Boards & Governance

What Boards Should Look for in Corporate Ethics and Compliance Programs

NACD Blog Feed -

One of the board‘s key responsibilities is the oversight of a company’s conduct, including the strength of its culture and the effectiveness of its ethics & compliance (E&C) program. In recent years, that responsibility has become even weightier. Recent corporate scandals, such as Volkswagen, Unaoil, and Mitsubishi Motors, have created public skepticism about business ethics, and policy makers have responded with a new emphasis on accountability for both companies and responsible individuals, including directors who are either negligent in preventing fraud or willingly participate in it. Enforcement agencies now scrutinize a company’s E&C efforts before making prosecutorial decisions by inquiring about board oversight in the company’s approach to E&C.

Ronnie Kann

Patricia Harned

Organizations around the world invest tremendous resources to establish internal E&C programs and prevent corporate wrongdoing. Although E&C was historically a U.S. focus, a number of international standards have heightened the importance of E&C programs globally: the UK Bribery Act; the new International Organization for Standardization (ISO) 19600 Compliance Management System Guidelines; and the OECD Anti-Bribery Convention.

Directors observe these developments and scratch their heads. What does an effective E&C program look like? How can we succeed with E&C without stifling our business? What is the board’s role in E&C oversight? Has any organization gotten it right?

There is good news for directors. There are exemplary organizations—representing a wide variety of sizes, sectors, and industries—that have raised the bar even higher than mere compliance with the law. These organizations have transformed their workplaces through their E&C efforts to yield stronger, more positive results. And even better, there is now a framework to help directors guide their own organizations in establishing such an E&C program.

The Framework: Principles and Practices of High-Quality E&C Programs

In May 2015, the Ethics & Compliance Initiative (ECI) convened a group of 24 thought leaders with E&C program experience, including corporate directors, former deputy attorneys general, former members of the United States Congress, business executives, senior E&C practitioners, and academics. The panel produced a new report with leading principles and practices for effective E&C program implementation: Principles and Practices of High-Quality Ethics & Compliance Programs. The report includes five key principles practiced by organizations not satisfied with “minimum” E&C efforts; these organizations are referred to in the report as high-quality programs (HQPs). The principles, which should be tailored to each company’s individual circumstances, are adapted below from the original report:

Principle 1:  Ethics and compliance is central to business strategy.

  • E&C is both a function on the organizational chart and is considered to be an essential element within every operation.
  • A high standard of integrity and compliance is articulated as a business objective, and every strategic decision is evaluated for alignment with the organization’s values and standards.
  • An HQP ensures compliance with law and regulation, and is resourced to help leaders across the organization understand their critical role in setting and meeting the standard for integrity.
  • The E&C program is expected to provide an independent voice, and regularly updates the board on E&C objectives, risks, and progress.
  • HQP staff maintains excellence by dedicating themselves to continuous improvement in E&C through innovation, engagement with stakeholders (inside and outside the organization), and consistent consideration of employee feedback.

Principle 2: Ethics and compliance risks are identified, owned, managed, and mitigated.

  • While organizational values are the heart of any E&C program, risk assessments provide the foundation upon which HQPs are built.
  • E&C staff collaborates across the organization to support a risk assessment process that identifies, prioritizes, and mitigates risk consistently.
  • Compliance performance, strength or weakness of organizational culture, employee willingness or fear to report, and other key E&C areas are evaluated and reported to the board as potential risks to the organization.
  • Leaders at all levels assume ownership for the ongoing identification and mitigation of risks that are relevant to their areas, both inside and outside the organization.
  • The board is regularly briefed on emerging E&C risks and how the E&C program is monitoring and mitigating risks where necessary.

Principle 3: Leaders at all levels across the organization build and sustain a culture of integrity.

  • Culture is the largest influencer of business conduct, and leaders are recognized as the primary drivers of that culture.
  • Leaders throughout the organization are committed to, and responsible for, making ethical conduct and decision making central to the organization and its operations.
  • The board assumes responsibility for evaluating the performance of senior management in providing ethical leadership and setting a proper tone at the top.
  • HQPs equip managers and supervisors with the support needed to make those values relevant to their day-to-day operations.
  • Recognizing that employees at all levels make ethics-related choices every day, HQPs provide resources, guidance, and training that emphasizes to all employees the importance of acting in accordance with shared values, seeking help, and speaking up.

Principle 4: The organization encourages, protects, and values the reporting of concerns and suspected wrongdoing.

  • HQPs focus on establishing an environment where issues can be raised long before situations are elevated to the level of misconduct.
  • HQPs prepare leaders and supervisors to respond appropriately if/when employees do come forward with concerns about wrongdoing.
  • Managers understand the impact of their actions, and HQPs hold them accountable for contributing to a culture that does not support the reporting of concerns.
  • There are focused efforts to prevent and deter retaliation.
  • HQPs treat all those who report violations fairly and consistently, and effectively support employees who report suspected violations.
  • The board is regularly briefed on high-level trends in employee reporting, and management is expected to be transparent with the board when substantive “bad news” transpires.

Principle 5: The organization takes action and holds itself accountable when wrongdoing occurs.

  • Investigations are timely, neutral, thorough, competent, and consistent.
  • When a violation is confirmed, the organization responds with appropriate consequences, regardless of the violator’s position within the company.
  • The organization maximizes learning from every substantiated case of wrongdoing.
  • HQPs recognize that technology has increased reputational risk.
  • HQPs have well developed systems for escalating issues, with regular testing for crisis management and response.
  • When appropriate, HQPs disclose issues to appropriate regulatory and government authorities and work cooperatively to respond to their concerns.
  • The board is well informed when substantive issues arise that require organizational accountability to stakeholders.

As corporate directors know better than anyone, there is no one approach to effective ethics and compliance. Each company’s circumstances are unique; therefore, their E&C programs must vary accordingly. But there are some universals among organizations that “get it right,” particularly when it comes to implementing a proper E&C tone at the highest levels of the organization. The board has an essential role in setting the expectation that the organization will not be satisfied with upholding only the minimum standard. Understanding the principles and practices that characterize leading E&C practice will help board members engage with management to ensure that the highest standard of integrity is seamlessly aligned with the performance of the organization overall.

See NACD’s Director Essentials: Strengthening Compliance and Ethics Oversight for more guidance on how directors can effectively oversee compliance and ethics efforts at their companies. Fortune 500 company directors offer additional insights on the role of the board and the audit committee in E&C oversight in the research brief NACD Audit Committee Chair Advisory Council: Audit Committee Oversight of Compliance.

Patricia Harned is CEO of the Ethics & Compliance Initiative (ECI) and frequently speaks and writes about workplace ethics, corporate governance, and global integrity. Ronnie Kann is executive vice president of research and program development at ECI, having served chief ethics and compliance officers, general counsel, and chief human resource officers throughout his career. Harned and Kann both contributed as authors to the ECI report Principles and Practices of High-Quality Ethics & Compliance Programs. The Ethics & Compliance Initiative (ECI) empowers its members across the globe to operate their businesses at the highest levels of integrity. ECI provides leading ethics and compliance research and best practices, networking opportunities, and certification to its membership, which represents more than 450 organizations across all industries. ECI is comprised of three nonprofit organizations: the Ethics Research Center, the Ethics & Compliance Association and the Ethics & Compliance Certification Institute. www.ethics.org

Is Internal Audit Meeting the Board’s Expectations?

NACD Blog Feed -

Jim DeLoach

Recently, the world’s largest ongoing study of the internal audit profession—the Global Internal Audit Common Body of Knowledge (CBOK)—was completed by the Institute of Internal Auditors (IIA) and Protiviti to ascertain expectations from key stakeholders regarding internal audit performance at organizations of varying operational models and sizes. The study sought input from members of audit committees all over the world about their expectations of the internal auditor’s role in the organization. We think all directors will find the results of the study applicable to their work in the coming year and beyond.

Below are six imperatives for internal auditors from the CBOK study based on feedback from audit committee members.

1. Focus more on strategic risks. According to the CBOK study, two out of three board members believe internal audit should have a more active role in evaluating the organization’s strategic risks. Study respondents indicated that internal audit should focus on strategic risks (as well as operational, financial and compliance risks) during audit projects (86 percent) and periodically evaluate and communicate key risks to the board and executive management (76 percent). Accordingly, chief audit executives (CAE) must focus their function sufficiently on the bigger picture to think more strategically when evaluating risks, proposing risk-based audit plans, and formulating audit findings. By understanding the organization’s business objectives and strategy, and identifying risks that create barriers to the organization achieving its objectives and executing its strategy successfully, the CAE increases internal audit’s value proposition.

2. Think beyond the scope. The call for internal auditors to think strategically leads to another challenge: thinking beyond the scope of the audit plan. Thinking beyond scope means, for example, that the auditor should:

  • “Connect the dots” when considering enterprisewide implications of the findings of multiple audits, particularly findings with significant business model underpinnings;
  • Broaden the focus on operations, compliance, and nonfinancial reporting issues; and
  • Watch for patterns or signs indicating a deteriorating risk culture.

By focusing more broadly on the implications of audit findings, and thinking beyond the expressed or implied boundaries set by the audit plan, internal audit is better positioned to deliver stronger, more practical, and harder-hitting recommendations aligned with what directors are seeking.

3. Add more value through consulting. In today’s era of slower economic growth, a high premium is placed on operational effectiveness and efficiency. The CBOK study respondents picked up on this point, as 73 percent of respondents recommended that internal audit advise on business process improvements. For example, consulting activities by internal audit can result in: strengthening of the lines of defense that make risk management work; more effective collaboration with other independent functions focused on managing risk and compliance; improvements in the control structure, including greater use of automated controls; and suggestions for improving and streamlining compliance. These study findings underscore the benefit of investing in consulting services that will strengthen business processes.

4. Facilitate effective, high-quality communication. Board members generally rate internal audit’s communication at a high level of confidence. For example, a large majority of directors give high scores for the quality (83 percent) and frequency (81 percent) of internal audit’s communication. That’s good news and a great foundation on which to build the board’s satisfaction with the internal auditor’s role.

5. Elevate stature and perspective. Intentionally positioning the CAE and internal audit within the organization is vitally important to their ability to meet elevated expectations. Access and perspective have always been keys to positioning. Access has typically been attained through direct reporting to the audit committee, as well as to the C-suite. But beyond these reporting lines, the study reports that two out of three board members rank the CAE’s participation in board settings beyond the traditional audit committee meetings as an effective strategy for broadening the CAE’s perspective. The board settings that are relevant in this context must be defined by directors to fit the organization’s specific needs. However the goal is defined, increased access to and more frequent interaction with the board broadens the CAE’s perspective of the organization and elevates the stature and visibility of the internal audit function within it. It also enables the CAE to establish relationships with directors, understand their views on addressing competing audit priorities, and earn the right to be viewed as a valued source of insight for the board.

6. Align with stakeholder expectations. In most organizations, not all stakeholders see eye to eye or want the same value from internal audit. This reality creates a significant challenge for CAEs tasked with building consensus among stakeholders. While directors may not expect their company’s CAE to address all of the above imperatives, they should initially and periodically assess whether internal audit is doing what matters based on previously-established imperatives. The CAE bears the brunt of the responsibility for addressing this challenge by articulating the value that a top-down, risk-based audit plan contributes to each facet of the organization, and by providing an assurance and advisory perspective that the board, executive management, and other stakeholders can understand.

Following are some suggested questions that directors may consider based on the risks inherent in the entity’s operations.

  • Does the board periodically evaluate the scope of internal audit’s activities and discuss whether modifications are needed in view of changes in company operations and the business environment? Is the board getting the insights it needs?
  • Does internal audit provide adequate attention to strategic risk issues, including barriers to the organization’s execution of the strategy?
  • Does internal audit have an appropriate mix of consulting and assurance activities?
  • Does internal audit have the stature and access necessary to maximize its effectiveness?

Jim DeLoach is managing director with Protiviti, a global consulting firm. 

Sustainability: No Longer a ‘Soft Issue’ for Boards

NACD Blog Feed -

As shareholders and stakeholders focus more on sustainability, board members increasingly are taking responsibility for the long-term sustainability of their companies. In this BoardVision interview, NACD’s publisher and director of partner relations, Christopher Y. Clark, moderates a discussion between Kellie Huennekens, from EY’s Center for Board Matters, and Brendan LeBlanc, partner at EY’s Americas Climate Change and Sustainability Services, on why directors should prioritize sustainability in the boardroom:

  • Sustainability is no longer being viewed as a “soft issue” for board members. Rather, it’s an issue that is tied to oversight of corporate strategy.
  • Shareholders are becoming more concerned about how environmental and social issues are affecting companies.
  • There are so-called quick wins for management and boards who realize their companies should address sustainability issues.

Brendan LeBlanc, partner at EY’s Americas Climate Change and Sustainability Services (left), and Kellie Huennekens, from EY’s Center for Board Matters.

Here are some highlights from the discussions.

Christopher Y. Clark: [Has] there been increased activity and interest by directors in the governance and oversight of sustainability?

Brendan LeBlanc: I would suggest that governance and oversight of sustainability is simply governance and oversight of the corporate strategy. Companies execute their business models in the context of planetary limits and societal expectations. Sustainability is a word that goes by a lot of other synonyms: citizenship, stewardship, responsible growth, resiliency, profitability, [and] in perpetuity. All of these concepts get at the essence of sustainability, and the idea of how a company’s strategy is executed has always been a board issue.

Kellie Huennekens: It’s all about shareholders, at least from my perspective. The EY Center for Board Matters has ongoing engagement with a full range of institutional investors. We track proxy voting of the 3,000 largest companies in the U.S., and what we’re seeing and hearing from them is that sustainability topics, [like] environmental and social issues, are key concerns…gaining traction among a broader range of investors. Basically, what investors are searching for is a better understanding of how nontraditional, nonfinancial developments are impacting the companies in their portfolio, and accordingly, they want to know more about board oversight of these issues.

Clark: The perception is that this was a soft issue, and I want to hear more about EY’s work with boards on not forcing it but enhancing it so it’s no longer viewed as a soft issue.

Huennekens: There are a number of companies that appear to be redefining how boards should be looking at sustainability topics. These companies are the leaders in the space, and they’re constantly communicating with one another [and] with investors to explore how to approach sustainability topics. It’s a very difficult area, partly because it’s new and partly because the topics covered are very broad and very challenging.

LeBlanc: Boards are meant to safeguard the assets of the companies they serve. And one of the trickier but more important assets is your social license to operate, [with] an engaged workforce that comes to work…[not only for a paycheck but also] because they’re doing something that they believe in. And how companies actually understand, report, and capture this information [is] a business issue. Today, that whole process is maturing, and as boards get more engaged on what we think our social license-to-operate issues are, [we’re asking], “What are the things that really matter to our business? What do we depend on for natural resources? What are society’s expectations of us? And how are we meeting that responsibility?”

Clark: I read the appendices of NACD’s handbook, Oversight of Corporate Sustainability, and one tip that stood out to me…was: get quick wins. I was hoping that you could flesh that out for me.

LeBlanc: Quick wins for the management of the company [have] historically [included being] good at cost savings. If you do well by managing energy, [and] reduce costs, that’s fine. If you do well by managing a safe workplace, and you reduce cost and increase morale, that’s fine. The company manages risks very well if they are [also] engaging stakeholders, those who might be impacted by getting them in the tent with them early and understanding what their expectations are of the business. Those are all good, quick wins in producing a report from the company that explains the progress that they’re making….On quick wins for the board, I would strongly suggest taking a look at the [handbook’s] appendix, where we’ve put a model charter [that helps with] understanding the board. Who’s responsible for what? What’s the governance around the nonfinancial commitments that you’ve either explicitly made or are expected of you from your stakeholders?

Huennekens: As an indication of investors’ interest on sustainability topics, more specifically environmental and social issues, we’ve been seeing in recent years that shareholder-sponsored proposals to management on environmental and social topics now make up one of the largest shareholder proposal categories. It’s now about half of all the shareholder proposal topics submitted. While some boards may ask [whether or not this is] really a big deal [considering the amount of stock the shareholder who filed the proposal holds], what we’re seeing is that the broader base of investors is supporting a number of these key topics. [These topics include] greenhouse gas emissions reduction, whether to produce a sustainability report on an annual basis…, a human rights assessment, [and] supply chain management issues. [These issues] are increasingly becoming more prominent in terms of the broad range of topics boards cover, and we’re seeing average support for these proposals increase as well.

Helpful Resources:

Oversight of Corporate Sustainability

Responding to Environmental Challenges: Building Resilient and Sustainable Organizations

What Boards Should Know About the Paris Agreement

Sustainability Rising

William Young is the editorial and research assistant for the National Association of Corporate Directors.

Crickets, Divorce, Silicon Valley, and the Future of Governance

NACD Blog Feed -

One of my favorite comments from an attendee at last year’s Global Board Leaders’ Summit went something like this: “I was expecting to be informed; I wasn’t expecting to be inspired.” For a team that works year-round scouring the globe to discover and deliver to you voices that are shaping the future, that’s about as good as it gets.

This year’s Global Board Leaders’ Summit is on track to be our biggest ever, and one big feature of the Summit remains the same: a diverse array of thought leaders will share paradigm-shifting insights that will challenge the way you think about leadership, give you new tools to approach your directorship practice, and perhaps inspire you in surprising ways.

Here’s a sampling of some of the most exciting sessions at Summit this year:

  • Michelle Crosby’s start-up Wevorce is not only shaking up Silicon Valley, it’s turning the historic, antagonistic model of divorce on its head. The company’s mission is to “help couples ensure their divorce is less damaging to themselves, their finances, and the people they love.” Crosby was named one of the American Bar Association’s Legal Rebels in 2014, a distinction reserved for “lawyers who are breaking new ground using technology.” “Every institution is subject to change, and the more entrepreneurs who learn to work in the system to create that change, the further we’re going to get,” Crosby said in an interview with USA Today. In an intimate fireside chat, Crosby will discuss innovation, entrepreneurship, disruption, and how the company applies the Wevorce model to talent management inside the company.
  • Howard Ross, one of the most highly rated thought leaders at last year’s Summit, is back again to share insights from his groundbreaking work on unconscious bias, diversity, leadership, and organizational change. The question directors should ask themselves, says Ross, is not “Is there bias?” Rather, directors should ask one another, “What biases do we have that keep us from making choices counter to the values that we say we believe in?” Ross will open the Diversity Symposium on Saturday and will lead an in-depth workshop on Monday focusing on board dynamics.
  • The United Nations estimates that by 2025, two-thirds of the world’s population may face fresh water shortages, a critical concern for business and society. Whitewater rafting guide turned CEO Pat Crowley is betting that the solution to that crisis might literally be in our backyards. Crowley’s passion for the outdoors led him to work as a water resource planner, which drew his curiosity to crickets, of all things. “I heard about insects as a more environmentally friendly form of nutrition. From a water perspective, it was clearly a game-changer,” he said. Crowley founded Chapul, a company that makes cricket-based energy bars, in 2012, “to leap over this psychological hurdle of eating insects in the United States.” With explosive growth— 500 percent annually for the past two years alone—Crowley is on track to break through those barriers. On the summit mainstage on Monday, Crowley will discuss what it means to be part of building a new industry that is challenging societal norms, reshaping the competitive landscape, and may just help save the planet.
  • Phil Gilbert has been working with start-ups for the past 30 years, the most recent of which was acquired by IBM in 2010. Now Gilbert leads IBM’s design team with a focus on an empathy-centered workforce. Bringing a start-up mentality to 100-year-old company can be a challenge and almost immediately Gilbert was forced to confront a disconcerting question: “Is the entire way we’re working an anachronism?” Embracing that hard truth has been nothing short of transformational. Gilbert comes to the Summit mainstage to discuss lessons learned in this transformation. “We’re at an interesting crossroads in business. I think the way business is done and businesses work inside themselves has got to fundamentally change in the twenty-first century,” he said.
  • As managing director of famed Silicon Valley venture capital firm Andreessen Horowitz, Scott Kupor has been part of building brands like Airbnb, Buzzfeed, Facebook, Foursquare, Lyft, Pinterest, and Skype—companies that have become synonymous with disruption. “Things that are fringe today might become mainstream over time,” Kupor explained on Fox News back in June, describing the philosophy that underpins Andreessen Horowitz’s approach to finding the next disruptive trend. In a mainstage fireside chat Tuesday, Kupor will discuss this philosophy in context with everything from M&A activity and shareholder activism, to IPO trends and the next big innovations he sees poised to disrupt the business landscape.
  • When Chelsea Grayson took on the role of general counsel at American Apparel, she faced a daunting task: to help turn around a company that was operating in an increasingly competitive industry and was coming off of a tumultuous series of events, including high-profile sexual harassment allegations, layoffs, bankruptcy, and protests. In February, Grayson told the legal blog Above the Law, “I have been in-house for over a year now, and I have encountered just about every legal issue a general counsel might experience in an entire career.” Next month, Grayson will share her insights on governing complexity, a subject she has become adept at navigating during her tenure at American Apparel.

These are just a few snapshots of the incredible line-up of thought leaders who will join us in September. Want to learn more? View the full list of speakers and sessions at www.NACDonline.org/summit.

 

‘Secret Sauce’ for the Nominating and Governance Committee Chair

NACD Blog Feed -

Overseeing a company’s corporate governance process and structure, the nominating and governance (nom/gov) committee is essential to a company’s long-term success. In this BoardVision interview—moderated by NACD Director of Partner Relations and Publisher Christopher Y. Clark—Bonnie Gwin, vice chair and co-managing partner of the global CEO and Board Practice at Heidrick & Struggles, and Thomas Bakewell, CEO and board counsel at Thomas Bakewell Consulting, discuss the qualities of an effective nom/gov committee chair:

  • Sets the right mix between board culture and composition
  • Facilitates cross-committee communications
  • Performs effective board evaluations
  • Spots diverse talents in director candidates

Bonnie Gwin, vice chair and co-managing partner of the global CEO and Board Practice at Heidrick & Struggles (left) and Thomas Bakewell, CEO and board counsel at Thomas Bakewell Consulting.

Here are some highlights from the discussion.

Christopher Y. Clark: Depending on what your definition of best is, why should the best director on the full board be the chair of the nom/gov committee?

Bonnie Gwin: In my opinion, it is an incredibly critical role. You’re talking about a director who is helping guide the board in not just developing a great composition for the board that is strategic and focused…, but also a director who understands the culture of the company and the board that they’re trying to build. You really need an outstanding director who understands that mix between composition and culture and can work closely with the board to get it right.

Thomas Bakewell: Bonnie is spot on in terms of composition and having the right team around the table. The other magic that you need in a terrific nom/gov chair is somebody who can draw people out, spot talent, make sure everybody gets heard, [and] really…build the team. Coming from a baseball town where we have a pretty good manager [who] wins a lot of World Series, we know the value of having a great person who can draw everybody out and get the team to work together. It’s really [about teamwork] … and using a lot of the tools that are available today. One of the trends in tools is…much more thorough and in-depth evaluations. [These are] … not just check-the-box or check-the-list [exercises] but in-depth individual board evaluations to know what’s really going on in the boardroom and among directors.

Clark: NACD [held] a combined meeting of the NACD Audit Committee Chair Advisory Council and NACD Risk Oversight Advisory Council. … It was invaluable for both sets of committee members. How do you feel about [meetings between committees] … whether it’s audit and risk [or] compensation and nom/gov? Do you think those interrelationships of committees should be enhanced or promoted?

Gwin: Generally speaking, transparent communication across all the committees of the board is essential. It’s essential for a high-functioning board. And in particular where you have, for example, [the] nominating [and] compensation [committees], there’s a lot of interplay between them and the issues they’re addressing. I think it’s important to ensure that there [are not only] good transparent lines of communication between those two committees, but frankly across the whole board.

Bakewell: The magic ingredient is how people work together, and part of that key element is how they communicate. The old approach to boards was everybody showed up the day before the board meeting [and] went to the committees. A lot of times people went to every committee [meeting]. What’s the point [now]? You don’t have the time. You don’t have the energy. You don’t have the resources today. So how do you have a board where everybody trusts each other and they communicate? If you’re not on the audit committee and important issues come up…, can you simply pick up the phone and reach out to the audit committee chair, or is there another process that’s very helpful for you to get the information you need?

Clark: Please give us one last piece of wisdom.

Gwin: The piece of wisdom I would share is the importance of long-term succession planning. We’ve talked about that several times, but I really think, looking at board composition [and] board dynamics… over the next four or five years…is very important.

Bakewell: I would say my secret sauce is [that when looking at director candidates] it’s not so much [looking at] … particular talents, [because] everybody can look at a resume and see what somebody has. They’re going to see if they’re a CEO, [or] they’re skilled in marketing. The real magic is [asking], “What is their true personality? Are they a ‘driver’ personality? Are they a curmudgeon?” Sometimes boards need curmudgeons. Is somebody a strategic thinker, or is their skill set not [being] a strategic thinker but taking strategy and converting it into action? What have they done in their past experience that really makes them qualified for this role?

Clark: Well I think we’ve got all the synapses popping. I wanted to thank the both of you for joining me today.

Additional Resources:

Report of the NACD Blue Ribbon Commission on the Governance Committee: Driving Board Performance

NACD Resource Center: The Nominating and Governance Committee

Report of the NACD Blue Ribbon Commission on Board Evaluation: Improving Director Effectiveness

Beating the M&A Odds: Three Big Risks (and Key Questions) for Directors

NACD Blog Feed -

Director Essentials: Strengthening M&A Oversight is available exclusively to NACD members. To become a member, please contact Brandan Nass at Join@NACDonline.org. To learn more about NACD, visit NACDonline.org

Every corporate director knows the importance of M&A in the grand scheme of enterprise. With some 40,000 significant transactions announced annually, M&A is hard to ignore. Yet there are persistent risks that directors need to understand and mitigate through insightful questions and the dialogue that ensues.

  1. Risk: Not all bets will pay off—at least not right away. Buying a company means placing a bet on the future. Given the level of unpredictability involved, there is some chance that the merger will fail to achieve its goals and/or fail to return incremental value to shareholders. It is commonly cited that “80 percent of all mergers fail” to add value; however, this percentage is an exaggeration. Event studies that compare transactions over time present a more realistic picture by showing that incremental financial value is not assured. For example, a study conducted by Kingston Duffie, publisher of the digital magazine Braid, indicates that companies actually lost 4.8 percent of their value when they spent at least five percent of their market capitalization on M&A during the 18-month period between October 2014 and March 2016. The interactive graphic included in the study shows differentiated performance during the period—high for Stamps.com Inc., medium for Starwood Hotels & Resorts Worldwide Inc., and low for EV Energy Partners. Your company could experience returns like any one of these.

Question for Directors: If this merger ends up having a slightly negative result for our shareholders, what are the compelling strategic reasons to do this deal? When do we believe that deal synergies will materialize?

  1. Risk: As a director, you could be named in a lawsuit—especially if you are voting on the sale of a company. In 2015, lawsuits were brought in 7 percent of completed takeovers. Although most cases settle, some do go to trial. In a trial setting there are four main standards for judging director conduct in the sale of the company, ranging from lenient to stringent:
  • The business judgment rule (trusting the decision as long as directors have no conflicts of interest and are reasonably well informed).
  • The Unocal standard (protecting anti-takeover moves only if a threat is real).
  • The Revlon standard (requiring an auction process once a company is in play).
  • Entire fairness (requiring both a fair price and a fair process).

In addition, when a company has promised its shareholders the right to have the company appraised, the court itself can impose its own valuation. In the original Dell go-private transaction, the court retroactively forced the company to pay aggrieved stockholders what the court deemed to be a missing increment to their premium.

Question for Directors: How can we find assurance that sale is in the best interest of the company and its owners, and that we have chosen an optimal price? How can we ensure that there is a litigation-ready record of our deliberations in this regard?

  1. Risk: You could lose your board seat. According to a study by Kevin W. McLaughlin and Chinmoy Ghosh of the University of Con­necticut, there is a higher rate of retention for directors from the acquiring firm (83 percent) following a merger, with the most likely survivors being individuals who serve on more than one outside board. Only about one-third of directors from the target board (34 percent of the inside directors and 29 percent of the outside directors) continue to serve after the merger.

This October, when Dell Inc. and EMC Corp. officially merge (assuming full regulatory clearance following their recent shareholder approval), many who serve on the EMC board may not be on the post-merger Dell board, including retiring EMC Chair-CEO Joe Tucci. When the merger was first announced last October, a spokesman for Elliott Management Corp. stated in a press release, “Elliott strongly supports this deal. As large stockholders, we have enjoyed a productive and collaborative dialogue with Joe Tucci and EMC’s Board and management. We are confident that this Board has worked tirelessly to evaluate all paths for the company and that today’s transaction represents the best outcome for stockholders.”

Saying goodbye to some or all of these incumbents this fall will seem to be an ironic outcome for creating value. And yet that is how it must be. Fiduciaries are not self-serving, but rather they serve on behalf of shareholders to promote the best interests of the company. As such, they need to be ready to move on when that is the best outcome for the corporation. Still, it is disruptive (and not always creatively so) to be a trusted voice of wisdom for the future one day, and mere history the next.  

Question for Directors: If we sell this company and our board must merge or disband, who among us will be most useful in steering the combined company in the next chapter?

These are not easy questions. But by asking them, directors can help their companies beat the tough M&A odds.

For more insights, see Director Essentials: Strengthening M&A Oversight, and Governance Challenges 2016: M&A Oversight—two new publications available without charge to all NACD members. See also “Does the Deal Fit the Strategy?” in Metropolitan Corporate Counsel, and “Project M&A” in Financier Worldwide.

Corporate Secretary Guidelines: Taking Notes and Preparing Official Minutes

NACD Blog Feed -

Bart Friedman and Bradley J. Bondi

Meeting minutes of the board of directors, which usually are prepared by the corporate secretary, can play a crucial role in a government investigation or civil litigation relating to a decision or indecision of the board of directors or the knowledge of an individual director. In some instances, the minutes could establish an important defense for directors, while in other instances the minutes may subject directors to unnecessary criticism or worse. Directors should ensure that the corporate secretary follows these guidelines.

Unlike the meeting secretary, directors neither are obligated nor are advised to take individual notes during board and committee meetings. Individual director notes are unnecessary because the secretary’s official minutes will contain a record of the meeting. Additionally, director note-taking is risky. Directors’ notes likely would be discoverable in litigation, and notes that seemed clear in the days after a meeting may not be clear several years later after memories have faded. Absent a clear interpretation, adversaries will attempt to impose their own meanings on the notes. Furthermore, if multiple directors take notes, discrepancies may exist with other notes or the official meeting minutes.

Although individual circumstances may vary, below are some general guidelines that corporate secretaries of U.S. companies should follow when they take official notes and prepare meeting minutes for the board of directors. If a company is incorporated outside the United States, different guidance might apply.

  1. Record the essential information. The corporate secretary should record essential information such as the date, starting and ending times, location, attendees (e.g., directors, management, experts, and legal counsel), presence and maintenance of a quorum, meeting chair, materials distributed in advance of the meeting, topics discussed, and decisions made in a formal meeting of the board. In some cases, the secretary should note the length of particular discussions and deliberations, especially if a particular discussion is an important part of the meeting. Directors also should ensure that the notes taken by the corporate secretary do not editorialize, as commentary could be misconstrued by an adversary if discovered in litigation.
  1. Clearly identify separate meetings and tasks. Because notes and minutes are incomplete by nature, the more organization and structure they contain, the easier they will be to understand and interpret in the event that they are scrutinized. Secretaries should use the meeting’s agenda as a guide for organizing and labeling their notes and the minutes, and should indicate transitions from one topic to the next, including presentations by management, counsel, or advisory firms and executive sessions.
  1. Identify in notes when an attorney is present during a conversation. Directors’ interactions with lawyers usually are protected by the attorney-client privilege or work-product protection, which may shield the content of those discussions from being turned over to an adversary. Boards also should consider including the general counsel in meetings that could involve a discussion of legal issues. If a lawyer is present during any portion of a meeting, the minutes should indicate the lawyer’s name and law firm, and the portions of the meeting for which the lawyer was present. Generally, the minutes for these interactions should indicate only that such discussions occurred and the general topics discussed.
  1. Identify and describe the board’s deliberative process. Recording the general fact that the directors discussed or deliberated about an issue is critically important. However, what a particular director said about a particular issue is usually less important. For that reason, and to avoid errors in attribution, the secretary’s notes and official minutes generally should use collective or passive-voice descriptions (e.g., “the directors discussed the matter” or “a discussion ensued”) as opposed to attempting to record individual viewpoints and the directors who expressed them. Because directors may express passionate views about an issue, the secretary should exercise good judgment in determining what to record.
  1. If notes are taken by hand, they should be clearly, legibly recorded, and should not include shorthand. Illegible meeting notes and notes taken in shorthand can be difficult to interpret when the secretary refers to them while drafting the official minutes. Provided typing is not disruptive to the directors in the meeting, directors should ask corporate secretaries to consider taking notes on a secure computer. Clarity and accuracy are crucial because a difference of opinion between directors regarding the events that occurred at a meeting ultimately may be resolved by reference to the secretary’s notes. In the litigation or regulatory enforcement context, unclear notes may result in meeting minutes that lack an obvious, objective interpretation and are susceptible to being misinterpreted by an adversary.
  1. Encourage the secretary to maintain a standard practice of note taking. Secretaries generally should establish and maintain a standard practice for taking notes, retaining meeting materials and individual notes, and preparing meeting minutes. Deviating from a standard practice could raise negative inferences from a regulator or court.
  1. The secretary should distribute the draft minutes for directors to review as soon as practicable. During their review, directors and secretaries should be mindful of any important events that occur between the meeting date and the finalization of the minutes. If a director believes the minutes omit important information, then the director should discuss orally the matter with the secretary. E-mails regarding the minutes between the secretary and directors, or among directors, should be strictly discouraged.
  1. Discuss with counsel whether to retain notes and draft minutes. There may or may not be a legal or corporate requirement for the secretary to retain his or her meeting notes or draft minutes. After the official minutes are approved, the secretary should discuss with company counsel whether there is a requirement to maintain these materials and ascertain the length and nature of the requirement. If there is no requirement to maintain the materials, the secretary should discuss with counsel whether and how to discard them.

Bradley J. Bondi and Bart Friedman are partners with Cahill Gordon & Reindel LLP. They advise financial institutions and global corporations, boards of directors, audit committees, and officers and directors of publicly-held companies in significant corporate and securities matters, with particular emphasis on internal investigations and enforcement challenges. Michael D. Wheatley, a litigation associate at Cahill, assisted with this article.

COSO ERM Revised: What It Means for Your Board

NACD Blog Feed -

Jim DeLoach

Recently, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its updated enterprise risk management (ERM) framework for public exposure and comment. Why is it important for directors to heed and apply these updates to their work? What follows is a summary of five important insights for directors to implement in the boardroom from the revised framework.

1. Identifying risks to the execution of the strategy is not enough. Many organizations focus on identifying risks that might affect the execution of the chosen strategy. The process of identifying these risks is an inherently good exercise. However, COSO asserts that “risks to the strategy” are only one dimension of strategic risk. There are two additional dimensions to applying ERM in strategy setting that can significantly affect an enterprise’s risk profile.

  • The “possibility of strategy not aligning” with an organization’s mission, vision, and core values, which define what the organization is trying to achieve and how it intends to conduct business. Directors should ensure that the company doesn’t put into play a misaligned strategy that increases the possibility that the organization may run askew of its mission and vision, even if that strategy is successfully executed.
  • The “implications from the strategy.” COSO states: “When management develops a strategy and works through alternatives with the board, they make decisions on the tradeoffs inherent in the strategy. Each alternative strategy has its own risk profile—these are the implications from the strategy.” When overseeing the strategy-setting process, directors need to consider how the strategy works in tandem with the organization’s risk appetite, and how it will drive behavior across the organization in setting objectives, allocating resources, and making key decisions.

In summary, the updated COSO framework asserts that all three dimensions need to be considered as part of the strategy-setting process. Failure to address all three could result in unintended consequences that lead to missed opportunities or loss of enterprise value.

2. Recognizing and acting on market opportunities and emerging risks on a timely basis is a differentiating skill. COSO asserts that an organization can be viable in the long term only if it is able to anticipate and respond to change—not only to survive, but also to evolve. Enterprise resilience, or the ability to function as an early mover, is an indispensable characteristic in an uncertain business environment. Therefore, corporate strategies must accommodate uncertainty while staying true to the organization’s mission. Organizations need to exhibit traits that drive an effective response to change, including agile decision-making, the ability to respond in a cohesive manner, the adaptive capacity to reorganize, and high levels of trust and collaboration among stakeholders.

3. Strengthening risk governance and culture sets the right tone. Effective risk governance sets the tone for the organization and reinforces the importance of, and establishes oversight responsibilities for, ERM. In this context, culture pertains to ethical values and responsible business behaviors, particularly those reflected in decision-making. COSO asserts that several principles drive the risk governance and culture needed to lay a strong foundation for effective ERM:

  • fostering effective board risk oversight;
  • recognizing the risk profile introduced by the operating model;
  • encouraging risk awareness;
  • demonstrating commitment to integrity and ethics;
  • establishing accountability for ERM; and
  • attracting, developing, and retaining talented individuals.

Whether an organization considers itself risk averse, risk neutral, or risk aggressive, COSO suggests that it should encourage a risk-aware culture. A culture in alignment with COSO’s revised principles is characterized by strong leadership, a participative management style, accountability for actions and results, embedding risk in decision-making processes, and open and positive risk dialogues.

4. Advancing the risk appetite dialogue adds value to the strategy-setting process. The institution’s risk appetite statement is considered during the strategy-setting process, communicated by management, embraced by the board, and integrated across the organization. Risk appetite is shaped by the enterprise’s mission, vision, and core values, and considers its risk profile, risk capacity, risk capability, and maturity, culture, and business context.

To be useful, risk appetite must be driven down from the board and executives into the organization. To that end, COSO defines the “acceptable variation in performance” (sometimes referred to as risk tolerance) as the range of acceptable outcomes related to achieving a specific business objective. While risk appetite is broad, acceptable variation in performance is tactical and operational. Acceptable variation in performance relates risk appetite to specific business objectives and provides measures that can identify when risks to the achievement of those objectives emerge. Operating within acceptable parameters of variation in performance provides management with greater confidence that the entity remains within its risk appetite; in turn, this provides a higher degree of comfort that the entity will achieve its business objectives in a manner consistent with its mission, vision, and core values.

5. Monitoring what really matters is essential to effective ERM. The organization monitors risk management performance and how well the components of ERM function over time, in view of any substantial changes in the external or internal environment. If not considered on a timely basis, change can either create significant performance gaps vis-à-vis competitors or can invalidate the critical assumptions underlying the strategy. Monitoring of substantial changes is built into business processes in the ordinary course of running the business and conducted on a real-time basis. As ERM is integrated across the organization, the embedding of continuous evaluations can systematically assist leadership with identifying process improvements.

Following are some suggested questions that boards may consider, based on the risks inherent in the entity’s operations:

  • Is the board satisfied that the organization is adaptive to change, and that management is considering the effects of volatility, complexity, and uncertainty in the marketplace when evaluating alternative strategies and executing the current strategy?
  • Should management consider the principles supporting effective implementation of ERM, as set forth by COSO, to ascertain whether improvements are needed to the enterprise’s risk management capabilities?

 

Jim DeLoach is managing director with Protiviti, a global consulting firm. 

Subscribe to Lonergan Partners aggregator - Boards & Governance