Boards & Governance

Board Oversight of Cyber Risk in the Wake of the Yahoo Breach

NACD Blog Feed -

The major cyber breach that Yahoo announced last week has ripple effects not only for the multimedia platform, but for every company. The incident already has caught the attention of a senator who is calling on the U.S. Securities and Exchange Commission (SEC) to investigate how Yahoo disclosed the breach to shareholders and the public.

Background on the Breach

Ashley Marchand Orme

Account data for at least 500 million users was stolen by what Yahoo has called a “state-sponsored actor” in what CNN Money calls one of the largest data breaches ever. Compromised information includes names, email addresses, phone numbers, dates of birth, encrypted passwords, and security questions.

Yahoo has not named a country of origin for the hacker. The company, which Verizon is seeking to acquire, is still one of the busiest online sites, boasting one billion monthly users.

The breach occurred in late 2014, according to Yahoo, but the company just disclosed the incident in a press release dated Sept. 22, 2016. The Financial Times reports that Yahoo CEO Marissa Mayer may have known about the breach as early as July of this year, raising questions as to why it wasn’t disclosed sooner.

Attention From Lawmakers

Sen. Mark R. Warner (D.-VA), a member of the Senate Intelligence and Banking Committees and cofounder of the Senate Cybersecurity Caucus, sent a letter to the SEC yesterday asking the agency to investigate whether Yahoo complied with federal securities law regarding how and when it disclosed the incident.

“Data security increasingly represents an issue of vital importance to management, customers, and shareholders, with major corporate liability, business continuity, and governance implications,” the senator wrote.

Warner—who cofounded the company that became Nextel, a wireless service operator that merged with Verizon—also told the SEC that “since published reports indicate fewer than 100 of approximately 9,000 publicly listed companies have reported a material data breach since 2010, I encourage you to evaluate the adequacy of current SEC thresholds for disclosing events of this nature.”

And Warner isn’t the only lawmaker pushing for increased cyber regulations. Earlier this month, New York Governor Andrew Cuomo (D-NY) announced proposed cybersecurity regulations to increase the responsibility of banks and insurance to protect their information systems and customer information. The regulations, if instated, would apply to companies regulated by the New York Department of Financial Services (NYDFS) and would require them to—among other steps—establish a cybersecurity policy and incident response plan. Companies would also have to notify the NYDFS within 72 hours of any cyber event that is likely to affect operations or nonpublic information.

The Boardroom Response

Any company—whether public, private, or nonprofit—can fall prey to a breach, and even companies with formal cybersecurity plans can find themselves the victims of a breach. Preliminary data from the 2016-2017 NACD Public Company Governance Survey show what corporate directors are already doing to oversee cyber-related risks.

When asked which cybersecurity oversight practices the survey respondents’ boards had performed over the past 12 months—and directors could select multiple answers—the most common responses included:

  • Reviewed the company’s current approach to protecting its most critical data assets (76.6%)
  • Reviewed the technology infrastructure used to protect the company’s most critical data assets (73.6%)
  • Communicated with management about the types of cyber-risk information the board requires (64.4%)
  • Reviewed the company’s response plan in the case of a breach (59.3%).

“Corporate directors should ask management for an accurate and externally validated report on the state of the organization with respect to cyber risk,” said Robert Clyde, a board director for ISACA, which is a global IT and cybersecurity professional association, and White Cloud Security. “They should also ask what framework is being followed for IT governance.”

Aside from high-profile breaches of emails and email providers, Clyde says that breaches related to ransomware are increasing.

“Ransomware encrypts data that can only be decrypted by paying the attacker a fee in Bitcoins.  According to the NACD Cyber-Risk Oversight Handbook and many other organizations, the key control to reduce the risk of attack—including ransomware—is restricting user installation of applications, called ‘whitelisting’ or ‘Trusted App Listing,’” Clyde said. “Yet this highly recommended control is rarely implemented. Boards should ask organizations for their plans to implement this specific control.”

NACD Resources

NACD recently announced a new online cybersecurity learning program for directors. The multi-module course aims to enhance directors’ understanding of cybersecurity, and the difference between the board’s and management’s responsibilities related to cyber risks. Participants in the program, which is the product of partnership between NACD, Ridge Global, and the CERT Division of Carnegie Mellon University’s Software Engineering Institute, will work through a cyber-crisis simulation and take a comprehensive exam. Successful completion of the program will earn the participant a CERT Certificate in Cybersecurity Oversight.

For board-level tools and templates to fortify your oversight practices, visit NACD’s Cyber-Risk Oversight Resource Center.

 

 

Re-Thinking Capitalism: Best-Selling Author Espouses Higher Calling for Boards

NACD Blog Feed -

“Society needs financial wealth … but it matters how you make the money,” said Rajendra Sisodia, co-founder and co-chair of Conscious Capitalism Inc., and director of the Container Store Group. “Businesses not only create, they can destroy financial wealth, as well.”

Sisodia, a marketing professor at Babson University whose published books include Conscious Capitalism and Firms of Endearment, delivered a keynote address on capitalism’s transformative power Tuesday at NACD’s Global Board Leaders’ Summit. The four-day summit convened more than 1,300 attendees—the world’s largest gathering of corporate directors—in Washington, D.C. from Sept. 17-20.

Roots of Capitalism

One of the most significant conclusions of Scottish moral philosopher Adam Smith’s seminal 1776 book, An Inquiry Into the Nature and Causes of the Wealth of Nations (often referred to as The Wealth of Nations), was that places rooted in freedom tend to be more prosperous. Smith’s work became a foundational text on how capitalist markets work.

“That same year—an extraordinary historic coincident in some ways—the United States was born as a country, but more importantly, an idea. [It was] the only country born out of a set of ideas,” Sisodia said. “The ideas all revolved around liberty and freedom.” Entire segments of the American population, however, were not initially given access to that freedom—including African-Americans, native populations, and women—but the nation has extended freedoms steadily over the course of its nearly 250-year history.

“What is capitalism? Political and economic freedom,” Sisodia proclaimed. It’s rooted in the idea that free markets—or economic growth driven by individuals, rather than a centrally planned economy directed by the government or a political system—help people collectively elevate their material living conditions and boost prosperity, he said.

Poverty and Capitalism

A misperception about capitalism, Sisodia said, is that it exploits people of lower income brackets, locking them into poverty. Research, though, suggests that as capitalist markets have expanded, poverty rates have declined.

Data from the World Bank show that rates of extreme poverty have decreased considerably over the past three decades. More than half of people in the developing world lived on less than $1.25 per day in 1981, compared with 21 percent living on that amount per day in 2010.

Sisodia credited that decrease to prosperity derived from capitalism, saying that the key challenge for lifting the rest of the world out of poverty is not the unequal distribution of income, but the unequal distribution of freedom.

How the World Is Changing

“What will it take for companies to flourish in the future—and not just flourish for the purpose of making a lot of money, but actually be agents of flourishing in society?” Sisodia asked. The simple answer, he continued, is that you must be in harmony with the fact that people have changed over time to become, among other things, more:

  • There are now more mobile devices on Earth than there are people. The internet and use of social media have further connected the world. Facebook now claims 1.6 billion users.
  • The rate of serious violent crimes in U.S. public schools has dropped significantly to about one-third of what it was in 1994. Europe, Sisodia said, had experienced 1,200 wars in 600 years, but since 1945, inter-state wars on the continent have disappeared.
  • Sisodia described the so-called Flynn Effect, which suggests that there has been a consistent increase in IQ scores from 1930 to the present.
  • Embracing of “feminine” values. “I think the great story of this century is … the end of the suppression of the feminine [side of humanity],” Sisodia said. Women now earn more college degrees than men in the United States, and as a result, the expectation is that women will rise in positions of leadership—particularly in white-collar work settings. That will naturally mean that so-called feminine values, which he described as including cooperation, empathy, and compassion, will gain more traction in society.

Tenets of Conscious Capitalism

Accepting that the world is changing, Sisodia advised that businesses embrace the four tenets of conscious capitalism. That means to act with:

  • A higher purpose, or more specifically, a purpose beyond generating profits. Sisodia’s website provides a further explanation by quoting University of Virginia Darden School of Business professor and Conscious Capitalism, Inc. trustee, Ed Freeman: “We need red blood cells to live (the same way a business needs profits to live), but the purpose of life is more than to make red blood cells (the same way the purpose of business is more than simply to generate profits).”
  • A stakeholder orientation. Conscious businesses exist not only to maximize ROI for shareholders, but also seek to enhance value for all stakeholders, leading to a more resilient business.
  • Conscious leadership that demonstrates care for purpose and people; and
  • Conscious culture built on trust, care, and transparency—not rooted in fear and stress (the risk of having a heart attack is 20% higher on Mondays for men, 15% for women, and most research blames the stress of returning to work for these statistics).

Boards: Stewards of Well-Being

Sisodia offered several considerations aimed at helping boards—and companies—become more conscious overseers:

  • The primary duty of the board is to the corporation—which has its own significant role in society—rather than shareholders.
  • Understand and shape the company’s higher purpose. Ask your board to reflect on why the company would be missed if it were to disappear tomorrow.
  • Consciously seek to create value for all stakeholders.
  • Appoint strong leaders with a capacity for love and care. It is not healthy to appoint leaders who are analytically smart but lack empathy and other forms of emotional intelligence.
  • Build a culture of “full-spectrum” consciousness, meaning that you are not only concerned with service to people and a higher purpose, but also efficiency, effectiveness, and success.
  • Ensure youth and feminine perspectives are heeded when making business decisions.

Humanity is more aware of its challenges and problems than ever before, Sisodia said in closing, and the individual and collective capacity to respond to those challenges has never been higher. “We have to create the organizational forms and philosophies and build business on [the ideals of] purpose and caring. … [A]ll of those answers that we need to our crises are out there inside somebody. We just have to figure out how to liberate that.”

What the Changing Geopolitical Landscape Means for Your Company

NACD Blog Feed -

Ian Bremmer, founder and president of Eurasia Group, is often described as a guru of political risk—a type of risk that’s becoming more important for companies to consider. In his keynote address at the 2016 NACD Global Board Leaders’ Summit, he advised that, although companies have traditionally focused on financial returns, they will need to be primarily concerned about the security of their investments going forward—and investments stand to be radically impacted by geopolitical disruption. Bremmer noted that the impact of significant global changes is much greater than the outcome of the upcoming U.S. elections.

He also pointed out two global developments that companies need to keep top of mind:

1. The increased fragmentation of geopolitical power: Over the past half century, American businesses conflated Americanization with globalization. That line of thinking is failing to hold up, and Americanization of global markets has halted. The United States can no longer set and control the rules of global diplomacy and market place and will be increasingly reluctant to police global tensions. The United States’ transatlantic partnerships are weakening, and the European common market is under threat. These conditions have created an economic power vacuum that China is primed to step up and lead.

A champion of state-owned enterprise and the yuan, China has economic interests that are not aligned with those of the United States. This creates problems for U.S. businesses seeking to conduct business abroad. “Political hedging leads to economic hedging,” Bremmer said. “Corporations that are seen as being aligned with one country will be challenged to commercially succeed in others.” Uber’s failure in China is just one example.

2. The erosion of key social contracts: In recent years, there have been breakdowns in the implicit social contracts between governments and citizens and between companies and consumers. Rising populist anger is challenging the legitimacy of governments and threatening longstanding commitments to free trade. On the economic front, developed countries are spurring economic growth through innovative applications of technology—but these advancements are displacing millions of workers. As a result, Bremmer foresees a rise in nationalistic parties that will challenge the status quo and threaten international commerce, following similar strategies as the Brexit movement the U.K.

But where governments fail to adapt, other parties can step in to make amends—and companies are well positioned to be part of the solution. Bremmer offered the example of AT&T, which faced the possibility of needing to lay off a portion of its workforce because their work no longer supported the company’s future growth. But AT&T also knew that because of the transformations in the telecommunications industry in recent years, these workers would be hard pressed to find employment at another firm. Instead, the company decided to retrain these workers so they could support AT&T’s future trajectory. “If a corporation is the first to say it understands the social contract is breaking down and offers a solution, it will serve them well,” Bremmer said.

Economics, Uncertainty, and the 2016 Election

NACD Blog Feed -

At a mainstage panel during NACD’s 2016 Global Board Leaders’ Summit on September 19, directors, economists, and former regulators discussed the potential regulatory, economic, and geopolitical implications of the coming election and reflected on how corporate directors and executive teams should adjust to greater levels of ambiguity. One of the panelists, Nicholas M. (Nick) Donofrio, director of Advanced Micro Devices Inc., BNY Mellon Corp., Delphi Automotive PLC, Liberty Mutual Co., the MITRE Corp., and NACD, and the former head of innovation at IBM, characterized today’s external environment as “lumpier and more abrupt than even a few years ago,” forcing companies and their boards to be always on alert and to act quickly in response to change.

The panelists offered a range of projections to help corporate directors assess the business impact of the upcoming elections. They emphasized that aside from a new occupant of the White House, the elections also have the potential to drive significant changes in Congress, major regulatory agencies, and the judicial system. The discussion centered on four major questions of importance for companies and the boards that oversee them.

  1. How likely is a major reform of the tax code?

Reform of the corporate tax code is long overdue, said former U.S. Senator Olympia J. Snowe, director of Aetna, Inc. and the Bipartisan Policy Center. For years, companies have learned to accept the “permanent temporary tax code,” and the resulting policy uncertainty has made investment and capital allocation decisions more challenging. Snowe suggested that even if House and/or Senate control switches from one party to another, it is unlikely that Democratic and Republican congressional leaders will be able to transcend their fundamental differences about taxation and break the current gridlock. Most likely, she believes, the incoming president will use the power of the pen to tweak the current tax code through executive orders.

  1. Should we expect continued regulatory activism?

Troy A. Paredes, director of Electronifie and former Commissioner of the U.S. Securities & Exchange Commission (SEC), shared his concern that “the tidal wave of regulations” seen in the past few years won’t slow down, and it will force companies to commit more time and resources to compliance. “Elections are always major inflection points,” he said, that either sustain or reset the policy priorities of the SEC and other key regulatory bodies such as the Commodity Futures Trading Commission, Federal Trade Commission, and Federal Communications Commission. Meanwhile, Paredes urged directors to be alert as to whether Mary Jo White, the current chair of the SEC, will have enough time in her remaining tenure to finish rule-making on key corporate governance matters covered in Dodd-Frank.

  1. Will our political system address skill shortages in the labor market?

Nick Donofrio offered a mixed view of how the country is addressing the looming crisis in the labor market where current skill sets do not align with the future industry needs. “Our political institutions are too polarized to take meaningful action,” he said. However, it’s crucial that the United States build a digitally competent and productive labor force that can be employed to deliver high-tech manufacturing. “We cannot afford to only create [financial] value in this country, but we must also [manufacture] value here. That means returning much more research and development and production to American soil.” In the absence of government investment, he’s optimistic that the private sector will step up to address this critical challenge and find innovative ways to reskill displaced workers.

  1. How will the United States make itself more competitive globally?

Harry Broadman, a seasoned economist and the CEO and managing partner of Proa Global Partners LLC, reminded the audience that the United States faced a similar set of challenges to its global competitiveness in the 1980s when Japan was projected to become the world’s economic leader. A major difference today may be the backlash against free trade, which could jeopardize the adoption of the Trans-Pacific Partnership and threaten the underpinnings of the European Union. Broadman underlined that it will be critical for U.S. policymakers to remove barriers to foreign investments from high-growth emerging market companies that will contribute to quality job growth. This new generation of enterprises is important to the future of global business, which will no longer be dominated by firms headquartered in the West.

He and other panelists also spoke extensively about the importance of major investments in public infrastructure. America’s crumbling highways, bridges, ports, and technology infrastructure significantly impede further productivity growth, which Broadman believes is the country’s major Achilles’ heel.

The “Orbital” Governance Perspective: An Astronaut’s Lessons From Space

NACD Blog Feed -

Few institutions represent American ingenuity and innovation more clearly than its space program. With rapt attention, the world watched July 20, 1969, as Mission Commander Neil Armstrong of NASA’s Apollo 11 spacecraft became the first person to walk on the moon.

Ron Garan—retired astronaut and chief pilot for commercial space launch provider World View Enterprises Inc.—was one of those who watched. “My most vivid childhood memory was July 20, 1969,” Garan said. “On some level, I realized that we had just become a different species. A species no longer limited to our planet.”

Garan delivered the opening keynote address to an audience of more than 1,300 on Sunday evening in Washington, D.C., at NACD’s Global Board Leaders’ Summit, the world’s largest gathering for corporate directors.

Beyond Limitations

Four decades later, Garan’s childhood dream became reality. He had trained with NASA to become an astronaut himself. “That first day in space when I got to take a look at our planet, [I] was absolutely breathless.…What I felt was an incredible sense of gratitude. Being physically detached from the world made me feel closer to the people on it—more interconnected.”

Reflecting on his second space mission, Garan remembers similar feelings of gratitude, but that gratitude was coupled this time with internal struggle. The technological advances that make space flight not just possible but routine offer the potential to solve some of the world’s biggest problems. Yet, Garan pointed out, some people on this planet still do not have access to basic resources like clean water.

“These days we’re more connected than ever, and the Internet is the backbone,” said Garan.  “The Internet can be our nerve center, enabling us to solve problems in an entirely different way.”

Collaboration

Garan further explored that challenge in his third mission, when the seeds to a solution began to root. The answer? Collaboration. On this space mission, Garan was weightlessly floating about 100 feet over the International Space Station, attached to the craft’s large robotic arm. That station represents the collaborative innovation of 15 nations—including the United States, Canada, Japan, the Russian Federation, and 11 European nations—that have, at times, been at odds with each other politically and ideologically.

“What would it look like for us to have that kind of collaboration here on the [Earth’s] surface?” Garan asked. “Collaboration doesn’t mean we agree on everything. What it does mean is that we find the things we do agree on so we have a platform to work [from in order] to address the things we don’t agree on.”

Risk: Necessary for Innovation

But innovation and collaboration don’t come without risk. As a highly decorated fighter pilot, Garan had run several missions and trainings in which he’d successfully flown and had no mechanical problems in flight. Then one day, while piloting a jet during a routine takeoff, he heard a loud pop that jolted him. He very quickly realized his engines no longer had any usable thrust. Garan tried to land in a wooded area and quickly realized that he had no need to be in the jet at that point. Seconds before impact, he ejected and his life was spared.

That incident, though life-threatening, did not change Garan’s outlook on life or risk. But the very next day, he was in flight and, because of a mechanical malfunction, had to conduct an emergency landing. After having completed thousands of flights, he’d had emergencies two days in a row. The second day is when the idea of what it means to take risks sunk in.

Before ever entering a plane or spacecraft, one must decide if doing so is worth the risk. The same is true for business leaders who want to innovate and collaborate. When NASA is planning a mission, they consider every possible issue that could go wrong and develop a response plan that’s ready and waiting to be activated. Boards should do the same. Similarly, a great idea on the shelf can only provide value if it’s activated. “Ideas are overrated. There’s got to be a streamlined path to action,” Garan shared.

“Any change involves some level of risk,” Garan said. “Any innovative business strategy must involve risk. Collaboration can help mitigate risk and also provide an engine for growth.”

Implications for Businesses

It’s important for businesses to understand that we don’t live on a globe; globes are just abstract lines on a map, Garan shared. We too often think of the world in terms of it being about business and economy supporting a society that sustains a planet, he said. “Instead, we live on a planet that sustains a society that has built an economy.” Understanding that concept is adopting what Garan calls an “orbital” view.

It’s time that enterprises realized that it’s good business to care about issues like sustainability and corporate social responsibility (CSR)—beyond just doing it to boost a brand or reputation, Garan shared. Issues like CSR should be part of a company’s DNA now, not just for future generations, he added.

The retired astronaut described how, on his last space mission, his spacecraft entered back into the Earth’s atmosphere and landed on its side. “Now out of my window, I saw a rock, a flower, and a blade of grass. I was home. In Kazakhstan, nonetheless,” he said. “I wasn’t in Houston, where my family was. But I was home and had a different idea of home.”

Thinking of the planet as “home” may be what’s required to actually make one small step for directors and one giant leap for corporate governance.

Three Ways to Build a Strategic-Asset Board

NACD Blog Feed -

The business environment is rapidly and fundamentally changing—and directors are expected to keep pace. In response to this state of extreme volatility, the Report of the NACD Blue Ribbon Commission on Building the Strategic-Asset Board explores how boards can position themselves to capably usher their companies into the future by focusing on continuous improvement. At the 2016 NACD Global Board Leaders’ Summit, Commission co-chairs Bonnie Hill, director of California Water Service Group and former Home Depot lead director, and Richard H. Koppes, director of NACD and the Investor Responsibility Research Center Institute and former deputy executive officer of CalPERS, discussed the Commission’s key findings with NACD Director of Strategic Content Development Robyn Bew.

Members of this year’s Blue Ribbon Commission came to a consensus early in their discussions that “board refreshment”—an increasingly popular term in the corporate governance community as various stakeholders turn their attention to board composition and director turnover—is a limiting, and even simplistic, concept. Instead, directors need to figure out how they can make themselves strategic assets to the companies they serve by instilling a continuous-improvement ethos into the culture of the boardroom. Over the course of the conversation, Hill and Koppes suggested that directors consider the composition and functionality of the boards in the following ways:

How do directors’ skills need to align with company strategy? Businesses evolve rapidly, and boards need to respond in kind. Here, directors need to consider how they are keeping abreast of the issues facing their organizations and whether the skills that initially garnered them a seat at the boardroom table still align with the current and future direction of the company. Sometimes this means deciding to leave the board.

Internally, new-director onboarding practices provide an opportunity to communicate about the board’s culture and governance principles, including reinforcing the idea that board service is not a lifetime appointment. Externally, boards can communicate to stakeholders that a director’s departure was in keeping with the board’s governance practices and does not reflect poor service on the director’s part.

What are the board’s processes for continuous improvement? Maintain a pipeline of boardroom talent and have a multi-year succession plan in place so that open board seats can be filled with highly capable candidates. These plans should include designating successors for committee chairs and the independent chair or lead director. For sitting directors, continuing education programs can help to refine or amplify skill sets. Evaluations, including at the individual-director level, are essential tools for continuous improvement when they are conducted regularly and periodically involve an independent third party. They help ensure that the board’s processes are functioning well, enable directors to be more nimble in their own self-improvement, and ultimately fine-tune the board’s strategic contribution to the organization.

How do stakeholder perspectives affect the board? Shareholders—especially institutional investors—are paying closer attention to issues surrounding board composition. Considering that institutional investors read thousands of proxies each year, the onus is on individual boards to effectively communicate how each director makes valuable contributions. More and more leading boards are going beyond the basic biographical information required by the SEC and listing exchanges and providing additional context. In addition, if there is any concern that a director slate could be a point of concern for investors, boards should reach out to those constituencies well in advance of proxy season to explain their position. Should investor dissatisfaction with the board lead to an activist engagement, panelists agreed that, while sometimes both parties ultimately agree to disagree, the board needs to hear out that point of view and seriously consider if their position might add value.

For detailed recommendations on how to enhance your board’s continuous-improvement processes in seven key areas, download the Report of the NACD Blue Ribbon Commission on Building the Strategic-Asset Board. In addition, read this article from the current issue of NACD Directorship magazine for more insights from Bonnie Hill and Richard Koppes on the creation of the report.

Maximizing Talent to Create a 21st Century Board

NACD Blog Feed -

Identifying what expertise is needed on the board and orchestrating different—if not conflicting—points of view into constructive conversation can be a challenge. During a session at the second annual NACD Diversity Symposium on the opening day of the Global Board Leaders’ Summit in Washington, DC, panelists James Lam, director and chair of the risk oversight committee at E-Trade Financial Corp. (E*TRADE); Myrna Soto, director of Spirit Airlines and CMS Energy Corp.; and Charlotte Whitmore, vice chair and chief, brand strategies, of Analytics Pros., discussed how boardroom talent and a robust mix of perspectives are critical to ensuring a company’s success.

Conversation centered around two themes:

1. Striking a Balance. When considering the future needs of the company, Lam recommended that directors think about their business and its risk profile and then consider the following questions: “What are the key megatrends that will impact the business?” and “What director skill sets will be needed to mitigate this potential impact?”

Considering the continuously growing list of threats and disruptors facing businesses—such as cybersecurity, globalism, and climate change—some boards debate the need to focus on recruiting subject-matter experts to help them oversee these risks. But panelists agreed that new perspectives should replace long-standing expertise.

“Seasoned directors can be a voice of reason,” Soto said. “New executives can be what you need to push the strategy. When you have that diversity of thought, you really challenge the strategy, but it comes down to the nominating committee and how it thinks about what the next director is going to bring to the table.”

Drawing on her own experience, Whitmore concurred. Whitmore is cofounder of the data analytics start-up, Analytics Pros, and knows what it’s like to both recruit directors whose business experiences are different from her own and to be recruited to a board because of her particular expertise. At her own company, Whitmore said she has learned from more seasoned directors that taking actions to grow the company too quickly might do more harm than good. “They bring a sensibility to corporate culture that’s not just about driving results,” she said. In her role as a director, she said her older colleagues often look to her data-analytics savvy to discover new ways to support the organization.

2. Facilitating Dialogue. Having diverse perspectives around the board table does the company no good unless they are heard. Effective director onboarding is vital to acquainting a new director with the company and establishing both the board’s expectations of the new recruit and what that director expects of fellow board members and management. A director’s ability to successfully contribute to the conversation is contingent on the conditions on which they were onboarded. Soto said that she turned down several directorships based on what she learned about the companies’ governance structures. Lam recalled having his own agenda during his onboarding at E*TRADE, ensuring, for example, that he was able to meet with the risk committee and senior management.

In addition, the lead director plays the very important role of ensuring that all directors are heard. When new directors are called upon to join the board of a company in crisis or during a transition—such as a CEO succession—the lead director can be instrumental in managing and balancing the perspectives and experiences represented around the table and getting the full board to a point where it feels comfortable not only in making major decisions, but also in communicating those decisions to stakeholders outside of the boardroom.

Unlocking Innovation Through Diversity

NACD Blog Feed -

The first panel at the 2016 Global Board Leaders’ Summit’s Diversity Symposium provided directors with real-life examples and related metrics from four executives who have successfully linked diversity with competitive advantage.

Leslie Mays, partner at Mercer, moderated the panel that included Rohini Anand, senior vice president and chief diversity officer, Sodexo; Phillip Goff, president and cofounder, Center for Policing Equity; Herschel R. Herndon, founder and president, HRH Global Connections; and Sonya F. Sepahban, director, Genomenon and Cooper Standard.

The panel suggested four essential steps to build a more diverse workforce and create value through innovation.

Start With the Board

Anand noted that because the Sodexo board does not take its commitment to diversity lightly, performance metrics for the CEO are directly tied to diversity initiatives. Sodexo, a facilities management company, sets ambitious recruitment goals across every department, with the aim of achieving a C-suite consisting of at least 40 percent women by 2020. The CEO’s commitment to Sodexo’s diversity goals has in turn driven deeper engagement in diversity and inclusion at all levels of the company. The result? Anand said that the division of Sodexo that she leads has realized $1 billion in new business that can be directly tied to the company’s diversity and inclusion efforts.

Set the Metrics for Innovation

Herndon defines innovation as “anything new that creates value.” The value of a more inclusive workforce will be revealed if specific business practices are established:

  • Tie recruiting metrics to the statistical makeup of the market the company serves—or seeks to serve.
  • Monitor if and how diverse talent is being cultivated through the leadership pipeline.
  • Establish new-business lines targeted to previously underserved populations and then track their success.
  • When planning strategy, challenge your board to keep diversity top of mind.

Work to Remove Biases

Goff noticed that workers at a company he consulted to performed with greater efficiency when paired with a coworker of the same race. These workers had little training in how to work with someone who was not from their own background, and when paired with a colleague of a different race, faced tensions that slowed their work.

To realize the full economic value of diversity and empower teams to do their best work together, companies should provide training in how to overcome unconscious biases and in how to be mindful of tensions caused by misunderstandings when evaluating workers’ performance. “Bias can be baked in,” Goff said. “If we define all the things we care about and measure based on them, we will see greater success.”

Inclusion Must Be Pervasive

Sepahban, who currently works closely with start-up companies and venture funders, said that while only 12 percent of venture capital is awarded to companies with diverse leadership, companies with at least one woman founder performed 63 percent better than those without a woman leader based on exit valuations.

To change the tide towards inclusion at start-ups and larger companies alike, Sepahban urged her fellow directors to make inclusion pervasive. “This isn’t someone else’s job,” she said. “Even with all the great work done by diversity leadership, it’s still everyone’s job. Leadership should educate all to ask themselves what they are doing to help.”

3 Tips for Finding Your Next Board Seat

NACD Blog Feed -

Finding a public company board seat can be difficult, to say the least. After all, there are only about 4,381 public companies listed in the U.S., each with about 7.5 seats held by nonexecutive directors. Combine that with a low rate of turnover for the directors already occupying those seats—about 8.5 years in the S&P 500—and approximately 3,866 public board seats become available each year for independent directors. To put that in context, just 339 new board seats became available in the Fortune 500 in 2014, with 67 percent of those seats filled by current and former CEOs and CFOs.

With the limited number of seats available on public company boards, NACD recently released a memo, called Director FAQ: Finding Your Next Board Seat, detailing five key strategies to help you find your next board seat. We’ve summarized three of those strategies below:

  1. Evaluate the current demand for board seats and what company type your corporate experience is most suited to.
  • Nonprofit Boards: Nonprofit board service—though often uncompensated—is rewarding in its own right and a great way to meet directors who can, in turn, be points of introduction for other board seats.
  • Private Company Boards: More than 99 percent of all U.S. companies are privately owned. Serving on the board of a start-up or small private company can be a great place to learn how to be a director, especially with the venture-backed and private equity firms establishing the governance structures at these companies.
  • Public Company Boards: Although there are only a few thousand public companies in the U.S., non-U.S. companies that are headquartered and conduct business abroad, but are listed on U.S. exchanges, may be particularly interested in directors who understand U.S. listing requirements and who can help satisfy independence standards.
  1. Strengthen your personal brand.

Take the following steps to help you develop your personal brand:

  • Become a recognized subject-matter expert by speaking at conferences and publishing articles.
  • Conduct an Internet search of yourself and analyze the results to determine if there is anything damaging to your reputation and how you will mitigate it.
  • Keep your LinkedIn profile current and include a photo of yourself.
  • Design your résumé for a directorship position, not an executive position, by describing what you can bring to the boardroom.
  1. Formulate a comprehensive networking approach.

In the 2015–2016 NACD Public Company Governance Survey, 38 percent of respondents indicated that personal networking or word of mouth were the most valuable methods of identifying their most recently nominated director.

When networking, target a number of individuals:

  • Your CEO may have recommendations for where you may serve that would be complementary to your current role.
  • Executive assistants you meet at conferences are often able to put you in touch with directors you would otherwise be unable to track down.
  • Your working relationships at law firms, consulting firms, and banks may pass along your information to other businesses they work with.
  • Shareholder activists need independent directors to place on boards of the companies they target.
  • Venture capital and private equity firms look for independent directors to lead their companies toward an IPO.
  • Contacts at potential boards can provide advice about the kind of board you would be suitable to serve.

NACD’s Global Board Leaders’ Summit, beginning this weekend in Washington, DC, includes a workshop on Landing Your Next Board Seat this coming Monday, September 19 at 2 p.m. To register for the NACD Summit, please visit NACDonline.org/Summit.

Global Volatility Seems Limitless

NACD Blog Feed -

This is the second of a three-part series looking at the global economy and uncertainty in 2016. In our first post, we addressed the challenges of slow growth in developed and emerging markets.  In our next post, we will focus on the outlook for 2017.

DJ Peterson, President, Longview Global Advisors

Businesses need supportive, stable political and legal institutions to prosper, yet the global landscape has become increasingly unstable as many once-implausible events have become realities.

Since the start of 2016, the United Kingdom has voted itself out of the European Union. The U.S. Republican Party is pulling itself apart over policy and personalities. In Europe, fences are replacing open borders and Jihadi terrorists are targeting festivals, shopping centers, churches, and other public gathering places. Investors pay to lend their money to governments even as debt risks mount.

In conversations, business leaders and directors repeatedly express surprise and concern at the turn of events. What’s fueling this instability? Are recent events indicative of a “new normal,” a brief detour, or a transition to a new equilibrium? And, as the end-of-year business strategy season approaches, what should corporate directors and executives focus on?

Each country has unique characteristics, but there are some important interdependencies. Four powerful, converging political forces are at play.

1. Slow growth is fueling political volatility

As noted in a previous post, global growth has been muted and uneven since the global financial crisis, prompting some economists to ask whether the world has entered a period of “secular stagnation.” Energy and commodities exporters such as Australia, Brazil, Russia, and countries in much of Africa have been particularly hard hit.

Economic hardship often leads to political volatility, but there is a larger political force at play today: A lack of policy consensus and latitude. To turn the situation around, global financial institutions have been calling on governments to undertake bold structural reforms and assertive stimulus measures such as investing in infrastructure. But thanks to large debt piles and continuing calls for austerity from fiscal hawks, big spending increases are not politically feasible in the U.S. and Europe. Emerging markets dependent on commodities exports have been forced into belt-tightening mode as well. The inability of governments to reignite growth has forced central bankers to step into the breech with extraordinary measures.

Policymakers struggle to reignite growth, people are disaffected, and the sum of this instability is the political uncertainty and volatility we are experiencing today.

2. Inequality is adding to political frustrations

Free market liberalism is predicated on creating economic opportunity, but the benefits have not been shared. In many countries, inequality has surged since the 1980s. More recently, quantitative easing, a response to slow growth, has lifted a few boats greatly. In the past, governments often played the role of an equalizer; now proximity to political power is seen as conferring huge economic benefits, creating the belief that “the system” is not fair.

Free trade could be a casualty of increasing inequality and diminished opportunity. The perception that the benefits of globalization accrue disproportionately to certain segments of the population while the losers are left to fend for themselves is pervasive. Anti-immigrant sentiment is another by-product of limited opportunity.

Animosity towards politically connected elites in authoritarian markets is kept in check by repression. Open societies may be more at risk to economic and political polarization. As we see with Brexit, the pushback against globalization, and with the rise of anti-immigrant pressures, middle-ground policy pragmatism—a hallmark of stable democracy—is losing credibility in a world of economic resentments.

3. Populists are exploiting the governance gap

The widespread belief that establishment elites are incapable of solving important problems has created a volatile atmosphere where disaffected voters are willing to take risks and throw wrenches.

Private sector entrepreneurs exploit gaps in the market and find new ways to satisfy needs. Political entrepreneurs do the same in the public sphere: They take advantage of volatility, peddle new solutions (often from both left and right), and break rules.

Dramatic, frustration-driven policy stances of political entrepreneurs make compelling platforms—such as Philippine President Rodrigo Duterte’s anti-drug dealer campaign and French presidential candidate Marine Le Pen’s anti-immigrant stance. Donald Trump and Bernie Sanders are political entrepreneurs too.

But that’s only half the story. In this context, calls for pragmatism and staying the course (“Vote Remain!”) from establishment figures sound tired, if not suspect.

4. Social media is catalyzing volatility

Thanks to social media, populists can peddle their ideas with greater ease than previously seen, without having to adhere to the agenda of establishment media and institutions. (The self-described Islamic State is the most extreme example.) Being provocative is essential to gaining visibility in today’s crowded media landscape and this imperative promotes extreme points of view and places pressures on policymakers to react—even though in representative democracies governments are designed to be deliberative and consensual.

Just as individuals may be overwhelmed by the pace and quality of information flows, so too can governing institutions that were built to be slowed by checks and balances. Few would say policymaking in the U.S. has improved over the past couple of decades thanks to better information. Nationalism, ethnocentrism, and religious animosities seem more powerful than ever.

What can corporate directors do?

Western multinationals can no longer take political stability for granted. In these volatile times, directors have an important role to play in asking the right questions and discerning material risks and opportunity in a time of uncertainty.

  • Integrate political and economic risk assessment into corporate strategy setting. The political forces outlined above are unlikely to change in the foreseeable future which suggests a number of scenarios. Slow growth and low interest rates are likely to persist. The U.S. presidential election is unlikely to fundamentally change the country’s political climate for the better—indeed, it could lead to more disaffection, polarization, and gridlock. Uncertainty will increase in Europe with Brexit negotiations and national elections in France and Germany in 2017. Boards should pressure test macro-assumptions from management about the external environment affecting strategy over the next 12-24 months. What are the most important moving variables and how will they affect growth prospects?
  • Look for pockets of opportunity. Volatility creates opportunities as well as risks. Good governance and sound policies are differentiators between countries poised to sustain relatively stronger economic performance, and those that will continue face serious challenges in volatile markets. Watch for improving and more agile governance in Brazil, Columbia, Argentina, India, and Myanmar.
  • Evaluate the firm’s societal commitments. Proactive companies are seeking to address today’s societal challenges rather than just defend themselves from risks. There is a business case for promoting more inclusive growth: Work by International Monetary Fund researchers has shown that, around the world, higher levels of income inequality are correlated with slower growth. Higher wages support increased consumer spending and broader prosperity. On the other hand, failing to address inequality and other societal ills risks lowers productivity, and leads to more regulation, taxation, and labor radicalization.

NACD’s Global Board Leaders’ Summit, themed around the issue of convergence, will have dedicated sessions on global economic and political disruption, featuring subject-matter experts and seasoned directors. Review the Summit agenda to attend Peterson and others’ sessions addressing global disruption.

Private Company Snapshot: Priorities Vary by Company Type

NACD Blog Feed -

Strategy, corporate performance, and corporate growth or restructuring were the most commonly cited governance priorities overall for respondents of the 2015–2016 NACD private company governance survey. But a closer look at the results by the type of business reveals distinct differences in director concerns.

This year, NACD for the first time published its survey report in three separate volumes organized around major ownership structures—family, investor, and employee-owned—to provide more customized analyses that address challenges specific to each company type.

Survey findings are drawn from some 712 responses to a questionnaire e-mailed to NACD members serving on private company boards representing each of the three ownership structures. The questionnaire was in the field between March and May 2015.

Family Business Boards

NACD’s survey results indicate that the boards of family businesses are likely to view long-term strategy and value creation as their top priorities. When considering executive performance horizons, a large portion of respondents from family business boards (49%) define “long-term” as more than three years. Twenty-four percent of respondents identified leadership development as one of the three most time-consuming tasks for their board, alongside strategic planning and corporate performance.

The results also indicate that despite their attention to long-term strategy and leadership development, 24 percent of family business boards do not have a formally written CEO succession plan. The lack of such a plan can complicate the effective transfer of leadership, whether between generations of family executives or from the family to outside management.

For guidance on effective practices for family business boards, see NACD’s handbook The Family Business Board, Volume 2: Governance for Agility and Growth.

Investor-Owned Company Boards

Boards of investor-owned companies or those that are supported by venture capital or private equity firms may comprise a mix of founders, management, and investors, depending on the company’s stage of development.

Venture capitalists and private equity firms, by the very nature of their work, are especially focused on results: they want the valuation of the company to increase, oftentimes at a quick clip. Not surprisingly, investor-owned company boards rigorously scrutinize the performance of the company and its executives. The majority of directors at investor-owned companies (61%), closely monitor profits, while 37 percent monitor sales to gauge the company’s performance and determine executive pay.

A significant 33 percent of respondents use cash flows, which offer insight into where and how the company generates income and how its cash is being deployed. The focus is not solely on financial metrics; 44 percent of investor-owned companies also use customer satisfaction as a gauge of the company’s strength.

Employee-Owned Company Boards

Executive talent management ranks as a high priority for the boards of employee-owned companies, which are owned at least partially by their employees, either directly or indirectly through a trust. The vehicles for employee ownership can take several forms, including employee stock ownership, stock options, and profit-sharing plans.

While profits and sales remain important metrics, a large number of respondents from employee-owned companies use metrics related to employee morale (52%) and employee turnover (32%). The prevalence of these metrics was particularly notable among employee-owned companies.

For further coverage of the private company surveys, please see the forthcoming September/October 2016 edition of NACD Directorship magazine.

To download NACD’s surveys of private companies or view guidance and tools for private companies, please visit the Resource Center for Private Company Governance at www.NACDonline.org/privatecocenter.

 

The Keys to Guarding Reputation

NACD Blog Feed -

Jim DeLoach

Reputation is a precious but fragile enterprise asset. What takes decades to build can be lost in a matter of days once the spotlight shines on unethical or illegal practices that place an organization’s stakeholders or the public at risk. Environmental catastrophes, financial restatements, fraudulent reporting to regulators, massive product recalls, efforts to mislead investors, and other highly publicized events erode brands and impair reputation. We define reputation risk as the current and prospective impact on earnings and enterprise value arising from negative stakeholder opinion.

We see 10 key functions of the board’s oversight of reputation risk management, and classify them in five critical areas below.

Strategic Alignment

  1. Effective board oversight – Reputation risk management starts at the top. Strong board oversight on matters of strategy, policy, execution, and transparent reporting is vital to effective corporate governance, a powerful contributor to sustaining reputation, and is the ultimate checkpoint on CEO performance. The board’s active risk oversight effort is important because effective, early identification, and management of risks can reveal major threats to the company’s reputation and ensure that the threats are reduced to an acceptable level.
  2. Integration of risk into strategy-setting and business planning – The board must ensure that risk is not an afterthought in the strategy-setting and business planning processes. Integrating awareness of risks with core management processes makes risk a relevant factor at the decision-making table, facilitates a big picture view to undertaking risk, and intersects risk management with performance In an effort to make the strategy more robust, directors should understand the critical assumptions underlying the strategy; ask tough, constructive questions to challenge assumptions; and consider plausible scenarios that could render one or more assumptions invalid.
  3. Effective communications and image- and brand-building – Building brand recognition unique to a business is vital and, when all else is working well, augments reputation. A good story is easier to tell than one with flaws, but every savvy board knows that some companies are better at telling their stories than others. Therefore, directors need to understand management’s image- and brand-building game plan and how significant changes to that plan could present a significant risk to the company’s reputation.

Cultural Alignment:

  1. Strong corporate values, supported by appropriate performance incentives – The notion that, if tone at the top is good, the organization’s culture must be good, doesn’t always hold. Lower-level employees often pay more attention to the messaging and behavior of their supervisory middle managers than to communications from the organization’s leaders. Boards need to ensure that executive management implements a strong tone at the top, effective escalation processes, and periodic assessments of the tone in the middle and at the bottom. Directors need to ensure that management is paying attention to warning signs posted by independent risk management functions and in audit reports: failure to give these warning signs adequate attention on a timely basis reflects on the tone set by executive management. For example, the executive leadership of Barings ignored warnings from internal audit of the consequences of the lack of segregation of duties in its Singapore operations because those operations were making the bank a lot of money. Ultimately, the hidden trading losses took down the institution.
  2. Positive culture regarding compliance with laws, regulations and internal policies – Few incidents undermine reputation more than serious, highly publicized compliance violations. Directors should ascertain that effective internal controls – including monitoring processes and robust training of employees – over compliance matters are implemented and executive management: “walks the talk” with respect to compliance; periodically conducts a comprehensive risk assessment; refreshes the compliance program for changes arising from new regulatory developments; and understands the players and third-party agents in countries in which the organization does business and monitors their dealings closely.

Quality Commitment:

  1. Priority focus on positive interactions with stakeholders – The board should ensure that there is a passionate focus on improving stakeholder experiences. These are the accumulation of day-to-day interactions that customers, employees, suppliers, regulators, shareholders, lenders, and other stakeholders have with a company as a result of its business operations, branding, and marketing. These interactions constitute moments of truth that, if internalized and acted upon, provide a powerful driving force for improving and sustaining reputation.
  2. Quality public reporting – The markets take quality public reporting at face value. Once a company loses the public’s confidence in its reporting, it’s tough to earn it back. These points suggest that a strong audit committee is an imperative.

Operational Focus:

  1. Strong control environment – A critical component of internal control, the control environment lays the foundation for achieving operational, compliance and reporting objectives. In addition to the board’s oversight and the organization’s commitment to integrity and ethical values, as mentioned above, the control environment consists of: the organizational structure and assignment of authority and responsibility; the processes for attracting, developing and retaining appropriate talent; and the rigor around setting the appropriate performance measures, incentives and rewards that drive accountability for desired results. Embarrassing control breakdowns can tarnish reputation; therefore, boards should demand a strong control environment.
  2. Company performance relative to competitors – Market recognition of success is a huge validation of a company and its management team. Recognition of differentiating strategies, distinctive products and brands, proprietary systems, and innovative processes are intrinsic sources of value that can translate into superior quality, time, cost, and innovation performance relative to the company’s competitors. However, significant performance gaps can diminish reputation if not addressed in a timely manner. These factors should weigh heavily on a board’s evaluation of company performance over time.

Organizational Resiliency:

  1. World-class response to a high-profile crisis – Sooner or later, every company is tested. No company is immune to a crisis. As a crisis event is a severe manifestation of risk, crisis management preparation is a natural follow-on to risk assessment, particularly for high-impact risks with high velocity, high persistence, and low response readiness. The board should ensure that the risk assessment process is designed to identify areas where preparedness and a response team are needed. Fires cannot be fought by committee.

While a one-size-fits-all approach does not exist, the 10 keys listed above offer boards a framework for focusing on whether executive management is focused on the appropriate fundamentals for enhancing and preserving the enterprise’s reputation.

Jim DeLoach is managing director with Protiviti, a global consulting firm. 

Subscribe to Lonergan Partners aggregator - Boards & Governance