Archive for the ‘Risk Management’ Category

Who Is Trying to Eat Your Lunch?

May 2nd, 2013 | By

Last year, NACD launched its fourth Advisory Council on Risk Oversight—the first of our councils not dedicated to a specific key board committee. In fact, less than 10 percent of public companies even have a committee dedicated to risk oversight. This advisory council was formed as the result of a simple observation: the responsibility of risk oversight has expanded significantly in the last several years. This council is not lacking for discussion topics—the nature of potential risks to an organization is evolving seemingly by the day. Directors need to know the strategies in place to not only mitigate but capitalize on the risks currently facing the company, and those predicted to present challenges in the future.

But that just accounts for what is on the board’s radar. At the second meeting of NACD’s Advisory Council on Risk Oversight held in collaboration with PwC and Gibson Dunn, the discussion went beyond current and predicted risks to the challenges of disruptive technologies and innovation. Increasingly, the most severe shocks have been largely unpredictable: extreme weather, the confluence of multiple events, or innovation that upturns the industry. As one delegate observed: “We haven’t spent much time on the [risk of] ‘I will eat your lunch with a completely different approach.’ Companies don’t sit down and think about who is going to attack from a completely different angle.”

In their oversight capacity, directors cannot constantly monitor the more detailed aspects of the business. Nor can “you anticipate what you don’t know.” Nevertheless, several delegates suggested that the appropriate risk oversight processes in place, coupled with a resilient culture that efficiently reports risks up to the board, can support directors in mitigating known and unknown risks. The meeting, captured in the 2013 Advisory Council on Risk Oversight Summary of Proceedings, focused on areas critical to effective risk oversight processes. These include:

  • Board processes and people. It is critical that the board not only has the right talent, but engages it fully. Directors should have a “real and thorough” understanding of the business to be able to effectively discuss both strategy and risk with management.
  • Recognizing asymmetric information risk. While the board has to be comfortable with the reality of information asymmetry, directors should establish tolerance levels for the level of asymmetric risk they are willing to bear, and look for signs of when this risk has become too high.
  • Engaging with management involved in risk reporting. For companies with a chief risk officer (CRO), that person can keep an “inventory” of risks throughout the organization. Additionally, directors can ask internal audit to identify what it believes will be “hot-button” risk areas.
  • Linking strategy to risk. The board’s oversight of risk should begin with an assessment of the company’s strategy and its inherent risks, which necessitates understanding and agreeing on the risk appetite, or the amount of risk the company is willing to accept.
  • Allocating the work of risk oversight. The significant increase in risks facing the board necessitates defining who will act as an “air traffic controller”—allocating risk oversight responsibilities.

Leading practices for risk oversight—including allocation of work and the development of a risk strategy document—will continue to be the focus points not only for this advisory council but also NACD’s Directorship 2020 initiative. To download the full summary of proceedings, click here.

Tags: , , , , , , , , , , , , , , , , , , ,
Posted in Risk Management | No Comments »

Inaugural NACD Directorship 2020 Event Convenes 100 Directors in NYC

April 11th, 2013 | By

Without a doubt, directorship has changed. In the last 10 years, the effects of legislation and regulatory activity such as Sarbanes-Oxley and Dodd-Frank have significantly expanded the role of the director. Taking into account the current trends of increased shareholder activism, heightened media scrutiny, emerging technologies, and disruptive innovations, it is expected that this role will continue to morph. As these shifts in the economy increase in amplitude and frequency, it is necessary for those in the boardroom to understand and prepare for the future structure of directorship—today.

With this in mind, NACD has launched NACD Directorship 2020 to help directors define and prepare for the emerging challenges and opportunities expected to impact boardrooms in five to seven years. More than an initiative, NACD Directorship 2020 extends from educational programs and roundtable exchanges to published research. Using topics informed by an advisory council composed of boardroom luminaries, academics, and governance experts, feedback from educational programs will shape ensuing research on leading practices for the future. In the coming months, several symposiums will be held across the nation, and the conversation will be continued at our annual Board Leadership Conference in October.

This week, NACD held the first of such symposiums at the Harvard Club in New York City. More than 100 directors attended the afternoon session to discuss two areas: the future state of the risk agenda, and how to select performance metrics that will engender sustainable organizational profit. The symposium was led by NACD President and CEO Ken Daly; Akamai Technologies Lead Director and Audit Committee Chairman Martin Coyne; and former Bell and Howell CEO, current NACD Director, and Northwestern University Professor Bill White. During the highly interactive sessions, questions were posed to attendees who were then able to discuss and provide thoughts among their peers. Takeaways from the event include:

  • Composition and resourcing is essential to navigating the current and future risks to the boardroom. With the right resources and information and the right people around the table, the boardroom can effectively engage in the critical issues.
  • Inherent in their role as part-time overseers, directors will always run the risk of information asymmetry: management has the full suite of information about the company’s operations that is then selected and parsed out to the board. The challenge for the board is to communicate its expectations on the type and amount of information it needs for effective oversight.
  • It is essential that directors trust, but verify. In the boardroom, the culture should be fostered so the executive staff feels they are able to report on the high-risk items and things that keep them up at night. To verify the information presented, directors should go beyond the C-suite, even outside the company. This can include meeting with the heads of business units, or gleaning outside sources of data.
  • In risk oversight, the board can informally meet with senior management and the internal audit team to develop a list of the top organizational risks. After these risks are identified, the board can have an executive session with an outside expert to gain more knowledge of the areas.
  • Industry experts on the board may not anticipate the disruptive technologies that have the potential to pose either a huge risk or opportunity to the company. While extremely valuable at the table, industry experts may not always be able to see beyond their acumen. Boards can recruit experts from other industries—who bring the perspective and knowledge of different risks and market forces—to serve as directors.
  • Total shareholder return (TSR) and financial and operational metrics reflect hindsight. These data can be bolstered with a healthy balance of “early warning” metrics derived from the company’s strategy, such as customer and employee satisfaction, dollar investment per employee, or retention.
  •  Metrics are the operationalization of strategy. If the strategy’s underlying assumptions are flawed, however, the metrics have less significance. Is the board looking at metrics that question the strategy itself? This could include a measurement of the organization’s adaptability changes in the marketplace.
  • Reputational and stakeholder risk is an area that should receive boardroom attention. Directors should encourage metrics that foster stakeholder engagement as a strategy for risk mitigation.
  • The long-term health of most companies is determined by its success in being innovative. The company should establish early warning metrics that monitor how its innovation systems generate sustainable cash flows.

The next NACD Directorship 2020 events will be held July 16 in Chicago and Sept. 10 in Los Angeles. Between events, NACD’s blog will feature viewpoints and research from our NACD Directorship 2020 partners—Broadridge, KPMG, Marsh & McLennan Companies, and PwC—that will take a deeper look into the emerging issues and trends that will redefine directorship.

Tags: , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Corporate Governance, Investor Relations, Risk Management, Technology | 1 Comment »

C-Who?

March 21st, 2013 | By

Late last year NACD released a white paper with McGladrey, Bridging Effectiveness Gaps: A Candid Look at Board Practices, which quickly became one of NACD’s most downloaded resources of 2012 and continues to be the most downloaded in 2013. The paper, based on four gatherings of directors and executives, notes that because directorship is a part-time role, the board must inherently rely on management for information. This can lead to a disconnect in communication, as the information the board needs is not necessarily the information management provides.

In an effort to accurately reflect the thinking of those “on the front lines,” boards often hear from voices outside of the typical four-officer lineup (CEO, CFO, COO, and general counsel). Nearly unheard of a decade ago, the chief risk officer (CRO) provides an example of a non-traditional C-suite officer uniquely positioned to fill an information gap. According to 2012-2013 NACD Governance Surveys, in public companies without a CRO, 64 percent of directors state that the level of information they receive on risk management is good or excellent. On the other hand, among the 28 percent of companies with a CRO, this level of satisfaction among directors increases by more than one-third to 87 percent. The difference is even clearer among private companies–48 percent of directors at companies without a CRO report high levels of satisfaction with received risk management information, and this increases by more than half to 76 percent of directors reporting similar high satisfaction levels at companies with a CRO.

These new and influential voices in the boardroom provide directors with the knowledge and experiences of those working day-to-day in various operational fields. Directors can draw on these diverse sources to ensure they have the breadth and depth of information needed for effective oversight. This solution, however, may present another issue; directors, while comfortable interacting with the typical four-officer lineup, may not have the same level of experience with non-traditional C-suite officers. In the same vein, these officers may not be as adept at providing the board with precise and relevant information.

In our latest white paper, C-Suite Expectations: Understanding C-Suite Roles Beyond the Core, NACD addresses this disconnect by presenting directors with tools they can use to interact with non-traditional members of the C-suite. The eight positions highlighted in the report are:

  1. chief audit officer;
  2. chief corporate responsibility officer;
  3. chief ethics officer;
  4. chief human resources officer;
  5. chief information officer;
  6. chief investor relations officer;
  7. chief marketing officer; and
  8. chief risk officer.

The report includes position descriptions for, information the board can expect to receive in reports from, and deeper questions directors can ask of, these C-suite officers. A complimentary copy of this white paper is available to all NACD members, and is available to non-members for $15.

Tags: , , , , ,
Posted in Board Information, Corporate Governance, Risk Management | No Comments »

« Older Entries