, 302 F.Supp.3d 127 (D.D.C. 2018).. 5See Armstrong v. Executive Office of the President, 1 F.3d 1274 (D.C. Cir. 1993). 6G.Paul & J.R.Baron, ‘Information Inflation: Can the Legal System Adapt?,’ http://law.richmond.edu/jolt/v13i3/article10.pdf. 7 See 44 U.S. Code § 2911 (2019). 8https://www.justice.gov/ opa/speech/deputy-attorney-general-rosenstein-deliversremarks-34th-international-conference-foreign 9https:// www.justice.gov/criminal-fraud/file/838416/download 10 https://get.slack.help/hc/en-us/articles/204897248Guide-to-Slack-import-and-export-tools 11Id.

www.ethicalboardroom.com

95% of data leaks are by human error not hackers!

DISCOVER MORE

Technology | Corporate Governance

Dinosaur governance in the age of unicorns Tech firms needs to focus on their own specific risks to protect user and investor rights Alissa Amico

Managing Director, GOVERN

UNBRIDLED GROWTH Privately held tech startups are valued at more than $1billion 116 Ethical Boardroom | Winter 2019

The list of global unicorns – private companies exceeding a billion-dollar valuation – is dominated by two flags: Chinese and American. Th is bipolar nature of the world of corporate giants is not a reflection of the importance of the two largest global economies but a symptom of the effectiveness of the ecosystems that have produced them. Japan, the third largest economy globally, is home to exactly one unicorn and Germany, the fourth largest economy, is home to less unicorns than India, the fi fteenth economy in the world. While historically, the largest companies were in the hydrocarbon, petrochemical, industrial and financial sectors, the evolution of the global economy has challenged this status quo, which reigned unchallenged until only five years ago. In 2013, when the term unicorn was coined, only 89 companies trailblazed the billion-dollar mark. Since then, the growth of unicorns – numbering close to 300 and valued collectively at almost $900trillion dollars – has been utopian and Kafkaesque at once, considering the slowdown of the global economy. All signs point to the fact that technology unicorns, alongside large state-owned companies, will dominate rankings of the largest global corporations. Ex-unicorns will feature with similar prominence among the largest listed companies, despite a slowdown in their listings and their preference to stay private for longer, as the Airbnb case highlights. Today, it is hard to dispute that the future of large global corporations is underpinned not by their physical assets but by their ability to create technologies to fulfi l real and imagined needs. And yet, while the DNA of our largest corporations has mutated at a bewildering speed, regulators have been left far behind with laws and regulations still more suited to the ‘brick and mortar’ as opposed to a ‘network’ company. Although intangible assets are at the core of most large corporations today, international accounting standards still suggest that assets such as patents and trademarks can be recognised only if their market value can be established though a transaction with a third party. Perhaps the most important aspect that has eluded regulators has been the governance of technology companies and technology unicorns in particular, which account for the vast majority of billion-dollar fi rms. While the regulatory focus since the global fi nancial crisis has been hijacked by the fi nancial sector, the largest companies today are not banks, but technology unicorns. It is no longer www.ethicalboardroom.com

Corporate Governance | Technology Goldman Sachs, Wall Mart or Unilever, but Uber, Airbnb and Google that are global ‘household brands’ with potential to contribute to, or – more worrisome – disturb fi nancial, social and even political stability. While regulators globally have been busy cooking up rules for ‘too big to fail’ or, in the sector’s jargon, systemically important fi nancial institutions, the most systemically important companies today, both from the point of view of their social influence and their market valuations, are not fi nancial institutions but technology unicorns and ex-unicorns, following their listing. And yet, these companies are not addressed by specific corporate governance rules as are banking or insurance fi rms. Th is regulatory void is not in fact driven by governance excellence at large tech unicorns and ex-unicorns, as recent episodes highlight. Telsa and Facebook are both ex-unicorns and have demonstrated governance failures, the repercussions of which are felt not only by their shareholders, but also by users whose data they have failed to protect and whose physical safety has on occasion been compromised. Similar challenges are facing smaller technology startups in developed and emerging markets where

governments are seeking to foster tech entrepreneurship. Careem, Uber’s equivalent in the Middle East, for example, experienced a cybersecurity breach a few months ago, involving a leak of millions of customer details. Given the growing role and the enormous influence of tech unicorns and large tech listed giants on citizens globally, regulators need to consider how their governance – or lack thereof – could impact consumers and shareholders. In order to avoid the scandals that have recently surrounded some of these firms, regulators need to consider governance rules to specifically address listed tech companies as these are becoming an important category of public companies. Most tech companies effectively have various entrenchment mechanisms, such as multiple class shares or supermajority requirements for key corporate decisions, which, effectively, frustrate shareholders’ ability to have a say. The governance arrangements of the largest unicorns and ex-unicorns such as Alphabet, Facebook or Amazon all highlight the governance challenges arising from the dominance of their founder-CEOs who are also, in most cases, majority shareholders. In particular, recent scandals have highlighted that unicorns and ex-unicorns, post listing,

demonstrate systematic governance risks linked to the dominance of their founderCEOs evident in the unfolding Tesla case. Tesla is far from an isolated case in this regard. Alphabet’s dual-share class structure gives its CEO voting power 10 times that of its other shareholders. In this year’s proxy documents, investors have complained that ‘currently a one per cent minority can frustrate the will of our 66 per cent shareholder majority’. For now, policymakers appear torn between clipping the wings of CEOs and protecting shareholder rights. These need not necessarily be antithetical: the powers of founder-CEOs can be balanced with shareholder and stakeholder rights without diluting their creative genius. And while it is tempting to marshal simplistic solutions, such as curtailing founder-CEO rights by doing away with dual class shares, this may do a disservice to both companies and their shareholders. The position of tech companies is that investors are aware of what they are signing for and that founder-CEO incentives are perfectly aligned with the long-term company value, a key preoccupation during the fi nancial crisis.

Many of the largest technology companies do not have board governance capacities that would appear to be called for in companies of their size and complexity www.ethicalboardroom.com

Winter 2019 | Ethical Boardroom 117

Technology | Corporate Governance In their letter to stockholders at the time of Google’s IPO in 2004, Larry Page and Sergey Brin, the company’s co-founders, openly suggested to shareholders that ‘by investing in Google, you are placing an unusual long-term bet on the team, especially Sergey and me, and on our innovative approach’. The limits of this trust were tested earlier this year when Snapchat listed non-voting shares and index providers moved to protect shareholder rights by excluding new companies with non-voting stock (but allowing legacy fi rms to remain). Snapchat is not the only tech giant that has shares with no voting rights; Alphabet has added them in addition to existing multiple class shares. The movement towards non-voting shareholder capitalism might continue. Founders of tech companies are correct in that the objective of the regulations should not to be to place ambitious CEOs in a straitjacket. Instead, regulators need to consider the founder-centric reality of most tech firms and the need to nurture the technologies that lie at the core of these firms. What is needed is a better understanding of the compliance and technical risks that these companies present, which are the opposite of dispersed ownership companies and in some ways different from other controlled companies. Remuneration oversight and approval, for instance, is one such non-issue for tech companies. While large listed companies have rushed to bring in remuneration committees at the board level, the need for these at tech fi rms are far from clear. The oversight of Larry Page’s one-dollar compensation as Alphabet’s CEO should be the last priority on the governance agenda, and yet the company boasts a board Leadership Development and Compensation Committee. Instead, issues of priority include the separation of CEO and chair roles, which are often combined in tech companies such as Amazon, Facebook and others. By virtue of their US listing, these companies are allowed to combine the two roles, unlike in two thirds of OECD countries and indeed emerging markets from India to Saudi Arabia, which now recommend and require

118 Ethical Boardroom | Winter 2019

separation. Th is naturally A technology As Albert Einstein giants. erodes the fundamental committee of the board once suggested, role of the board as a would support its decisioncontrol mechanism over making much more than, ‘we can’t solve the executive. instance, a remuneration problems by using for While, to their credit, committee in companies some US-based unicorns where senior executive the same kind and ex-unicorns are remuneration is not an issue of thinking we voluntarily doing away with and board remuneration is used when we this structure, this should not a priority, either. be made a requirement, Regulatory complexity, created them’ especially for controlled notably on data security companies where founders and privacy, which has are also shareholders. emerged as a key issue Introducing a chief for many firms, needs to operations office role, as was be addressed at the board level. Many of the done by Uber after a series largest technology companies do not have of scandals when Travis board governance capacities that would Kalanick, now ex-CEO, appear to be called for in companies of their admitted to needing ‘leadership help’, helps size and complexity. The dominance of tech to further segregate duties. In fact, had it boards by venture capital partners from their been done earlier, it might have avoided him earlier days may not only undermine their being ousted as the company’s CEO. independence but also their growth prospects. Further custom governance structures These nuances in the governance of large, for founder-controlled tech companies are listed tech companies need to be addressed needed to reconcile the diverging objectives by global regulators. Given the expected rise of supporting founders and other of tech fi rm listings globally, encouraged by shareholders. While some large tech the transformation of the global economy, companies have adopted a lead independent specific rules to address their governance director role, director(s) specifically elected are called for. These could take the form of by minority shareholders could give tech additional regulatory requirements, based boards the real independence that they need. on the size and sector of the company, as it Instead of making some corporate decisions is already the case in the banking sector or subject to supermajority provisions that requirements applicable to tech fi rms which necessitate founder-CEO approval, minority are listed on dedicated exchange segments. directors’ approval of specific issues could It is time to recognise that efforts to bring needed checks and balances. simply abolish high-tech, privately owned More generally, the Grand Canyon of companies, such as Airbnb (in France), information gap between executives and Facebook (in China) and Uber (in the United boards of large technology companies needs States) are doomed to fail: a U-turn to a to be narrowed to facilitate oversight of hotel, a phone book or a taxi is simply all-powerful CEOs. Th is can be enabled by impossible. Instead, regulators are now executives such as the COO, CFO and CTO considering how to enable Airbnb to better reporting directly to the board. Similar to protect guest security, how to foster the way in which the chief risk officer at Facebook without compromising user banking organisations now reports to the privacy, and how to allow Uber to operate board risk committee, the chief technology without cannibalising the taxi system. officer or equivalent should report directly A similar transformation is needed in to the board or its technology committee. regulatory approaches to corporate Technological competencies of tech boards governance of large tech fi rms that have should be reinforced, similar to the concept emerged among the largest listed companies of ‘fit and proper’ in the banking sector, globally. Applying conventional corporate where the central banks approve governance regulations to tech giants has board candidates. The so far yielded similar results as applying structure of the board and its dinosaur race rules to the Formula One. Just committees should reflect like love in the times of cholera, governance the priorities of tech in the age of tech fi rms needs to consider the specific risks that listed tech giants pose in order to protect user and investor rights. As Albert Einstein once suggested, ‘we can’t solve problems by using the same kind DINOSAUR THINKING of thinking we used when we created them’. Conventional Indeed, fresh thinking is called for to address governance in the impact of global technology firms that the tech area is outdated have emerged as an important force not only approach of industry but also of social and political disruption and, in some cases, destruction. www.ethicalboardroom.com

THE FINTECH POWER 50 THE ANNUAL GUIDE TO THE MOST INFLUENTIAL, I N N O VAT I V E C O M PA N I E S A N D P O W E R F U L FIGURES WITHIN THE FINTECH INDUSTRY

O F F I C I A L

S U P P O R T I N G

P A R T N E R S

E V E N T

w w w.thepower50.com

P A R T N E R S

thepower_50

Technology | Small Businesses

Good governance and SMEs There’s no shortage of advice on best practices when it comes to managing boards. From planning meetings to the composition of the board, to the ideal presentation of board papers – a quick search will uncover a wealth of tips and techniques.

How following best practices can help small businesses establish effective boards

But how far can smaller businesses make use of these techniques? Are there limits to the extent that small and medium-sized enterprises (SMEs) can achieve best practice; is size an impediment when it comes to implementing exceptional approaches? Here we look at what best practice means for the board and how smaller firms can perform at the level of their larger counterparts.

the right mix of experience, views and personalities on the board; and give your directors the information they need to make the right decisions.

What is best practice?

The primary role of the board is to set and drive forward the strategic aims of the organisation. Th is is true, no matter the size of the business. Putting in place best practice board management techniques makes this easier to achieve. They help meetings to flow through effective planning; ensure you have 120 Ethical Boardroom | Winter 2019

Graham Bowstead

Head of Sales, Perivan Technology

The composition of the board — ensuring you have the right mix Successful directors share some common attributes and skills – the ability to understand complex issues; resilience; an aptitude for networking, for instance. But aside from these mutual strengths, there is benefit in having a range of views, experience and backgrounds on your board. This is something that should be as achievable for smaller organisations as for larger ones. Set an objective to revisit the make-up of your board and ensure you have the best combination of directors.

One aspect of this is the gender mix of the board. Th is is an area where smaller fi rms probably don’t want to emulate their larger counterparts, with research released in March showing that no FTSE 100 boards feature more women than men.1 With research also showing that fi rms with more diverse leadership tend to be more profitable, though, there is sound commercial rationale for fighting this trend and building a more diverse board.2

Meetings — making them efficient and effective

Your board members are busy people. Th is is probably truer in a small organisation than in a bigger one, with your senior leaders likely to be wearing a number of hats. It’s particularly important, then, that SME directors’ time is used constructively. Make sure your meetings have a clear agenda. They need to cut to the chase, focussing on the key strategic decisions the board needs to make and providing the background needed so that directors can make those decisions armed with all the necessary information. The ‘right’ agenda will be something unique to your organisation, and you and the other board members are the people www.ethicalboardroom.com

Small Businesses | Technology in a timely way, giving busy directors the time they need to digest the content. It also means providing them in a format your board members find easy to access. There’s every chance your diverse mix of directors will have equally diverse preferences when it comes to accessing board papers. Some may want to read them in hard copy, some will prefer online access, while others may want soft copy access offl ine, so they can catch up on meeting preparation while travelling. Whichever method, directors will probably want to make annotations on their board papers. Many fi rms have moved to board portals as their preferred solution for delivering board packs. The best portals will offer a choice of online or offl ine access, allowing all director preferences to be catered for. They can speed The increasing the secure delivery of papers, with no need to wait awareness of for postal delivery or subject corporate ethics board members to huge in the public email attachments. Can smaller fi rms consciousness make use of this type of applies to every technology? There’s no reason why they shouldn’t; size and type the best portals will be of business and based on scalable charging structures, making them is somewhere for all sizes of smaller companies economic organisation. Just ensure should definitely you investigate the way your chosen solution charges, aspire to best so you can be confident it practice suits your requirements.

best-placed to define it. Th is is also something that should be equally achievable, regardless of your organisation’s size. Devising an agenda is one thing: sticking to it can be quite another. A strong chair is an asset to any board meeting, ensuring discussions stay on time and on track, and steering members to actionable decisions. Understanding and making use of some behavioural management techniques can help here; situational intelligence – ensuring all possible information sources are used to make rounded decisions – can be valuable, while understanding some of the social processes that can undermine good decision-making – groupthink, for instance – can also help to ensure choices made reflect the entire board. Again, there is no reason why smaller businesses cannot make use of these techniques and insights just as well as their larger peers.

Best practice board packs — giving your directors the information they need

‘Not doing their homework’ is one of the most common mistakes board directors make, according to a recent Forbes article.3 Ensuring your members have the information necessary to make informed decisions is vital. This means presenting board papers www.ethicalboardroom.com

Security — a priority for organisations of all sizes

Board meetings, and the papers that support them, share some of your business’s most confidential and strategic information. Security is therefore a key consideration. There has been a lot of discussion of the ‘digital boardroom’, but does digitalisation introduce its own security risks? We would argue not – in fact, digitalisation can often improve, rather than jeopardise, your firm’s security. Delivery of board packs, for instance, as outlined above, can be via a secure portal rather than insecure email or post. Past papers can be stored in a way that automatically creates an audit trail, essential for good governance (more of which below) and keeps them safe behind log-ins requiring two-factor authentication. And access to information can be controlled, with strict permissions governing who can read and edit papers. If you are looking to digitalise, small businesses may actually be at an advantage compared to larger ones. With less resource in your own IT or support functions, there is less temptation to rely on in-house technology for generating and distributing board material – something that can increase your level of risk.

This is one area where we would definitely advocate outsourcing, as outsourced hosting (with the right provider) can deliver a more secure solution that gives you access to the latest technology, and where any updates are automatically applied to keep pace with changing risks. The best providers will ensure their systems are regularly security checked and tested by independent security experts to ensure they are water-tight. Disaster recovery plans will be kept up to date, with robust processes for recovering any lost data. For any sized business, but especially a smaller one, this can help you by reducing the amount of time and resource you need to commit to managing your technology.

Governance — beyond simply meeting regulatory requirements

Good governance is a pre-requisite for today’s boards. In June, the UK’s Financial Reporting Council announced a consultation on new corporate governance principles – and while these focus on large private companies, it probably won’t take long for the rules to filter down as best practice for organisations of all sizes.4 Governance isn’t just about meeting regulatory requirements. There is a growing expectation from investors and other stakeholders, customers and employees that firms will have a proactive ESG (ethical, social and governance) policy. The board both drives and enforces your approach to corporate governance. The increasing awareness of corporate ethics in the public consciousness applies to every size and type of business and is somewhere smaller companies should definitely aspire to best practice. Although it’s easy to see your more limited resources – in terms of budgets and people – as a hindrance when it comes to delivering on governance requirements, as we have seen above, some of this can be achieved by external partners if you outsource some elements of your board management. For organisations limited by a lack of specialist in-house teams, relying on external experts to help with specific roles, such as compliance or technology can definitely pay dividends.

Best practice — in the sights of every size of organisation

We fi rmly believe that best practice board techniques are within reach of every organisation, regardless of size. We have identified some examples where being small can, in fact, be an advantage when it comes to adopting world-class approaches – and hope you can put these into practice on your board and across your business. https://www.executivegrapevine.com/content/article/ news-2018-03-01-no-ftse100-boards-have-more-womenthan-men 2https://www.grantthornton.global/en/insights/ articles/diverse-boards-in-india-uk-and-us-outperformmale-only-peers-by-us$655bn/ 3https://www.forbes.com/ sites/adambryant/2018/06/21/the-five-most-commonmistakes-of-board-directors/#7d18a88fe250 4https:// www.frc.org.uk/consultation-list/2018/consultation-thewates-corporate-governance-princ 1

Winter 2019 | Ethical Boardroom 121

Global News Middle East DEWA and BSI to develop risk standard

Zain focusses on gender diversity Zain Group, a leading mobile telecommunications provider in the Middle East and North Africa, has unveiled a new HR policy that aims to create a gender diverse workforce. The policy offers four months of paid maternity leave and flexible schedule to female employees returning to work after becoming new mothers. Its introduction coincides with the creation of a new senior position within the organisation of a chief inclusion and diversity officer to drive empowerment initiatives ‘that define, enhance and continue to cultivate an equitable work environment within all Zain operations’. Zain vice-chairman and group CEO Bader Al-Kharafi said: “As a leading innovative corporate entity in the region, it is incumbent on us to providing more supportive working environments for female employees and forging an inclusive working environment.”

Doha Bank tops ESG rankings Doha Bank has retained the top rating for the second year in a row in environmental, social and governance (ESG) rankings of listed companies in Qatar. The private commercial bank ranked first among 700 companies in the region analysed by ESG Invest, the investment research arm of Sustainability Excellence. “Doha Bank’s retention of its number one spot in Qatar is a matter of great institutional pride and is a reflection of our consistent focus on prioritising corporate governance, risk management and ESG performance,” said Dr R Seetharaman, group CEO of Doha Bank. ESG Invest analysts assess ESG data points across nine sustainability dimensions and 43 ESG issues with more than 180 data points for companies in the Arab world.

122 Ethical Boardroom | Winter 2019

MENA struggling to combat corruption

Most countries in the Middle East and Northern Africa are ‘failing in the fight against corruption’, according to Transparency International’s latest report. The Corruption Perceptions Index 2018 reveals that the MENA region, with an average score of 39, falls behind both the Americas and Asia Pacific regions and fares only slightly better than Eastern Europe and Central Asia and Sub-Saharan Africa. Transparency warns that for the region to fulfil its anti-corruption commitments, there needs to be ‘a serious change in the way countries in the region approach institutions, political rights, checks and balances and other pillars of democracy’. Countries including Syria, Libya, Yemen and Iraq, which face challenges of instability, terrorism, war and conflict, remain at the bottom of the index.

The Dubai Electricity and Water Authority (DEWA) and the British Standards Institution (BSI) have signed an agreement to develop a standard for risk management in the energy and utilities sector. DEWA said the PAS 60518:2020 Standard is part of its efforts to establish ‘effective risk management standards, ensure business continuity and handle emergencies with the highest levels of professionalism and efficiency to serve people and achieve their happiness’. “We are committed to cooperate with other regional and international leading organisations to support efforts and adopt the standard once it’s developed and published,” said H.E. Saeed Mohammed Al Tayer, MD and CEO of DEWA. In January, DEWA and BSI launched the Business Agility Concept and Framework (PAS 1000:2019), the first-of-its-kind global standard to measure business agility.

ADX boosts sustainability efforts Abu Dhabi Securities Exchange (ADX) has unveiled plans for a series of workshops designed to encourage listed companies to adhere to sustainability standards. The first workshop held at its office in January was entitled ‘Accelerating Sustainability in Listed Companies: Meeting Investor Needs on Environmental, Social, and Governance (ESG) information’. According to ADX, by encouraging listed companies to adhere to these standards it will attract more investments to the exchange, establishing it as the ‘preferred destination for foreign investments in the region’. H.E. Khalifa Salem Al Mansouri, acting CEO of ADX, said: “ADX is constantly working with listed companies to enhance the exchange’s competitiveness and attract more sustainable foreign investments to the Emirate of Abu Dhabi. ADX has recently joined the UN Sustainable Stock Exchange Initiative to ensure that financial markets are more sustainable and transparent. The measures we have taken solidify our commitment to responsible investment principles.”