As the bar for director performance continues its steady rise, public company boards are expected to ensure that composition, skill sets, and core processes remain fit-for-purpose. The following infographic derived from the 2016–2017 NACD Public Company Governance Survey illustrates the different mechanisms boards are using to keep board composition and director turnover attuned to the organization’s evolving needs.
For more insights, download a complimentary copy of the executive summary of the survey.
Last month when NACD joined the Global Network of Director Institutes (GNDI) to convene a “cyber summit,” the 200-seat event filled quickly with the key to the future: people—namely directors, chief executives, and information executives empowered to build corporate value and form a powerful bulwark against information destruction.
As information technology – including especially cyber security – rises as a board-level priority, the solution for addressing it is talent. Not every board can have a cyber expert, but today directors are all the more eager to hear from IT executives, and to consider them for ever-higher posts of company leadership. Chief technology officers, chief information officers, and chief information security officers form a “cyber-C-suite” that can make a critical difference in companies’ futures.
Every year NACD surveys corporate directors to find out their views on a number of issues, including their “leading issues” for the coming year. NACD’s governance surveys are still in the field, but preliminary data from this year’s survey shows that information technology currently ranks 14th as a board priority; and a newly added category, “cyber security risk,” currently ranks seventh. Information technology ranked tenth in 2014 and thirteenth in 2013.
The NACD’s current survey results also show that boards are gaining more cyber knowledge. Based on responses received so far this year, 37.1 percent of respondents feel that they do not receive enough information regarding cyber security and IT risk, and 27.7 percent are dissatisfied or very dissatisfied with the quality of information of these matters. This represents an improvement in the situation. In 2014, when this was a new survey question, more than half (52.1 percent) indicated a shortage of information and a little more than one-third (35.5 percent) expressed dissatisfaction with cyber information quality.
Moreover, in NACD’s ongoing survey, 13.0 percent of respondents said their boards have “high level of knowledge” of cyber, 66.6 percent said they had “some knowledge, and 19.7 percent said they “little knowledge.” (Incidence of “no knowledge” was less than 1 percent.) These preliminary findings represent a slight improvement over last year, when only 10.5 percent of respondents claimed advanced knowledge.
Cyber Expert on Board?
So how do boards get cyber expertise? Is having an expert on board the answer? Not every board has room. After all, boards need to cover many areas of expertise with their available seats, and the typical board size is smaller than a dozen (8-11 is the range, depending on company size).
To get a handle on board talent recruitment, we asked directors what two attributes were most desirable for new director candidates to possess. The data collected thus far for the 2015 edition of the NACD Public Company Governance Survey shows that information technology ranked fifth, up from eighth in 2014 and up from ninth in 2013.
Preliminary survey findings – subject to change
Dos and Don’ts for Board Reports
Clearly based on the above trends, information technology experts have an open invitation to give reports to the board – an experience that can enhance any career.
If you are an information technology expert who has an opportunity to give a report at a board meeting, here are five imperatives to consider.
Use plain English, not jargon. Present your material in clear, actionable terms.
Help the board understand the quality of leadership. This is not a time to stand out as a company savior; if the CEO is not the smartest one in the room, the company has a problem. As the recent cyber summit showed, cyber security should be viewed not as a technological issue, but as an enterprise risk that is addressed like all other risks disclosed in the MD&A. As such, the CEO is the star of this show.
Link your comments to the company’s strategy – the more concretely the better. If you work for a public company, one of the best places to find the strategy spelled out will be in the CEO’s annual letter to shareholders. As stated in a recent NACD blog, the CIO—and/or or CISO or CTO—can play a significant a role in strategy and tactical decisions.
Help the board prioritize the assets that can be enhanced through IT and protected through cyber security. Companies need to assess their most valuable and vulnerable points, including the potential strengths and weaknesses of third-party contractors.
Show them the money! Working with your CEO and CFO, take any opportunity offered to make the business case for a strong IT function. IT and cyber expenditures may not show up on the balance sheet as assets but they are in fact investments in the company’s future and a major contributor to financial value.
If you follow these suggestions, your company, and your career, will be the better for it!
Note: Ted Sikora, NACD Research Analyst, contributed to this report.
The discussion surrounding corporate disclosure reform has consistently centered on the issue of how to provide sufficient levels of information to investors and other readers without overburdening those responsible for preparing the disclosures. On July 29, the U.S. Chamber of Commerce’s Center for Capital Markets Competitiveness (CCMC) hosted an event addressing corporate disclosure reform. A variety of issues involving disclosure reform were discussed in panels featuring general counsels from leading companies, former officials from the Securities and Exchange Commission (SEC), the current head of the SEC’s Division of Corporation Finance, and other stakeholders.
Corporate disclosure reform has also been a recurring topic of discussion among the delegates of NACD’s advisory council meetings. Delegates are committee chairs of Fortune 500 companies and, along with key stakeholders, they discuss the issues and challenges currently affecting the boardroom. In particular, NACD’s Audit Committee Chair Advisory Council has discussed this topic at length, and this issue featured prominently in the discussions at the June 2013, November 2013 and March 2014 meetings. In particular, the November meeting featured senior leaders from the Society of Corporate Secretaries and Governance Professionals to discuss their efforts to streamline disclosures, while the March meeting included analysts from Moody’s Analytics and Morgan Stanley to share how they use disclosures.
Many of the key takeaways from the CCMC’s July meeting have been echoed at NACD’s advisory council meetings. These include:
The “disclosure burden” is largely driven by a desire to reduce liability. The first CCMC panel focused on the perspectives of two former SEC commissioners: Roel Campos, who is currently a partner at Locke Lord; and Cynthia Glassman, now a senior research scholar at the Institute for Corporate Responsibility at the George Washington University School of Business. There was agreement that disclosures have become documents of litigation. The usefulness of many disclosures was called into question, and in fact, many of the disclosures found on today’s financial statements are not actually mandated. For example, while comment letters issued by SEC staff from the Division of Corporation Finance and the Division of Investment Management “do not constitute an official expression of the SEC’s views” and are “limited to the specific facts of the filing in question and do not apply to other filings,” many companies include disclosures based on these comment letters, often aiming to reduce their company’s liability by accounting for every possible contingency.
What’s more, if one company is asked by the SEC to provide a particular disclosure, other companies may feel compelled to disclose the same information even though they may operate in different industries.
Nevertheless, elimination of unnecessary or outdated disclosures requires a lengthy review process. Without a champion for reform, disclosures can linger on financial statements in perpetuity. An advisory council delegate noted: “It’s possible to take the initiative and cut the 10-K down. But it’s a significant time commitment, so you need buy-in from the CEO, CFO, and audit committee.”
Technology provides promising solutions. It was also observed that many disclosures are mandated by laws and rules stemming from the 1930s to the 1980s, when corporate information was only accessible in a physical form. Today, company websites often provide more detailed, current information than the 10-K. One CCMC panelist suggested that the SEC should encourage companies to rely more on these websites for the disclosure of certain information, such as historical share prices.
CCMC panelists also discussed ways to take advantage of technology to redesign and standardize the financial statements themselves, which could make them searchable and allow investors to make comparisons over time or across companies more easily. One panelist suggested that disclosure transparency could be enhanced by creating a “digital executive summary” document. In this summary, new, newly relevant, and the most material disclosures could be grouped in one place with hyperlinks to more detailed information. A similar notion has been discussed at recent Audit Advisory Council meetings, as one delegate offered: “Perhaps we need a second document, aside from the 10-K, that provides a shorter, more meaningful narrative that’s focused on the material issues that investors are interested in.”
Disclosure reform involves multiple stakeholder groups. The second CCMC panel of the morning focused on balancing the disclosure needs of various stakeholders. The panel included the perspectives of several professionals whose work is heavily influenced by the disclosure regime. They included Julie Bell Lindsay, managing director and general counsel for capital markets and corporate reporting, Citigroup Inc.; Chris Holmes, national director of SEC regulatory matters, Ernst & Young; Flora Perez, vice president and deputy general counsel, Ryder System Inc.; and Ann Yerger, executive director, Council of Institutional Investors.
From the investors’ perspective, it was noted that because investors are voracious consumers of information, they will rarely say “no” if offered more information.
Several corporate counsels noted initiatives at their companies that are designed to increase disclosure transparency, including efforts to work directly with investors to determine the information that was the most important to them. In fact, nearly half of the respondents to the 2013–2014 NACD Public Company Governance Survey indicated that a representative of the board had met with institutional investors in the past 12 months:
The SEC is currently developing solutions. The final panel of the morning featured Keith Higgins, director of the SEC’s Division of Corporation Finance, who provided his views regarding the state of the disclosure system and described how the division is currently conducting its disclosure reform initiatives. More details regarding the division’s plans to tackle disclosure reform can be found in this speech by Higgins to the American Bar Association in April.
Throughout the morning’s discussions, there were also points of disagreement, such as the relevance of specific disclosures. Each session, however, provided evidence that on all sides of the issue there are those making good-faith efforts to improve the system.