For the 1,200-plus directors convened at this year’s NACD Global Board Leaders’ Summit, Delaware Supreme Court Chief Justice Leo E. Strine Jr. had words of advice that ranged from improving time management to establishing a Tobin-like tax on financial transactions. The nation’s leading jurist on corporate matters also cautioned against using electronic devices during board meetings for unrelated matters because that information may one day be discoverable in court.
Interviewed on Tuesday, Sept. 29, by NACD President Peter Gleason, Strine was at his provocative best. The proliferation of technology in the boardroom, Strine observed, may lead to an unintended consequence: the ability to discern just how engaged directors are and by what in board meetings. Strine warned of the possibility, and even the probability, of a shareholder suit that alleges inattention and seeks to support that allegation with a review of the director’s online activity when in board meetings—measuring just how much time was spent looking at material on the board portal versus sending e-mails, text-messaging family or friends, or playing fantasy football.
Boards also need to assess whether they are using their time to best effect. “There are no disciplined studies about how boards should be scheduled and what you do in certain committees,” Strine said. “The pattern is that if something is required legally or by statute, then that tends to get done first. A real challenge is to think like business people about your function as a director and how you use your time, and [recognize] that it reflects the priorities that you (as a board) set.” Strine challenged directors to set “a board budget of hours.”
Strine repeated a suggestion he has made previously that U.S. tax policy be adjusted to include a so-called Robin Hood or Tobin tax. Such a tax is named for the late Nobel Prize-winning Yale economist James Tobin, who in 1973 recommended a levy on short-term currency swaps in order to thwart speculation. A similar tax on stock trades, Strine maintains, would discourage short-term fund-hopping and generate new revenue.
Strine took issue with the voting practices of some large asset managers, noting that the sheer volume of votes created by shareholder proposals and the numbers of companies in each fund make informed voting impossible. Even the most “rational” investors, such as Fidelity Investments and the Vanguard Group, tend to vote their funds in one direction for the sake of expedience, he said. (See related content:Taking the Long View with Bill McNabb.) “It would be good for index funds to have their own voting policies. Why is the index fund voting the same way as the dividend fund?” Strine asked. “Why?”
One of the CEO’s most important jobs is to develop the next generation of leadership, Strine reminded the assembled directors, and boards should have opportunities for regular contact with up-and-comers.
Strine also recommended that boards consider the benefits of adopting a forum-selection bylaw. The inclusion of such a bylaw would allow corporations to determine where court cases are adjudicated when suits cover more than one jurisdiction. The state of Delaware in May enacted an arbitration law that is intended to provide speedier, more cost-effective dispute resolution as long as one of the companies in the dispute is domiciled in Delaware.
Companies continue to face significant global economic uncertainty. Although U.S. economic prospects have improved in recent years, structural weaknesses in other regions pose significant challenges for multinational companies. To ensure their organizations thrive in this volatile environment, boards and senior executive teams must pay close attention to regional trends and international politics and how these affect the growing interdependence of markets worldwide. During a presentation at the 2015 NACD Global Board Leaders’ Summit, Kaushik Basu, chief economist and senior vice president of the World Bank Group, identified four major market conditions that will influence the growth prospects for many businesses.
The shape of the post-crisis recovery continues to change. In recent years economists have been hard-pressed to forecast how global markets will behave. After the 2008 financial crisis in the United States, economists initially anticipated a V-shaped recovery, in which the market hits bottom and then recovers. As it became clear that the recession would continue, they altered their predictions, asserting that the recovery would be U-shaped instead. When the European debt crisis occurred, economists then foretold a W-shaped recovery. The lesson seems to be that economic cycles have become less predictable and no longer adhere to historical patterns. In response to this increased uncertainty, directors and management teams must now expand their strategic planning process to incorporate a range of possible economic scenarios.
The economic fortunes of emerging economies are not uniform. Brazil, India, and China are often touted as emerging centers of economic power; however, . In the past year only India and China saw growth in their gross domestic products, while Brazil—which has endured corruption scandals, tax increases, and spending cuts—has experienced virtually no economic growth. When discussing potential investments in these foreign markets, boards should require management to provide forward-looking country assessments in order to responsibly evaluate the potential risk and rewards.
Economies are porous. Directors need to be aware that local economies are inextricably intertwined, and that deteriorating economic conditions in one country can therefore spread quickly to other nations. For example, the ramifications of slowing growth in China are significant because so many countries are increasingly dependent on continued Chinese investments and consumption. Africa, Latin America, and Germany are likely to suffer most as major exporters to China. Conversely, India’s economic growth has recently accelerated, due in part to structural tax reforms that have created a more welcoming investment climate, resulting in a rapid surge of foreign direct investment in 2014.
Increasingly disparate monetary policies among the developed nations will have global economic ramifications. Directors will be expected to understand the consequences of divergent policies—especially those of developed countries—for the world’s biggest economic blocks. For example, the Federal Reserve is debating a possible rise in interest rates after seven consecutive years of record-low borrowing costs. While a rate hike would ostensibly strengthen the U.S. dollar by encouraging investments in this country, it could also raise the prices on U.S. exports and undercut the economic viability of U.S. products in foreign markets. In the Eurozone, the European Central Bank (ECB) has in recent years maintained loose fiscal policies, increasing the supply of money flowing through international markets in hopes of facilitating economic recovery. A U.S. interest-rate hike would result in a weaker euro, which in turn could lead to a boost for Eurozone economies because buying trends would begin to favor domestic products. On the other hand, tighter U.S. fiscal policies could readily be undone by the European Central Bank injecting even more liquidity into the markets to keep euro values low and maintain the viability of Europe’s export market. Emerging markets, too, might experience a negative impact from these proposed policy changes. Because they have been borrowing money in U.S. dollars at near-zero rates, these countries will almost certainly see an increase in debt and decreased economic growth if U.S. interest rates rise.
“Putting a Boardroom Lens on Cyber,” one of the final panels of the 2015 Global Board Leaders’ Summit, continued themes heard throughout Summit sessions. The panel focused on how to ask management the right questions about the state of their enterprise’s cyber security and how to assess the strength of their preparedness to manage this risk.
The panel was packed with leading technology experts: Nicholas M. Donofrio, director of NACD, Advanced Micro Devices, BNY Mellon, Delphi Automotive and Liberty Mutual, and former executive vice president of innovation and technology, IBM; Alfred Grasso, president and CEO, The MITRE Corp.; Christopher Hetner, cybersecurity lead, Technology Controls Program, Office of Compliance Inspections and Examinations, U. S. Securities and Exchange Commission; and Kimberley S. Stevenson, director, Cloudera Inc.,and CIO, Intel Corp. Bill E. McCracken, director of NACD and MDU Resources Group and former CEO of CA Technologies, moderated the discussion.
Below is a summary of the high points from that discussion.
Recognize that cyber criminals are constantly changing methods and targets. When it comes to security breaches, “The bad people are getting better, faster, and you have to assume, therefore, that you have to move quicker,” Donofrio said. For example, cyber criminals increasingly exploit human error by using social engineering—especially with “spear phishing” emails. These emails look like legitimate business from trusted sources, yet contain dangerous malware. One employee opening such an email could compromise an entire network’s security.
Scrutinize whether management really knows where key data assets reside. It’s essential to gain the confidence that management knows the location and how “crown jewel” data assets in often highly distributed IT environments are being protected. Management needs to also demonstrate an understanding of the rationale for access rights of both employees and contractors. The fine print in third-party contracts could jeopardize data security, as cloud storage companies sometimes have “quality control” clauses granting access to your data.
Ensure that general management is held accountable for effective cyber-risk management. Cybersecurity is no longer an IT issue, but a significant business risk as technology is now a critical component of most business processes. As a result, general managers must share formal accountability with IT for the strength of cybersecurity. They must foster a risk-aware culture. If, for instance, the IT department sends dummy malicious emails to test open or click rates in the network, a problem would be detected if the rate goes up. “We track the number of employees who click on malicious emails,” Grasso said. “It’s less than two percent, but if it rises, we’ll move quickly and change our training policies.”
Demand that technology leadership avoid jargon and communicate complex concepts in easy-to-grasp language. “We have our own vocabulary as IT professionals, and we have a hard time translating that into everyday language,” Stevenson said. Technology leadership must be careful to clearly communicate concepts to board members whose first imperative is to understand risks. Technology management should craft language that non-expert directors can readily grasp.
Beware the consequences of your own oversight approach. Directors must carefully craft the questions they ask management when examining cyber risks. Donofrio recommended that board members focus carefully on the questions they ask of the C-suite to avoid sending the wrong message: for example, boards that focus exclusively on the costs associated with cybersecurity could undermine much-needed investments by management in better defenses. “We as board members can mess this thing up,” Donofrio said. Continued technological literacy is integral to asking the right questions, understanding experts’ briefings, and appreciating the full impact of cyber-risks across the organization.