11111 1 . All materials contained in this presentation and the related intellectual property,...
-
Upload
dustin-hunt -
Category
Documents
-
view
214 -
download
0
Transcript of 11111 1 . All materials contained in this presentation and the related intellectual property,...
All materials contained in this presentation and the related intellectual property, including but not limited to copyright and trademark, are owned or licensed by the National Office of the National Association of Corporate Directors (NACD), and their use, reproduction, distribution, modification, disclosure, storage, and display in any medium, including the internet, or transmission in any form or by any means-- electronic, mechanical, photocopying, recording or likewise-- by third-parties, including NACD chapters and NACD members, is strictly prohibited except as expressly agreed to in writing by NACD. No use, reproduction, distribution, modification, disclosure, storage, display, or transmission is permitted except as expressly agreed to in writing by NACD. All rights are reserved by NACD and are protected in accordance with the laws of the United States.
2
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
Director Professionalism®
Presented to:
Hispanic National Bar Association
March 18, 2015
Presented by:
Paula H. J. Cholmondeley, Cari Dominguez, &
Israel Martinez
Agenda
• Current & Regulatory Environment
• Optimize Your Interface with the Board
• Break
• Board Evaluation, Composition, & Succession Planning
• Creating and Sustaining Board Value: Corporate Strategy, Risk Oversight, Asymmetric Information Risk
• Lunch Speaker
• Case Study: Looking for Blind Spots
• The Board’s Role in Innovation: Managing Status Quo Risk
• Cyber-Risk Oversight
• The Key Committees Current Issues
• Open Discussion
4
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
The Current & Regulatory Environment
6
The Current Environment
What’s Keeping Boards Up at Night
– Increasing role of activist shareholders
– Board composition
• Fit for purpose/Strategy
• Board refreshment
– Leadership and succession planning
– Strategic Oversight
– Risk management
– Cybersecurity
– Pay ratio
The Current Environment
Darden RestaurantsShareholder activism and board-shareholder communications
Walmart Shareholder activism
Chipotle Pay ratio
J.P. MorganRegulatory compliance scrutiny and tone at the top
Target Cybersecurity
JCPenneyShareholder activism and leadership succession planning
Chesapeake EnergyDirector Independence and the “rubber stamp” board
7
Boards In the Headlines
The Current Environment
8
Cybersecurity Breaches in the Headlines
Anthem, Inc. Up to 80 million personal records
J.P. Morgan76 million households’ information + 7 million small businesses compromised
Home DepotApprox. 60 million credit cards compromised
Target70 million customers’ personal information
Apple iCloud accounts breached
Wyndham Worldwide 600,000 cards compromised
Community Health Systems 4.5 million patient records
9
The Current Environment
Types of Disclosures
– Reporting in your 10-Q/SEC documents
– Reporting to each compromised client
– State-specific reporting requirements
• 47 states + territories have enacted breach-notification laws
How to mitigate legal risks
– D&O/cyber insurance carrier
– Crisis response plan
– SAFETY reporting
10
The Current Environment
Keeping Our Eyes on the Ball
– Shareholder confidence is the real issue
– Corporate performance continues as top priority
– Confidence will be shaky as long as companies continue to make headlines
– Political attention has turned to regulatory issues
11
The Current Environment
How Can Boards Keep Pace?
– Return to core governance issues
• Board composition
– Do we have the right people to lead this board?
– Do we have the right level of skepticism and independence?
• Board evaluations
– Focus on the directors themselves, not the board structures
– Director independence, skepticism, ethics, etc.
• Tone at the top
– Ultimately, boards must lead companies in good times and bad
– CEO selection and leadership
– Board/management transparency and communication
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
How Management Can Optimize its Interface with the Board
Responsibilities of the Board vs. Management
141414
Board Management
Vision/Mission Statements
Review and approve management’s vision/mission statements
Create and write vision/mission statements
Ethics Review and approve code of ethics policy
Ensure necessary systems are in place for organization to legally and ethically operate
Create code of ethics policy for the board’s review and approval
Establish systems to ensure ethical compliance
Set a tone for the organization that values ethics and culture
Board Meetings Collaborate on agenda with management
Thoroughly review board meeting materials
Collaborate on agenda with board
Deliver timely and focused board meeting materials
Responsibilities of the Board vs. Management
151515
Board Management
Organization Operations
Oversight of operations (is management keeping you informed?)
Manage organization operations
Ensure operations are safe, sustainable, humane, fair, and legal
Financial Goals Review and approve the corporation’s financial objectives, plans, and actions, including significant capital allocations and expenditures
Set financial goals Implement plans to ensure
the goals are met
Corporate Performance
Monitor corporate performance against the strategic and business plans
Ensure the systems are in place to execute the strategy
Report status and progress to the board routinely
Responsibilities of the Board vs. Management
161616
Board ManagementStrategy Review and approve strategic
plan Develop an in-depth
knowledge of the business Monitor competitive
landscape Utilize outside resources
when appropriate
Create strategic plan with input from the board
Risk Oversee risk Utilize outside resources
when appropriate
Manage operational risks Stay abreast of competitive
landscape
CEO Selection, Compensation, & Evaluation
Establish a CEO selection and succession process
Set CEO compensation Conduct routine evaluation of
the CEO
CEO communicates with board regarding potential internal successors and mentors them accordingly
Responsibilities of the Board
Oversight and Management are Different
– Directors ensure good management, they don’t provide it
– Directors direct, managers manage
– The fundamental role of the board is to oversee management by monitoring performance and compliance with policies and law
171717
Responsibilities of the Board
Oversight and Management are Different, cont.
– Board engagement in operations oversight is different from board engagement in strategy and risk
– Operations:
• Is management meeting their plan?
• Are they managing operational risks?
• Have they informed you of changes in the environment?
• Do they have the staff and skill set to achieve goals?
• Resources
1818
Responsibilities of Management
Management’s Obligation to the Board
– Help directors understand:
• How the company is performing
• Strengths and weaknesses – what’s working and what’s not
• The competition
• Unique qualities/assets of the company
• Significant trends (e.g. economic, technological, competitive, regulatory)
• Financial and human resources
• Current initiatives - successes/failures and fit with the strategy
191919
Responsibilities of Management
Key Management Responsibilities: Operational
– Identify and provide all material information necessary for the board to provide adequate oversight
– Identify and disclose risks to the board
– Candor and transparency build trust
– Help boards anticipate, not just react
• Two discussion rule
202020
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
Optimize the Interface with the Board
Role of the Board and Management
A New Level of Engagement
– Greater interaction/communication with key players
• CFO
• COO
• External/Internal Auditors
• General Counsels
• Investor Relations
• Human Relations
– Multiple perspectives can help identify and address key risks
242424
Role of the Board and Management
Strategies for Mutual Success
– Management should provide and board should demand options for all major decisions – don’t be binary!
– Management should engage in ongoing dialogue, not just ready for primetime decision making
– Boards should be clear about metrics and accountability upfront
– Boards should not take over, but guide and leverage the expertise of management
– Focus: strategy, people, process and communication
252525
Optimizing Management’s Interface with the Board
Requirements
– Board and management understand the business
• Have the same knowledge base
– There is an engaged executive team
– The CEO serves as process leader
– There is a fully engaged independent leader of the board to oversee the work of the board
– Board composition is balanced but diverse
– There is an open and constructive board culture
– There is board accountability
262626
Optimizing Management’s Interface with the Board
Communication Prior to the Meeting
– Meeting agendas
– Meeting timetables
– Materials distributed in a timely manner
• Minutes, financials, proposed resolutions, etc.
– Materials reviewed by each board member
– Errors/typos/concerns forwarded to appropriate member of management (especially minutes)
– Areas of discussion highlighted to board Chair
27
Optimizing Management’s Interface with the Board
Management Communications to the Board
– Board members read what management sends them (“If you send it, they will read it…”)
• Use background information
• What you told them three months ago (always a reminder)
– Create a summary for yourself: presentation guide
• What are the key points to make?
• What are the key issues to discuss?
28
Optimizing Management’s Interface with the Board
Dashboards – A Communications Tool:
– Metrics should be relatively simple – meaningful and useful data
– Consistent over time in order to show key trends and exemptions
– Should include key business drivers and financial metrics
– May change over time if fundamental business changes
– Use of graphs, color coding, and other visual aids extremely helpful
29
Optimizing Management’s Interface with the Board
Communication During the Meeting
– Questions held until after the presentation (or as presenter directs)
– Watch time spent on interesting (and sometimes fun) but not “board level” issues
– Courtesy and respect govern the discussion
– Consensus reached if necessary (board level matter)
– Matter handed to management for follow up if appropriate (non-board level matter)
– Executive Sessions
30
Optimizing Management’s Interface with the Board
Communication After the Meeting
– “Thoughts on the drive home”
– How to follow up with appropriate members of management; offers of help
– The inevitable necessary communications between meetings
Interim Communications
– Facility visits
– Informal communications
31
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
Board Evaluation, Composition & Succession Planning
Board Evaluation, Composition, & Succession Planning
Current Environment
– Average director age and mandatory retirement age has gone up every year
• Aging boards during a period of low turnover leads to tremendous pent up demand for needed skill sets
– Inverted U correlation for board performance and board turnover
– Evaluations
• 42% of public boards do individual assessments and number is increasing
• Directors whose skills were necessary/relevant when they joined may no longer fit the strategic path
– Waterfall succession planning33
34
Board Evaluations
Why Evaluate Board Performance?
– Evaluations address director skill sets and board composition in relation to company strategy
– Gaps in board performance and leadership may be identified
35
Board Evaluations
Designing the Evaluation Process
– Tailor the survey to the organization’s specific needs and metrics
• Board succession planning
– Methods of evaluation
– Include individual director interviews
– Develop an action plan based upon the findings
• Add necessary skill sets
• Board education
• Develop action steps around the identified issues
36
Board Evaluations
Legal Liability Concerns
– Assume documentation is discoverable in legal action
• consider either destroying or not recording evaluations
• act appropriately following evaluations
– Use of independent third party to conduct evaluations
• promotes candor
• confidential
• no individual attribution of comments
Board Composition
What makes a board strong?
Capabilities + Culture = Capacity
Board refreshment addresses both capabilities and culture, with an eye to maximizing the capacity of the
board to add value and remain independent.
37
Board Composition
What attributes were most important for director recruitment in the last year? (Respondents allowed multiple answers.)
38
Attribute Public Private
Specific industry experience 34.8% 30.3%
Financial expertise 26.8% 27.8%
Leadership experience 24.8% 28.5%
Diversity 17.6% 10.9%
Strategy Development 17.4% 23.2%
Corporate Governance 12.9% 15.1%
International/Global experience 12.7% 9.9%
Information technology 10.5% 2.8%
Source: NACD’s 2014-2015 Public & Private Company Governance Surveys
39
Board Composition
Board Needs Board of Directors
Dir. 1 Dir. 2 Dir. 3 Dir. 4 Dir. 5 Dir. 6 Dir. 7 Dir. 8
Leadership
Finance
Public/Shareholder Relations
Governmental and Regulatory
Strategy Formation/Execution
Merger/Alliance
Corporate Governance
Technical Knowledge
Compensation
Risk Assessment
Industry Knowledge
Board Compatibility
41
Board Succession Planning
What are the options for board refreshment?
– Age limits
– Term limits
– Rigorous assessment of individual directors
– Combination
– Pros/Cons
– Committee and board leadership rotation
What are the pros and cons of each?
Board Succession Planning
Which methods of director selection does your board use? (Respondents allowed multiple answers.)
42
Method of Selection Public Private
Personal networking/word of mouth 46.7% 70.4%
Search firm 40.7% 17.3%
Nominee identification by a board committee 40.3% 47.5%
Shareholder suggestion 7.6% 26.9%
Director database (e.g. Directors Registry) 5.2% 7.3%
Other 5.7% 6.5%
Source: NACD’s 2014-2015 Public & Private Company Governance Surveys
Board Succession Planning
Nominating/Governance Committee Board Recruitment Responsibilities:
– Generally oversee the process
– Ensure existing and perspective directors meet the company’s strategic needs
– Develop an ongoing pool of candidates
– Generally look out 3 – 5 years
– Promote open dialogue with shareholders as appropriate
– Easy to find the right skill fit, but it’s harder to find the right culture fit
43
Board Succession Planning
How far into the future is your board looking when considering director recruitment?
44
Years Public Private
One year or less 17.8% 26.9%
One to three years 59.9% 47.9%
Three to five years 16.9% 17.8%
Five years or more 5.4% 7.4%
Source: NACD’s 2014-2015 Public & Private Company Governance Surveys
45
Board Succession Planning
Succession Planning
– Consider long-term strategic planning when selecting candidates
– Define exactly what qualities to look for in future candidates
– Recruit qualified directors
– Consider implications for:
• Board leadership
• Committee leadership
• Committee assignments
• Board room climate
Board Succession Planning
Onboarding
– Whose responsibility?
– How is it done?
– Continuing support for new board members – mentors assigned?
46
484848
Strategy Development
Traditional Approach to Strategy
– Periodic strategic engagement
– Management-driven process based on a 3 – 5 year view
– “Review and concur”
– Review of strategy via dashboards and metrics
494949
Strategy Development
A New Level of Board Engagement
– New complexities and uncertainties in the operating environment
– Expect changes and anticipate the strategic implications
– Sources of change that can affect strategy:
• Operating environment
• Customer/consumer preferences and behavior
• Disruptive technologies
• Regulatory or legislative environment
• Shareholder base, including entrance of an activist investor
505050
Strategy Development
Board and Management Collaboration
– View the company through multiple lenses
• Leverage board’s ranging skill sets and perspectives
• Take a shareholder’s point of view
– New dialogue on strategy formulation
• Understand the necessary criteria for a successful strategic plan
• Earlier involvement in the development process – not just approving a near-final strategy
– Assessing alternatives
• This should be the first step in the strategic process
• Can the company meet the critical success factors of the strategy?
515151
Strategy Development
Factors to Evaluate Capabilities, Resources and Processes
– Capital and cost implications
– Operations
– Timing
– Risk
– Talent
– Technology
– Compensation
– Finance
– Audit
– Culture
– Monitoring Progress
525252
Strategy Development
Importance of Independent Board Leadership
– Ensure all directors’ viewpoints are fully aired
– Begin discussions by surveying the rest of the directors first
– Maintain a constructive relationship between the board and C-suite
– Drive a re-thinking of the strategic process
535353
Strategy Development
Barriers to Changing the Dialogue on Strategy
– Short-term focus
– Over-scheduled strategy sessions
– Board composition
– CEO and senior management
– Legacy businesses
– Unpleasant consequences
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
The Role of the Board in Risk Oversight
5555
Risk Governance
Without Risk There Is No Reward
– Some companies can bear greater risks than others
– Based on a company’s strategy, you can afford certain risks
– As a management team/as a board, what are your top risks?
– Assess a company’s “risk appetite” based on the discussed risks
5656
Risk Governance
Risk Is a Team Sport
– The full board should have the primary role of risk oversight
– Standing committees support the board
• Address risks inherent in respective areas of oversight
• Risk is not just a function of the audit committee
– If created, risk committees should aggregate/analyze risk
• Should not serve as sole overseer of risk
5757
Risk Governance
Board Priorities Management Priorities
Critica
l-ent
erpr
ise ri
sks
Busin
ess-
man
agem
ent r
isks
Emer
ging
risk
s an
d no
n-tra
ditio
nal r
isks
Gov
erna
nce
risks
Board
-app
rova
l risk
s
Categories of Risk
5858
Risk Governance
Management Responsibilities
– Identify and disclose risk to the board
• Focus on material risks
• Implement risk management within a strategic plan
• Don’t be afraid to bring bad news
– Have risks changed since the last board meeting?
– Ascertain likelihood and significance of risks
– Who in management “owns” the various risks?
– Establish key metrics
5959
Risk Governance
Ensuring Risk Governance
– Create dialogue around three critical areas:
• Risk appetite
• Aggregation and integration
• Underlying assumptions in management’s strategy
6060
Risk Governance
Improving Risk Communication
– Map risks to managers
– Map committee oversight responsibilities
– Identify significant non-financial risks
– Educate directors about financially sensitive risks
– Consider overlapping committee memberships/attendance
– Ensure committees report (including minutes) to full board
– Encourage informal discussion among directors
616161
Summary
Every Board Should Be Certain That:
– The risk appetite in the business model is appropriate
– The expected risks are commensurate with the expected rewards
– Management has implemented a system to manage, monitor, and mitigate risk
What is Asymmetric Information Risk?
Asymmetric Information Risk
– Directors rely on management for information/data on performance of company
– By necessity, management filters the information they provide to the board
– Asymmetric information is not a negative quality of directorship
• Board’s value is in its view of the larger picture
• Directors shouldn’t be overloaded with information
– Management needs to have independence of thought
– Most significant risk lies in whether the right information (quantity and quality) is presented to the board
63
Asymmetric Risk Warning Signs
Communication impediments between the board and management:
– Significantly increased time commitment
– Information overload
– Management’s perception of the board
– Poor culture
– Lack of necessary expertise on the board
– Poor relationship between CEO and chair (or leader of independent directors)
64
Asymmetric Information
Focus Areas
– Board Composition
• Tenure
• Recruitment
• Evaluations
– Leadership
– Board Processes
• Executive sessions
• Committee meetings
• Strategic deep dives
• Access to management and off-site visits
65
Asymmetric Information
Non-Asymmetric Information Resources
– Meet with senior executive team outside of board meetings
– Have board meetings at off-site company locations
– Attend industry conferences
– Subscribe to trade publications, websites, blogs, Google alerts
– Listen in on competitive quarterly conference calls
– Refreshment of board
66
Summary
• At the core of many corporate crises is a breakdown in communications
• Directorship is historically based on an inherent tension in the board’s relationship with management
• Building of trust does not occur overnight
• With shared goal of creating sustainable growth, the board and c-suite can more easily dissolve the roadblocks to information sharing
67
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
The Board’s Role is to Look For “Blind Spots”
Beyond Innovation
Ron Adner
Professor of Strategy and Entrepreneurship
Tuck School of Business
Dartmouth College
twitter:@ronadner
69
“Mapping the Ecosystem” – The Blind Spot
Why things go wrong when you do everything right…
70Adner, The Wide Lens, 2012
Michelin Run-Flat Tires – The PAX System
1990: Michelin best in class by a host of measures; always looking for opportunities to create value and grow
1992: Small group executive breakout section on innovation at Michelin
– Results: a tire that continues to run when punctured
– The PAX System:
• In event of blowout, you continue to drive
• Light on dashboard lets you know of puncture
• Drive for 125 more miles at up to 55 mph
71
Michelin Run-Flat Tires – The PAX System
1992 – 1998: Moving to Execution
– Extensive Market Research
– Enthusiastic partner response
• Auto makers, service garages
– Fits into consumer quest for safety
– Michelin Engineers came up with novel (and heavily patented) four-in-one combo tire
– Michelin had to produce integrated system
• Product manufacturer →system integrator
– Michelin rises to the challenge!
– Unprecedented alliance with Goodyear
1998: Launched – with huge anticipation
– “The adoption of the PAX System is inevitable.” PAX Project Manager
73
Michelin Run-Flat Tires – The PAX System
2001-2005: Expecting Success
– First company to sign on = Mercedes
– Followed by Cadillac, Renault, Audi, Rolls-Royce, Honda
– Michelin and Honda launched an unprecedented coordination
• 2 year warranty
• Training for Honda dealers
• Honda announced the Odyssey minivan would be equipped with PAX tires, “never be caught stuck on the side of a highway”
– Alliance with tire makers Sumitomo Rubber and Toyo Tire & Rubber (Asian market)
– 2004 J.D. Power & Associates prediction that by 2010 more than 80% of cars would be fitted with run-flats
74
Michelin Run-Flat Tires – The PAX System
2006: Confidence erodes; class-action lawsuits
2007: Michelin formally announces an end to future development of PAX
What went wrong?
75
Michelin Run-Flat Tires – The PAX System
Confronting Failure
– Difficulty finding service centers to repair the tires
– Unable to repair flats, drivers forced to buy new tires often in pairs to maintain balance and alignment
– At $300 per tire, the Run-Flat value proposition eroded
– Several class action lawsuits filed
76
“Mapping the Ecosystem” – The Blind Spot
Why things go wrong when you do everything right…
78Adner, The Wide Lens, 2012
Michelin’s Blind Spot (continued)
• Michelin’s managers waged a valiant campaign to establish the PAX System as the new tire standard. But the structure of the PAX ecosystem was entirely different.
• Most critically, the PAX value proposition created an entirely new role for service garages – one that they were not eager to assume. Non–adoption by this critical partner was the key barrier to the PAX System’s success.
79Adner, The Wide Lens, 2012
Michelin’s Blind Spot
“If the PAX run-flat tire had been a stand-alone tire innovation, its success would have been largely assured by 2001.”
“The PAX system failed precisely because it was not a stand-alone innovation.”
Value Creation:
80Adner, The Wide Lens, 2012
ADVANCING EXEMPLARY BOARD LEADERSHIP© NACD. All rights reserved.
Managing Status Quo Risk
2014 Adam Hartung
The Board’s Role in Innovation - Managing Status Quo Risk
The Board’s Role in Innovation
Which of these companies do you think is most likely to double revenue in the next 5-10 years?
A. Boeing
B. Disney
C. Starbucks
D. Apple
84
The Board’s Role in Innovation
Which of these companies do you think is most likely to fail in 5-10 years?
A. Wal-Mart
B. Microsoft
C. United Airlines
D. Facebook
85
On which of these Boards would you prefer to have served in the last 3 years?
OR
OR
OR
86
The Board’s Role in Innovation
Value Proposition:
What You Need to Know, at Your Fingertips
The Board’s Role in Innovation
87
Doing things right, or doing the right thing: What’s the Board’s Role?
The true secret to business success surprised us
Overcoming Lock-in to past success
The biggest risk in business today is
Status Quo Risk
Core
Focus
89
How can Boards help companies manage Status Quo Risk?
Be future-oriented
Obsess about competitors
Encourage disruption
Force white space92
Rethink the Board agenda; Reallocate the discussion time
60% ?
33% ?
20% ?
Less than 20%?
What percentage of your Board’s time is spent discussing
Market Trends?
94
Step 2 – Focus on needs and competitors; not current solutions and customers
Key Question: How much is spent on improving the current business model vsDeveloping new markets, opportunities and business models?
95
Step 3 – Ask how your company will be disruptive; not just how it will be better, faster, cheaper
97
Prediction
Boeing
Disney
Starbucks
Apple
1
2
3
4
Revenue Doubler:
?
!Wal-Mart
Microsoft
UAL
1
2
3
4
Likely Investor Failure:
99
Manage Status Quo Risk for superior rates of return
Invest for the future, not from the past
Focus more on competitors, less on customers
Be Disruptive,sustaining will decline
Look for White Space projects to innovate and learn
Board Oversight Practices: Cybersecurity
“Cyber security is one of two existential threats to our nation; the other is nuclear weapons, which have been used once, thank God. But cyber weapons are used thousands of times every day.”
‒ Retired Gen. Peter Pace, former chairman of the Joint Chiefs of Staff, speaking in Chicago at a recent NACD event.
102Source: Cunningham, Jeffrey M. “The Art of Cyber War” NACD Directorship May/June (2013): 26 -36. Print.
Board Oversight Principles: Cybersecurity
– PRINCIPLE 1 – Directors need to understand and approach cybersecurity as an enterprise-wide risk management issue, not just an IT issue.
– PRINCIPLE 2 – Directors should understand the legal implications of cyber risks as they relate to their company’s specific circumstances.
103
Board Oversight Principles: Cybersecurity
– PRINCIPLE 3 – Boards should have adequate access to cybersecurity expertise, and discussions about cyber-risk management should be given regular and adequate time on the board meeting agenda.
– PRINCIPLE 4 – Directors should set the expectation that management will establish an enterprise-wide cyber-risk management framework with adequate staffing and budget.
104
Board Oversight Principles: Cybersecurity
– PRINCIPLE 5 – Board-management discussion of cyber risk should include identification of which risks to avoid, accept, mitigate, mitigate, or transfer through insurance, as well as specific plans associated with each approach.
105
Key Cybersecurity Governance Actions
1. Tone At The Top - Information security on each board’s agenda, and assign to a key committee that is well educated and briefed, and staff it with adequate, technical support. Get to know the CISO.
2. Dashboards Not Volumes - Identify information security leaders; hold them accountable through specific reports on information security risks, incidents, and activities.
106Source: Cunningham, Jeffrey M. “The Art of Cyber War” NACD Directorship May/June (2013): 26 -36. Print.
Key Cybersecurity Governance Actions
3. Breach Testing – Established a plan for “table top testing” your response plans which must include timely notification to customers/clients of data breaches, communicating with various stakeholders and focused on providing mitigation and remediation.
4. Your Own People May Be The Biggest Risk – Focus as much energy on your staff security failures/breaches as on the safeguards for technological protections against external bad actors.
107Source: Cunningham, Jeffrey M. “The Art of Cyber War” NACD Directorship May/June (2013): 26 -36. Print.
Cyber Considerations In Other Dimensions
• PRINCIPLE 1 – Cybersecurity, An Enterprise-wide Risk
• PRINCIPLE 2 – Liability Implications Of Cyber Risks
• PRINCIPLE 3 – Adequate Access To Cybersecurity
• PRINCIPLE 4 – Cyber ERM Framework
• PRINCIPLE 5 – Cyber ERM Strategy & Execution
108
110
Current Environment
Nom/Gov • Proxy access
• Enhanced disclosures
• Board leadership: Chair/CEO split
Audit • Whistleblower hotline
• Mandatory audit firm rotation
• Possible changes to the auditor’s reporting model
Compensation• Say on Pay
• Compensation committee and advisor independence
• Pay ratios
• Pay for performance disclosure
• Clawbacks
The Key Committees Current Issues
111
The Key Committees Current Issues
Overview– Key committees: Audit, Nominating/Governance, Compensation
• Required for publicly traded companies on NASDAQ and NYSE
– Average committee has 3.7 members
– Committees meet, in addition to full board meetings:
Number of In-Person Meetings Per Year
Hours per In-Person Meeting
Number of Telephone Meetings
Audit Committee 5.2 2.9 3.3
Compensation Committee
4.3 2.5 2.2
Nominating/ Governance Committee
3.8 1.8 1.3
Source: NACD 2014-2015 Public Company Governance Survey
112
The Key Committees Current Issues
Compensation Committee
– Relationship between pay and performance
• Increasing numbers of companies are adding supplemental disclosures to their proxies, but approaches vary widely
• Baseline definitions to enhance comparability of pay and performance
– Enhancing the effectiveness of compensation disclosures
• Minimize the complexity of disclosures
• Use compensation information as part of a larger dialogue with investors
113
The Key Committees Current Issues
Compensation Committee
– Ensure compensation is tailored to strategy, not just to investors and proxy advisory firms
– Set aside time for deep dives
– Develop educational materials
• The compensation committee should be able to present exactly what is in the plans and how they stand at any time
– Schedule periodic look-backs
• Look at what was paid out versus what was intended to be paid out
– Use discretion, but with full transparency
• Disclose the intent behind the use of discretion
114
The Key Committees Current Issues
Audit Committee
– Future of disclosures
• The easiest path is to over-disclose, and disclosures become defensive documents rather than a communication vehicle
• Understand the information needs of different stakeholders
• Get everyone to buy in: audit committee, full board, CEO, shareholders, external auditor, regulators
• Focus on “materiality and “required” disclosures
• Expanded audit committee reports
– One place where more disclosure is beneficial is around the actual work of the audit committee
– Define the scope of the audit committee duties, committee composition, and selection, oversight, and evaluation of the external auditor
115
The Key Committees Current Issues
Audit Committee
– PCAOB’s audit quality indicators (AQIs)
• These are meant to “cast light on the strength or weakness of key factors influencing audit quality”
– FASB’s disclosure framework project
• Meant to “improve the effectiveness of disclosure in notes to financial statements by clearly communicating the information most important to users”
– Audit committee members are stretched more than ever, larger company committees have more and more compliance duties while smaller companies may have more resource constraints and smaller committee size
116
The Key Committees Current Issues
Nominating/Governance Committee
– Activist investors
• 4 categories of activist investors: merger and acquisition activism, balance sheet activism, governance activism, and income statement/operational activism
• Activist investors marked by focus on financial statements and corporate performance, not so much on hostile takeovers and spinoffs
– Dialogue with shareholders, especially with activist investors is beneficial
• Don’t approach it defensively, but with an open mind
– Board agendas are more and more focused on compliance
– Conversations, especially in executive sessions are becoming more candid
117
The Key Committees Current Issues
Nominating/Governance Committee
– Information asymmetry
• Volume and value of information received—quantity, quality, and frequency—have become increasingly important
• Limited independent analysis
– Investors often have teams of analysts to provide information the target company and industry
– Directors may want to start asking for additional third-party resources
• Information overload– Management is responsible for providing the board with information
– The board and management have to work together to ensure the board is receiving the right information, with enough time to digest it prior to board meetings
NACD Resources
Educational Resources1. Additional NACD Board Advisory Services - In-Boardroom
Programs and Evaluations - http://www.nacdonline.org/services
2. NACD Education - Director Professionalism® Course, Committee Seminars, & Annual Governance Conference - http://www.nacdonline.org
3. NACD Chapters - there are 22 in major metropolitan areas - https://secure.nacdonline.org/source/meetings/chapter_Page.cfm
4. NACD Publications - Blue Ribbon Commission Reports, Surveys, and Handbooks - http://www.nacdonline.org/publications
5. NACD Directors Registry™ - Qualified Candidates for Effective Boards - http://www.nacdonline.org/registry/default.asp
118118118