Archive for the ‘Corporate Governance’ Category

Recalibrating the Dialogue on Strategy Development

October 13th, 2014 | By

Rethink strategy. Briefly, that sums up the message in NACD’s new Blue Ribbon Commission Report on Strategy Development released today at the 2014 Board Leadership Conference. It is well known that the operating marketplace is fast-paced, volatile, and more dynamic than ever before. Companies must be able to react to disruptive forces quickly and correctly–the inability to do so is a real risk to an organization’s health and longevity. And yet, the role of the board in strategy has not evolved to meet the accelerated pace of business. Many boards still oversee strategy development with a “review and concur” approach: management creates a fully formed strategy that is presented to the board for approval with little discussion, and reviewed on an often annual basis.

How, then, can boards become more engaged in the strategy development process without crossing the line into management’s purview? To answer this question, earlier this year NACD convened a group of leading directors, strategy experts, and investors. At the second panel of the day, commission co-chair Raymond Gilmartin, former chairman, president, and CEO of Merck, commissioner Barbara Hackman Franklin, director of Aetna, and Bill McCracken, former chairman and CEO of CA, discussed with Wall Street Journal’s Management News Editor Joann Lublin the key recommendations from the report. These include:

Move to a higher level of engagement in the strategy formulation process. Gilmartin noted that moving past the “review and concur” model is important in light of unpredictability, uncertainty, and the unthinkable. “As directors, we are responsible for the creation of shareholder value, and also the long-term survival of the firm,” noted Gilmartin. “Failure in strategy is the reason why firms fail.”

Engage early with management, and continually. As strategy is formulated and reformulated, Franklin observed that boards need to engage on the underlying assumptions, strategic alternatives that are being considered, the risks involved, and how you manage success or not. And after there is concurrence with the board and management, at every board meeting there should be an update. “In effect, the strategy discussions are going on all year,” summarized Franklin.

Prepare for the future. In addition to becoming more engaged in strategy, McCracken stressed the importance of preparing for the future. Board agendas should be created to discuss the environment, competitors, and opportunities for innovation. “Often, activist investors are coming after [boards] for a lack of bold innovation on the behalf of directors.”

Putting It Into Practice

Panelists also discussed how they have incorporated the report’s recommendations at their respective boards. These areas include:

Director Knowledge and Education

Optimal engagement in strategy development necessitates that directors have the knowledge and context to understand the information presented by management, which requires continual education. From his experience on the board of General Mills, Gilmartin encouraged directors to visit plants and operations to gain context and the ability to interpret reports. Boards need to have a framework to interpret current events, and a common language so that they can discuss it with management.

Board Composition

Gilmartin stressed that boards “really must understand what the capabilities are and what skills are needed to effectively oversee this strategy.” While the board of General Mills does not use individual director evaluations to assess director effectiveness, Gilmartin believes that because of the interactiveness of the board “director evaluation occurs in every meeting with how they participate.”  

Director Time Commitment

Board agendas are packed with little time for discussion–how can directors be encouraged to make the time for more engagement in strategy development? “A board that makes strategy a priority will spend the time on it–this doesn’t require persuasion,” observed Franklin. From her experience, the shift to becoming more engaged in strategy didn’t happen overnight at Aetna. Now the process begins with several meetings on underlying assumptions to the strategy that leads to a full day session on the plan. Once we get to the [full day] meeting we all own it–not just management. After selecting a strategy, the Aetna board receives an update on the plan at every meeting and a deep dive on one element of the strategy.

Board/C-Suite Relations

Panelists noted that as the board moves to a more engaged role in strategy development, management may feel defensive or territorial. Having served as both the non-executive chair and then CEO of CA, McCracken has experienced this situation from both viewpoints. As non-executive chair, McCracken observed: “I set up things for the board to engage more in strategy once I became CEO.” To move CA from a mainframe company to the cloud, McCracken created a task force of directors who knew the industry best and experts from management–encouraging the board to become more engaged. “Then when I was CEO,” McCracken recalled, “the then-elected chair asked me ‘what do you think of this activist board’? I said: I created it–I’ll have to live with it.

The Report of the NACD Blue Ribbon Commission on Strategy Development can be found at the NACD Library.

NACD’s Second Small-Cap Forum Helps Directors Understand the Risks and Responsibilities of a Growing Business

August 6th, 2014 | By

The majority of companies in the United States are small cap, defined as companies below $500 million in market capitalization. While they are rich in ingenuity, small-cap companies have unique challenges that can be daunting for any board to manage. With smaller staffs and fewer resources than their large-cap counterparts, the time and talents of company executives are spread thin in the face of pressure for fast growth in an uncertain economic environment. This July, NACD, in partnership with Epsen Fuller Group, Fenwick & West, and Latham & Watkins held its second Small-Cap Forum. Over the course of a day, a collective of experts helmed six sessions at San Francisco’s Four Seasons Hotel to dissect the directors’ role in helping to build their companies. The following are three themes that emerged from the presentations:

Plan ahead. Many small-cap companies make the mistake of placing too much emphasis on budgeting. Innovation rarely, if ever, emerges from evaluating figures. Shift gears to take a close, hard look at your company and think about creating a strategic plan. A plan should ideally map out the next five years of the company—no fewer than three—and determine what resources are needed to meet those goals. Allot plenty of time outside of regular meetings to discuss various game plans, setting milestones to review the strategy.

Work with the founder. When assessing and building out the company’s long-term goals, the board also needs to pay attention to management. Small-cap companies often have a culture centered on the founder/CEO, and while that person’s innovative and entrepreneurial drive may have been enough to give legs to a nascent business, those skills may not be aligned with the firm’s needs and goals in subsequent stages of growth. That said, the board shouldn’t write off the leadership already in place. Building support around the C-suite can help enable the CEO to succeed in an increasingly expanding role, or to step down with dignity if required. By extension, start looking within the company for talent that can take the reins in the next three to five years. Broaching this topic can be highly sensitive; however, the longer a leadership gap exists at the CEO level in a small-cap environment, the greater the risk of a succession crisis.

Mind the gaps. The purpose of board-level committees is to share the workload so that board members can effectively “divide and conquer”; however, small-cap boards are traditionally half the size of a large-cap company—so small that the same directors frequently serve on multiple committees. Stretching resources this thin means that there is zero room for non-contributing directors, or else the board runs the risk of being unable to carry out its responsibilities effectively. Small-cap boards should create a skills matrix that charts each director’s areas of expertise—and reveals where the board’s collective knowledge base may be lacking.

A small-cap board should also put forth the effort to bridge the gap between the company and its shareholders. Any opportunity to engage with and better understand your shareholder base is a good idea, and is a particular imperative in the small-company environment where ownership may be more concentrated. Also realize that many small-cap boards become targets of activist investors. Prepare for those interactions not only by doing due diligence on activists’ investment styles and track records, but also by being willing to listen to the activists’ points of view.

Look for a full recap of the Small-Cap Forum in the September/October 2014 issue of NACD Directorship magazine.

Voluntary Public-Private Partnership on Cyber-Risk Oversight

July 30th, 2014 | By

On Tuesday, the U.S. Department of Homeland Security selected and posted the NACD Director’s Handbook on Cyber-Risk Oversight on the Critical Infrastructure Cyber Community (C3) Voluntary Program website. At a press conference yesterday, four panelists, Ken Daly, president and CEO, NACD; Mark Camillo, head of cyber products for the Americas Region, AIG; Larry Clinton, president and CEO, ISA; and Dr. Andy Ozment, Assistant Secretary for Cybersecurity and Communications, DHS, spoke generally about cybersecurity as an issue for directors, and specifically about the contents of the handbook, created by NACD in association with AIG and ISA, which focuses on cybersecurity oversight at the board level.

Larry Clinton observed that the first of two goals for combatting cyber risks at board level is to raise awareness of cybersecurity as a risk directors must oversee. NACD has been actively engaged in educating the board member community on cyber issues for some time. In summer 2013, The Art of Cyber War graced the cover of NACD Directorship, followed by coverage in subsequent issues; NACD has held multiple roundtables and events focused on cybersecurity issues, including a day-long cyber-risk summit in Chicago, and has built the topic into the flagship Master Class program. In addition to the director’s handbook, other recent NACD thought leadership includes the white paper Cybersecurity: Boardroom Implications and a video series focused on technology and cybersecurity.

On Tuesday, Dr. Ozment emphasized the fact that cyber risks affect organizations of all sizes, sectors, and industries, stating that a director who doesn’t know about cyber incidents falls into one of two categories: either “your CEO doesn’t think you care about cyber incidents,” or “your CIO doesn’t know about the cyber incidents.” He followed with, “unfortunately the bad guys are doing more for cybersecurity awareness than any one of us can do.” Clinton’s first goal, realizing the “why” of cyber-risk oversight at board level, has been scarred into directors’ understanding.

Clinton’s second goal is simple but even more challenging: we have to work together to “solve it.” According to the forthcoming 2014-2015 NACD Public Company Governance Survey, 90 percent of directors believe their boards’ understanding of cyber risk needs improvement. Though directors get the “why,” they need guidance on the “how,” advice practical to boards’ oversight of cyber risk.

The NACD Director’s Handbook on Cyber-Risk Oversight provides insight into the “how.” Daly stated that cyber “is simply another risk [that] fits within the enterprise risk management system.” Camillo indicated that the handbook’s five principles “can be used immediately” and applied to an organization’s existing ERM program:

  • Principle 1: Directors need to understand and approach cybersecurity as an enterprise-wide risk management issue, not just an IT issue.
  • Principle 2: Directors should understand the legal implications of cyber risks as they relate to their company’s specific circumstances.
  • Principle 3: Boards should have adequate access to cybersecurity expertise, and discussions about cyber-risk management should be given regular and adequate time on the board meeting agenda.
  • Principle 4: Directors should set an expectation that management establish an enterprise-wide cyber-risk management framework with adequate staffing and budget.
  • Principle 5: Board-management discussions about cyber risk should include identification of which risks to avoid, accept, mitigate, or transfer through insurance, as well as specific plans associated with each approach.

Daly further emphasized the “voluntary public-private partnership” between NACD, ISA, AIG, and DHS reflected in the fact that the handbook is the first, and currently only, private-sector document featured on the DHS C3 Voluntary Program website. The concept of cross-sector partnership to combat cyber risks is a centerpiece of the president’s 2013 executive order, Improving Critical Infrastructure Cybersecurity. The handbook’s release signifies that the partnership-based approach is bearing fruit and the private sector is taking responsibility for cyber risk. Dr. Ozment agreed, stating that “managing cybersecurity is a shared responsibility,” and this handbook demonstrates widespread acceptance of the NIST cybersecurity framework. The handbook’s creators’ combined cyber, risk, and governance expertise to provide recommendations, broadly applicable to directors of all economic sectors, for combatting a national and international problem.