referencelibrarybanner
Listing ETP Banner
Reference Library - Advanced Search
New! Find
 



Library 



** To make multiple selections, select the first criterion and then press and hold the Ctrl Key **
 
Timeframe
Category
 
Sub-Category
1- 9 of 9 Search Results for:
Libraries:   Governance Clearinghouse
Filters:   All Years; Outside Insight;



Collapse All
Printer Friendly View
Mailto Link 
Page: 1 of 1
Frequently Asked Questions
Ransomware Defense for Boards by Betsy Atkins with input from Bill Lenehan
Identification Number
1427
Clearhouse
Ransomware Defense for Boards by Betsy Atkins with input from Bill Lenehan
Publication Date: September 20, 2017

For all the clever coding involved, most ransomware delivers a very crude but deadly message when it strikes your company. Important company files are locked, and may be destroyed, unless you pay a specific ransom amount, anonymously, with a short deadline. At that point, panic sets in. But if your top management, IT team and board of directors have devoted some time, thought and resources in advance, you'll know how to respond (and might dodge the bullet altogether).

In my own recent boardroom experience, how boards should deal with cybersecurity is one of the hottest topics. I've been an evangelist for getting boards active in setting and assuring effective corporate digital policies. Much of this should be basic good governance for the twenty first century. Realize that a cyber-attack is now a matter of when not if. Make your board digitally savvy so it can ask smart questions on technology, threats, and liabilities. Assure things like up-to-date platforms, software, and third-party testing.

I should note that the majority of company hacking attacks still involve these conventional threats -- the cyber equivalent of smash-and-grab theft. However, the special dangers posed by digital hostage taking demands a unique corporate governance role. If regular hackers penetrate your systems to steal money or data, there are few shades of grey. There may be debates between IT and the rest of management on budgeting for safeguards (the board should be IT's advocate and "nudger" on this, by the way). However, the priorities after a conventional breach are never in doubt -- assess and limit the damages and learn from the attack.

Ransomware is existentially different and goes to the heart of a board's governance and fiduciary role. Do we as a company pay a ransom demand or do we take the moral high ground and say no? Your board needs to tackle this question, with its uncomfortable blend of technology and ethics, now, before an attack. The major ransomware strains, such as Petya and WannaCry, offer a short time frame (sometimes as little as 24 hours) to pay up or face the consequences. Convening a board meeting that quickly to deal with a flash crisis would be both impractical and unwise. Further, the actual ransom itself can be oddly small. Would you really convene an emergency board session to discuss expending $1,000?

Real-world board experiences with ransomware suggests there is a better way. I've seen ransom demands first-hand at one of my boards, and spoke with Bill Lenehan, CEO at Four Corners Property Trust, who's also faced these traumas. We have observed a number of effective strategies specifically targeted at dealing with the unique threat of a ransomware attack:

Have the ethical discussion before a ransomware attack occurs. Your top executives and IT staff need guidance from the boardroom on the big question of whether or not the company should submit to a demand for ransom. The decision is not an easy one; losing business (and perhaps the business itself) by taking the moral high ground is not your call as a shareholder fiduciary. Your number one mission is to protect the business for investors. That may involve the tough decision to pay up if it will save data or needed access.

"Boards need to provide guidance and support on how this is handled," recalls Bill Lenehan. He finds laying out the issues directly to the board helps clarify their thinking. "I was talking with a 70-year old board chair, and said 'Let me throw you a curve. You're trying to close a $200 million acquisition, when suddenly, your employees get a ransomware demand for a total of $3000. If you don't pay, you jeopardize the deal, your relationship with numerous counterparties, and maybe the company itself.' The response, 'My God, I never thought of this!??'"

Hold this debate now at the board level, because when a hacker's WARNING screen pops up, it's too late for philosophy.

Shape a corporate ransomware response policy based on the ethics discussion. Take the strategic principles the board has developed for responding to ransomware attacks and turn them into a working tactical policy. Include functional steps, like who is to be notified, who makes the final payment decision, damage/cost tradeoffs to weigh, etc. Also, will you even be able to pay the crooks? It sounds distasteful, but assure that you have the mechanisms in place to quickly meet the ransom demands if you choose to.

"You don't want to be scrambling to pay, figuring out how to practically make this work," Bill Lenehan recalls from his own experience as CEO of Four Corners Property Trust. At 5:30 one morning, he received a text message from the company controller telling him there was a problem -- a short-term ransomware attack was spreading globally. "Our board chairman was out of the country, hours behind us, so what do I do as CEO? Would I pay, or not pay, do I need to inform my board, or just hurry to set up a Bitcoin account?"

The CEO and other staff should not have to make these decisions on the fly -- and if they do, it's the fault of the board, which didn't prepare in time. "Ransomware is not the fault of the CEO," notes Lenehan. "It's like a school snow day -- you have to set your decision policies in advance." (Lenehan also notes that his small company has a staff of 12, and is as far off the business news radar as can be -- yet hackers still found them).

No policy can mean inability to respond at all. At a major company whose board I had served on, we faced a short-term ransomware demand, and decided we had to pay. But the hackers demanded payment in Bitcoin, and the company didn't have a Bitcoin account. This took two days to set up -- by which time the deadline had passed. In the missed deadline experience I referred to, we were able to negotiate a compromise. We were ultimately able to decrypt our files.

Also, ask what you'll do if other problems crop up. In Europe, a recent Petya attack demanded payment to the bit-napper's Posteo email account. But before victims could comply, Posteo had blocked the mailbox.

Beware risks related to ransomware attacks on third-party affiliates. Ransomware is not just an internal danger. Even after you shape a sound emergency policy for your corporate response, what about the suppliers, customers and advisors you depend on? Lenehan tells of a ransomware strike, not at his company, but at a major law firm they were depending on to close a $20 million acquisition. "The lawyers got an email from IT early in the morning telling everyone not to turn on their laptops and check them in immediately." A pending deal was suddenly frozen solid.

What would happen at this very moment if one of your top vendor's or client's IT system instantly went dark for an uncertain period of time? Are they able to back up their information with systems completely walled off from the afflicted ones?

Fight hackers with unconventional warfare. Above, I noted the generic things a board can do to improve the technical odds of avoiding and fighting cyber mischief. Push IT to innovate outside its normal comfort zone. Third-party vendors like Optiv, SecureWorks, and Stroz specialize in penetration testing, 24/7 threat monitoring and ethical hacking. Your IT staff says they have the latest software updates and threat assessments? Good -- let's contract with outside experts who can make sure. The expenses involved should be modest and today are a basic cost of doing business. Want to drive a car? You need to buy insurance. Want to operate in today's digital world? Invest in outside cyber-expertise.

Check that cyber insurance coverage is adequate. Speaking of insurance, check your liability and other business policies when it comes to hacking damages and, specifically, ransomware costs. What sort of losses are covered, which aren't, how much could ransomware losses total, what compliance measures must you have in place, and what are disqualifiers? Also, how should your company decide on making a claim? (If you file a claim for a ransomware payment of $5,000, will your premiums shoot up by ten times that amount?) "If someone demands $350 in Bitcoin, it may be like when someone keys your car in a parking lot," notes Lenehan. "Rather than making a claim, you just get it detailed out on your own dime."

Ultimately, boards and management need to respond to a ransomware crisis the same way they respond to any company crisis. They must assure good response tools and plans are in place and functioning, that tough questions are asked, and that everyone knows their role. But for the board, ransomware prep demands an added step -- asking if they're ready to make a deal with the devil.

***

Betsy Atkins serves as President and Chief Executive Officer at Baja Corp, a venture capital firm, and is currently the Lead Director and Governance Chair at HD Supply. She is also on the board of directors of Schneider Electric, Cognizant, and a private company, Volvo Car Corporation, and served on the board of directors at Nasdaq LLC and as CEO and Board Chairman at Clear Standards.

Bill Lenehan is the Chief Executive Officer of Four Corners Property Trust, a real estate investment trust that owns over 500 restaurant properties. He is also on the board of directors of Macy's, the department store company. Prior experience includes board service at Darden Restaurants and Gramercy Property Trust, among others. He spent ten years as an investor at Farallon Capital Management.

 

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.

Publication Date*: 9/20/2017 Identification Number: 1427 Mailto Link
Frequently Asked Questions
Board Members Must Open the Aperture Wider to Break the Silicon Ceiling by Betsy Atkins
Identification Number
1403
Clearhouse
Board Members Must Open the Aperture Wider to Break the Silicon Ceiling by Betsy Atkins
Publication Date: July 20, 2017

Betsy Atkins, President and Chief Executive Officer at venture capital firm Baja Corp, is a veteran of 23 boards and 13 IPOs.

Changing any corporate culture is a challenge, but I've found bringing diversity to the tech industry is even trickier. Fast-growth "unicorn" companies can quickly outgrow their founding venture-based startup corporate governance and find themselves facing crises with too few adults in the boardroom.

Many reports assert women in technology industries still push against a silicon ceiling when it comes to career advancement and cultural issues. Research from the Society of Women Engineers found that 20% of today's engineering school graduates are women, yet just 11% continue working in the field. Women in IT leadership roles (such as chief information officers or technology vice presidents) are just 9% of the total, according to a recent survey from Harvey Nash and KPMG.

Today's board members should open the aperture wider in terms of their role. The days of a board's role being pure financial oversight was last millennium. This millennium, board members are expected to be an asset as well as an accelerant for the business. In my own experience, I've seen technology companies nurture diverse, inclusive cultures starting with a few one-on-one approaches from the boardroom.

Build internal career networks

At Volvo Car AB, where I serve on the board, we've launched a program where I regularly meet with senior and mid-level women executives on personal career development. We work with these women execs to build on their strengths, clarify their career aspirations, and offer advice on advancement. This is a new program, but it is already proving a success in energizing and motivating the paths of these current and future female leaders.

Group mentoring also harnesses networks and creates supportive environments where women managers and executives can brainstorm effective ways to promote diversity in the organization. According to a recent Harvard Business Review article about changing corporate culture, safe havens nurture cultural ecosystems that model what the organization can become in the future, while networks create coalitions that catalyze change.

Make mentoring personal

On the board of Schneider Electric, I make it a point to directly mentor one-on-one a number of women on the company's senior leadership team. I teach them to advocate for themselves, identify executives within their company who they can network with, build rapport with as their mentors and nurture those relationships into sponsorships.

Women in management may find it helpful to have someone in the boardroom take a personal interest in their career strategy and development. For example, at Uber, new board member Ariana Huffington is in an ideal position to put her mentoring and career savvy to work in helping rising women execs rebuild that company.

One key to a successful mentoring program is a regular ongoing coaching and support. In my experience, a good mentor/mentee match also requires synergy: a strong personal chemistry and an alignment of professional disciplines. I'm a passionate advocate of digital transformation and customer-centric processes, so I tend to mentor women executives who have roles and expertise in line with those disciplines.

Board members don't have to wait for CEOs to ask for mentoring of female executives. When I spot high potential women managers within the companies of the boards I sit on, I approach our CEOs and offer to help these women reach the next level in their leadership potential.

Go beyond mentoring to sponsorship

There is a big difference between mentoring—which is periodic advising and coaching—and sponsoring. Sponsors take a far more active role in helping individuals reach the next rungs in their careers. Women who are already senior managers or board members can kick mentoring up a notch by "sponsoring" women with high potential through career coaching, facilitating introductions to other executives and identifying and importantly, recommending them for new opportunities that will accelerate their careers.

Set a goal

According to the Harvey Nash/KPMG survey mentioned above, only 28% of small-cap companies have a formal diversity initiative in place, versus 72% of large-cap companies. For newer, smaller tech companies that are in hyper-growth survival mode, it's unlikely management will organically implement tactics that foster diversity of management. Hope is not a strategy.

If a company really wants to drive cultural change, a prescriptive diversity goal could be considered. That goal can be defined based on the values of the company, and may include gender diversity, ethnic diversity, age diversity, global diversity, etc.

Highly qualified female candidates ARE out there. I was the only woman on the board of HD Supply when I joined, and just three years later 23% of the board is female. I also sit on the board at Schneider Electric, where we set a goal of 40% gender parity on the board. Today Schneider Electric's board is composed of 38% women, so we have nearly achieved that goal in just 7 years. The Volvo board I sit on has 23% women. These companies all operate in industries traditionally thought of as "male-dominated," yet we were able to recruit highly qualified female board members without compromising one wit on the experience, talent and skillsets we were looking for.

Recognize when women make a difference

When I served as chair of the board's compensation committee at tech firm Polycom, we were active in the annual recognition event for sales staff. I noted that women were leaders in sales, making up less than 10% of the sales force yet 34% of our "President's Circle" top sales performers. Making an added effort to celebrate (and promote) this talent is crucial in sending the message that sales is not just a "guy thing" in the company.

The talents of women are a strategic asset to companies, and there is a growing body of research proving that firms who nurture and empower their gender diversity gain in revenues and stock performance. In any company, balance sheet results are always found downstream from company culture. When it comes to reshaping that culture to be welcoming to women, the boardroom is the ideal place to start.

***

Betsy Atkins serves as President and Chief Executive Officer at Baja Corp, a venture capital firm and is currently the Lead Director and Governance Chair at HD Supply. She is also on the board of directors of Schneider Electric, Cognizant and Volvo Car Corporation and served on the board of directors at Nasdaq LLC and at Clear Standards as CEO and Chairman.

 

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.

Publication Date*: 7/20/2017 Identification Number: 1403 Mailto Link
Frequently Asked Questions
Reputation Risk and Opportunity Governance: A 5-Point Blueprint for Boards by Andrea Bonime-Blanc, JD/PhD
Identification Number
1364
Clearhouse
Reputation Risk and Opportunity Governance: A 5-Point Blueprint for Boards by Andrea Bonime-Blanc, JD/PhD
Publication Date: May 2, 2017

Andrea Bonime-Blanc is the Chief Executive Officer of GEC Risk Advisory and Author of The Reputation Risk Handbook.

Reputation risk and opportunity management is the front line job of management – however, it is the job of the board to provide reputation risk and opportunity oversight for their company. And most boards don't even think about reputation risk until the crisis or scandal hits and their company's reputation, as well as their own personal reputations possibly, may be at risk.

In this article, we define reputational risk, identify recurring themes that were present in cases where reputation risk has gone wrong, and offer a high level five point blueprint for boards to oversee reputation risk and opportunity at their companies. Why do this? Because effective reputation risk management – just like effective enterprise risk management – is not only useful to mitigate losses and liabilities but also to build reputation opportunity and value with and from key stakeholders (customers, employees, regulators, etc.).

Reputation Risk Defined

Within the context of an organization (whether a company, a government agency, a university or a non-profit), reputation risk is a strategic risk that can amplify other underlying and related risks especially non-financial or ESG (environmental, social and governance) risks when those risks have not been properly identified, managed or mitigated. Here is a simple definition of reputation risk I offer in my book, The Reputation Risk Handbook:

Reputation risk is an amplifier risk that layers on or attaches to other risks – especially ESG risks – adding negative or positive implications to the materiality, duration or expansion of the other risks on the affected organization, person, product or service.

When one couples the notion of an amplifier risk with the notion of stakeholder expectations and impact, one can surely start seeing the gestalt of why reputation risk has both qualitative and quantitative dimensions.

Reputation Risk Management Gone Wrong

It is important to note a recurring theme throughout cases where reputation risk went wrong: something or some things did not work well within these companies in advance of the crisis and there are three critical topics that seem to appear in most of these cases:

  1. The Board did not have a proactive stance on effective risk oversight, let alone reputation risk oversight.
  2. The CEO/c-suite were not creating or supporting a culture of accountability and customer-centricity thus allowing for the erosion key stakeholder trust.
  3. The company itself does not appear to have effective risk management and/or views risk as a liability that happens to unlucky companies (instead of a manageable asset that also has embedded opportunity and potential value).

Why Good Reputation Risk Management and Oversight Matter

Reputation risk matters for worse and for better because it’s what happens when the expectations of stakeholders – potentially a multitude of them – are missed, met or exceeded. Reputation risk acts as an amplifier and accelerator of an underlying risk that is not managed at all, poorly managed or is managed up to and possibly beyond the expectations of key stakeholders.

While stakeholder expectations can be characterized as being largely behavioral, emotional or intangible, what happens as a consequence of exceeding, meeting or missing stakeholder expectations is far from intangible:

  • An organization’s meeting or exceeding its stakeholders’ expectations can have neutral to positive qualitative and quantitative consequences.
  • An organization’s missing its stakeholders’ expectations can have negative consequences – both qualitative and quantitative.

Reputation Stakeholders

How well an organization understands and incorporates a qualitative assessment of its key stakeholders and their expectations is where the qualitative and quantitative dimensions of reputation risk meet: one does not make sense without the other and one feeds upon the other. The below chart from my book, The Reputation Risk Handbook, shows a range of some of the key stakeholders that organizations should be considering in such an assessment.

Outside Inside Graph 1

The bottom line is this: flying without a reputation risk net is tantamount to hoping for the best in a world full of challenges, risks, threats and (lost) opportunities. Adopting such a framework, in turn, provides the resilience needed for long-term survival and even out-performance as risks are managed and new opportunities are identified on the way to effectively managing reputation risk.

With these themes in mind, let’s take a look at the five keys to successful ongoing board reputation risk oversight.

A Five Point Reputation Risk Governance Blueprint

Below is what I would consider to be the five key tasks of a board intent on overseeing reputation risk and opportunity effectively for their company:

  1. As an Amplifier and Strategic Risk, Reputation Risk should be on the Board Agenda Regularly. Reputation risk does not occur in isolation but in relation to other underlying risks. As such, reputation risk must be on every board agenda together with strategic and enterprise risk oversight.
  2. Boards Must Oversee Effective Enterprise Risk Management (ERM). Reputation risk cannot be properly understood, managed or supervised without robust underlying ERM that identifies all risks and allows related reputation risk to be properly gauged.
  3. The Board Must Know Who the Company’s Key Stakeholders Are. Why? Because every stakeholder has expectations of a company’s behaviors and results both financial and non-financial. If and when those expectations are not met, both qualitative and quantitative consequences will follow, most of them negative. The reverse is true as well: the better an organization understands, nurtures and tends to its principal stakeholders, the better off that organization will be when and if crises occur, with both qualitative and quantitative consequences, most of them neutral or positive.
  4. A Cross-Disciplinary Team of Company Experts Should Manage Reputation Risk. And it is up to the Board to understand from such experts – from the chief risk officer and head of public relations and communications to the general counsel and the audit executive. They are best prepared to understand the reputation risk of the company if they prepare accordingly. That team must also be synchronized with a proper and effective crisis management program.
  5. Reputation Risk is Directly Connected to Corporate Resilience, Opportunity & Value Creation. It is the board’s role to ensure that the company and its management develop and implement resilience measures to counteract and mitigate material risk and to take advantage of risk opportunity – reputation risk oversight is a critical part of this process. The more prepared an organization is for its risks, the greater chance it will have to successfully manage the risk, associated crises and value opportunities.

For more information and case studies, readers should go to the thought leadership page of the GEC Risk Advisory website.

***

Dr. Andrea Bonime-Blanc is CEO founder of GEC Risk Advisory and a global governance, risk and value creation strategist. Her firm specializes in governance, risk, ethics, compliance, corporate responsibility, reputation and crisis advice to the private, public, governmental and non-profit sectors worldwide. She is author of The Reputation Risk Handbook and Emerging Practices in Cyber-Risk Governance and has been consistently recognized by Ethisphere as one of the “100 Most Influential People in Business Ethics.” In 2017, she was appointed Ethics Advisor to the Financial Oversight and Management Board of Puerto Rico, created by the U.S. Congress to oversee the restructuring of the Puerto Rican economy. She tweets @GlobalEthicist and writes the Risk2Value Blog.


The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.

Publication Date*: 5/2/2017 Identification Number: 1364 Mailto Link
Frequently Asked Questions
Seven Steps to Implementing Board Oversight of Sustainability by Sandra E. Taylor
Identification Number
1324
Clearhouse
Seven Steps to Implementing Board Oversight of Sustainability by Sandra E. Taylor
Publication Date: February 21, 2017

Sandra Taylor is the CEO of Sustainable Business International LLC and a pioneer in the field of sustainability. She has helped many major brands including Starbucks and Eastman Kodak, develop and implement global corporate social responsibility strategies.

Many corporate CEOs and investors have accepted the premise that sustainability issues are material to the long-term success of any business. Effective management of social and environmental risks can improve business performance and produce tangible results. These can include more reliable availability of essential natural resources, significant efficiency gains, reduced transaction costs and access to new capital. The concept of sustainable business seeks to combine environmental and social improvements with financial success.

Investors are increasingly focusing on the role that corporate boards play in overseeing material sustainability issues as a part of their fiduciary responsibility. Between 2010 and 2014, over 250 shareholder resolutions were filed calling for explicit board oversight of sustainability issues. During 2016 alone, 370 proposals were filed related to environmental and social issues, making sustainability the “fastest growing cause for shareholders.” Now is the time for boards of directors to protect and promote shareholder interests by adopting and overseeing a corporate sustainability strategy.

Integration of sustainability into key business initiatives, risk management and compliance are all consistent with corporate governance standards. Here are seven key areas when implementing board oversight of corporate sustainability efforts:

1. Start at the beginning and determine materiality.

As a starting point, boards should define what sustainability means for the company by conducting a materiality assessment. The risks posed and opportunities created by the shift towards greater sustainability present companies with complex, multi-dimensional, and sometimes interconnected issues. By developing a robust understanding of what issues are material to their operations, the environment and communities, companies can better prevent or mitigate these risks and gain access to these opportunities.

However, materiality in the sustainability context is not simply about reporting or disclosure. The materiality determination should reflect the organization’s significant economic, environmental and social impacts, and stretch far beyond just the production of a sustainability report: it should also touch on the company’s overall strategy, risk management, relationships, communications and even the design of products and services with sustainability impacts in mind.

Just as the board oversees or approves sales and financial targets, it should also approve targets (both long-term and short-term) for the company’s sustainability performance that can attain the same level of value and influence as other key elements of business performance by driving profitability, innovation and engagement.

In terms of sustainability reporting, there remain questions regarding whether sustainability report issuers, and investors as report users, identify the same topics as material. SASB is an effort to bridge that gap. SASB standards are designed to determine those environmental, social, and governance topics that are reasonably likely to have material impacts on the financial condition or operating performance of a company. SASB is able to identify and standardize disclosure for the sustainability topics that are most important to investors—those that are reasonably likely to have material impacts on companies in an industry.

2. Focus on the supply chain.

Of all the strategies, integrating sustainability into the supply chain and ethical sourcing may be the most critical. Ethical sourcing means ensuring that the products being sourced are created in safe facilities or under safe conditions for workers who are treated well and paid fair wages to work legal hours. It also means that the supplier respects the environment during the production and manufacture of the products.

3. Be innovative.

Rather than approving projects and then asking how the product, feature or service can be developed and delivered more sustainably, the board should add a sustainability lens (through scorecards, lifecycle analysis and indices) at decision-making points, ensuring sustainability is factored in before any go/no-go decision. The board should ensure that environmental sustainability and social responsibility values become important screens that are included in the company’s most senior hiring decisions and enterprise risk management framework, and considered when approving major decisions like capital projects, new business lines, mergers and acquisitions, new product launches and expansion into new geographic markets.

4. Be the impetus.

Through their core duties related to setting strategic course, audit and monitoring, and their long-term perspective, boards are uniquely positioned to ensure the full integration of sustainability into business strategy and practices. Integration means incorporating sustainability into the business strategy so that the business model itself creates social and environmental value in addition to financial value. In other words, by the very act of succeeding as a business, a company creates greater value for society and the environment.

Boards and senior management should ensure that corporate responsibility and sustainability are embedded into every part of the business, including planning, strategy, operations, marketing and human resources. Board compensation committees should incorporate sustainability priorities into both the recruitment and remuneration of executives and identify the most relevant and stretch targets to influence executive performance. A simple way to achieve this is to appoint a Chief Sustainability Officer (CSO) for the company who is part of the senior executive team and involved in all decision-making in much the same way as the General Counsel and Senior HR executive, including regular interaction with board committees.

5. Measure outcomes.

Once the company develops a sustainability strategy and policy, it then must identify major performance aspects, establish objectives, select specific indicators and metrics, and commit to achieving specific targets. Ideally, progress should be benchmarked against a set of time-bound, measureable goals laid out as part of the overarching strategy and publicly disclosed. For example, management systems should measure progress and provide assurances that the sourcing strategy a company pursues is delivering the intended results.

It is critical for the board to track performance, oversee reporting and set clear expectations for improving performance. Establish internal performance, communication, incentive and measurement systems for all sustainability goals and conduct quarterly business reviews. Boards should also set short and long-term sustainability targets — just as they do for financial targets — and ensure that the company’s sustainability strategy and performance are communicated at annual meetings and investor roadshows.

6. Be transparent.

Transparency is about reliable indicators of sustainability progress and honest communication with various stakeholders about policies, practices and progress, including formal external reporting. Whether an organization chooses a full-scale corporate responsibility report, following Global Reporting Initiative (GRI) guidelines, delivers a CSR report directed at consumers and community groups, or simply communicates progress on its website, external communication is critical to gaining consumer trust.

Reporting plays a pivotal role in communicating these management actions to a variety of stakeholders. Boards should review and approve disclosure of the company’s sustainability performance in mandatory and voluntary reporting. GRI Sustainability Reporting Standards are the world’s most trusted and widely used standards on sustainability reporting.

7. Align board structure and composition.

In a UN Global Compact-Accenture CEO study in 2010, 75% of CEOs reported that their board of directors take an active role in overseeing sustainability issues. However, when Ceres analyzed 613 of the largest publicly-traded U.S. companies in 2014, only 32% oversaw sustainability at the board level. Some notable international companies have established a stand-alone sustainability committee of the board, including Ford, Roche, Nike, Lockheed Martin, Monsanto, McDonalds, Coca-Cola and HSBC.

Board oversight can take several forms. In some companies the role is combined with the governance committee. This combined committee supervises compliance of internal business principles and principles of behavior with respect to legal as well as safety and environmental matters, diversity and also oversees the preparation of the sustainability report.

The type of committee is less important than the scope and ambition of its mandate, which should include company-wide oversight on issues such as climate change, human rights, sustainable supply chain management, health and safety, as well as sustainable products and services. Nike provides board members with regular training and education on key sustainability issues. This education promotes a more strategic, long-term approach to the board’s overall assessment of the company’s business performance.

Companies should actively seek to recruit directors with relevant knowledge and expertise – including executives from corporations with a sustainability track record or topical experts coming from specialized positions in business. Ceres found that only 19 percent of directors serving on board sustainability committees of large U.S. companies have discernible expertise in relevant issues. Even if there is just one board member with relevant expertise, he or she may be able to significantly improve the quality of the board’s deliberations and, over time, improve the understanding of sustainability among other directors.

Sustainability is a proxy for good governance. Shareholders and other stakeholders look to board engagement as an indication that sustainability risks and opportunities are adequately dealt with at the highest level.

***
Sandra E. Taylor is the CEO of Sustainable Business International LLC and served on the Sustainability Committee of DE Master Blenders NV of the Netherlands and the Compensation Committee of Capella Education Company. Sandra previously served as the senior vice president of corporate social responsibility for Starbucks Coffee Company and the vice president and director of public affairs for Eastman Kodak Company.

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.
Publication Date*: 2/21/2017 Identification Number: 1324 Mailto Link
Frequently Asked Questions
Sustainability Meets Integrity By John H. Stout
Identification Number
1307
Clearhouse
Sustainability Meets Integrity By John H. Stout
Publication Date: January 18, 2017 

 John H. Stout is a partner at Fredrikson & Byron in Minneapolis where he Co-Chairs the Corporate Governance Group and Chairs the Business Sustainability and Social Responsibility Group.

“Business sustainability” has become an important addition to board/management discussions in recent years. While the term “sustainability” has long had environmental implications, sustainability has become an umbrella for many topics, including agriculture, food, deforestation, energy resources, various human rights issues, carbon and other emissions comprising a global concern for meeting society’s current interests and needs in a manner which does not compromise the interests and needs of future generations and is protective of the planet. “Business sustainability” focuses on a company’s ability to conduct its activities and build shareholder value over the long term, balancing the need for short-term results while adapting business strategies and operations to assure long-term value creation consistent with sustainable business practices. Inherent in meeting these challenges, companies are required by law to maintain a culture that embraces ethical values and legal compliance.

Issues with corporate conduct have been with us since corporations became a recognized means of amassing capital for a business activities while at the same time limiting the risk of those who provided the capital and conducted the business activities. However, in the late 1900s and early 2000s, from Enron to the present day, the challenges of business misconduct, and failures of business integrity, have attracted the media, the courts, regulators, and lawmakers. Sarbanes Oxley was passed in the wake of Enron and the many corporate failures occurring at that time. Dodd Frank was passed following the financial crisis precipitated by widespread misconduct in the financial services industry. Currently, as we experience the misconduct of Volkswagen and Wells Fargo, it is clear that the promotion of corporate integrity defies legislative and regulatory solutions. What’s needed is a redoubling of board and management initiatives to focus on achieving a high standard of corporate integrity on which a company’s shareholders and many other stakeholders can safely rely.

Integrity is the foundation on which sustainable businesses must be built. Without integrity as the fundamental principle, there can be no sustainable business, there will be no culture of ethics and legal compliance. What shareholders and other stakeholders most need from boards of directors, as the governing bodies of the companies serve, is the assurance of their companies’ integrity. Specifically:

  • That the company has a clear business mission and values formed on balancing short-term performance with long-term enterprise sustainability, adaptability, viability, and performance.

  • That the company’s business model is sustainable and that the long- and short term risks and opportunities which accompany that model have been carefully vetted by the board, and that its strategic plans, operating plans, and business conduct embrace the governance, ethics, environmental, energy, and social practices essential to long- and short-term value creation and performance.

  • That the company’s financial and nonfinancial reporting has integrity, and can be clearly understood and relied on by those responsible for assessing, financing, working for, and doing business with the company.

  • That the company’s public disclosures and the comments of senior management and the board have integrity and are reflective of the true state of the company’s values, business activities, and financial and nonfinancial results.

  • That the company’s CEO, selected, compensated, and regularly evaluated by the board, and the senior management team engaged by that CEO, would above all of their responsibilities, see that the company’s affairs are conducted in a manner which serves rather than detracts from, the company’s integrity and reputation.

  • That the compensation and perks awarded to board members and senior management, which directors alone approve, will not in actuality or perception, corrupt their judgment, compromise their independence, corrupt the company’s culture, or otherwise detract from the company’s integrity and reputation.

  • That the company’s compensation and incentive plans for non-management employees and those doing business with the company will promote rather than corrupt ethical conduct on the part of all employees, suppliers, and customers.
  • That directors and management will avoid actual or perceived conflicts of interest which would detract from the integrity of the company and its governance.

  • That management has in place compliance systems and procedures that will provide warnings of activities that would threaten the integrity and sustainability of the company, proactively overseen by the board, and when warnings come that management and the board will investigate the issues fully, independently, and without compromising restrictions, use the results to transparently address issues and needed corrections.

The bottom line of a sustainable governance system and sustainable business conduct, is that the company’s ultimate authority, i.e. its board of directors, is proactive and vigorous in taking responsibility for the company’s integrity. From Enron to Volkswagen and now Wells Fargo, many of the corporate scandals occurred because boards failed to take responsibility for the company’s integrity, long-term value creation, and ultimate sustainability. The directors apparently did not see the company’s integrity as an extension of their own, and ultimately this is a critical point.

Given that boards are responsible for overseeing and assuring the development and maintenance of a culture of integrity, ethics, and legal compliance they must be proactive in the use of the tools at their disposal for this challenging task. Key among these tools are:

  • Recommending the election of capable directors, persons known for their integrity, ethics, commitment to legal compliance, and understand that these are critical elements of a sustainable company; persons who understand what it means to be a fiduciary and their fiduciary duties; persons who are knowledgeable about governance and oversight and possess the skills, time, energy, judgment, leadership, and courage to effectively discharge their responsibilities. Everything starts with board composition.

  • Periodically refreshing the board with directors having a variety of skillsets, including an awareness of contemporary subjects applicable to the company, its shareholders and other stakeholders such as cyber risk, social media usage, and business sustainability and social responsibility.

  • Selection of independent board leadership with the knowledge and skills to assist the board in meeting its responsibilities.

  • Selection, compensation, and evaluation of a CEO known to be ethical, and screened for past integrity, legal and ethical issues, who is experienced and committed to building and maintaining a corporate culture of integrity, ethics, and legal compliance, and has demonstrated an ability to balance short- and long-term value creation and performance.

  • Periodic independent assessment of the company’s culture, ethics, values, compliance with laws and regulations, and effectiveness of training programs designed to instill appropriate corporate values, familiarize employees with the company’s expectations as to ethics, compliance, and integrity, as well as systems designed to test the effectiveness of those training programs.

  • Recognizing that in every company there is an enterprise-wide culture and many subcultures, including the boardroom culture, the board/management culture, and cultures within subsidiaries, divisions, and workgroups. It is important to harmonize these cultures with the overall enterprise culture and values and to assess the degree to which that has occurred.

  • Periodic one-on-one interaction with key senior executives and mid-level managers, internal and external auditors, compliance personnel (particularly those responsible for company hotlines and complaint gathering systems), key group and division leaders, internal and external legal counsel, and the executive in charge of human resources, to gain insight into the company’s culture, and the elements of integrity, ethics, and legal compliance.

  • Assurance that management has in place processes and procedures for preventing and detecting integrity lapses, ethical issues, and violations of laws, regulations, company governing documents, including codes of conduct and other company policies, and for assessing risk and risk mitigation followed up with oversight over, and periodic assessment of, the efficacy of those processes and procedures.

  • Oversight over the evaluation, hiring, firing, and compensation of employees who are key to assessing, shaping, and managing the corporation’s financial reporting, legal resources, human resources, risk assessment, ethical and legal compliance environment (e.g., the CFO, controller, internal auditor, risk manager, investment relations officer, internal counsel, heads of human resources and information technology/security, and person in charge of sustainability matters). Periodic one-on-one interviews with these individuals are an essential board/committee assessment and oversight tool.

  • Engagement by the board of independent auditors and compensation consultants, as well as oversight over management’s engagement of outside legal counsel and other key advisors to assure that the loyalty of these advisors is to the company, the board and not primarily to the personnel of the company who engaged them, and confirming that they recognize their responsibilities to the board and its committees and their roles in enhancing the effectiveness of the board and its committees.

  • Periodic engagement of independent third parties to advise the board and its committees on matters with respect to which the board requires a “second opinion” or advice from a source which is not regularly engaged to serve the company under management’s direction.
  • Use of tools such as business intelligence and balanced score carding to assist with monitoring the company’s operations.
  • Use of corporate and outside investigatory and research resources to scan the backgrounds of key people and companies which the company is engaging directly or as outside vendors.

  • Engagement with management in vigorous, candid dialogue regarding strategy, opportunities, operations, sustainability issues and risks, and rewards associated with the same, and seeking dialogue with various management personnel regarding concerns about corporate direction.

  • Constantly seeking to understand risks, paying attention to warnings, and confronting problems promptly and forthrightly. Policies and procedures for assessing and monitoring risks are essential and directors must assure that they are in place and functioning well. Warnings need to be heeded and promptly investigated. Investigation means a thorough effort to obtain all relevant information using independent resources where necessary to assure objectivity. History, including Volkswagen and Wells Fargo, provides ample lessons of the disastrous consequences of cover-ups and understanding financial and nonfinancial impact once a problem is discovered.

  • Monitoring the company’s public disclosures and management comments for integrity and reputational impact, as well as credible third party commentary regarding the company, its goods and services, the performance of and conduct of its key people, and its reputation for business conduct and integrity.
  • That the public disclosures by the company, and comments of senior management and the board regarding material company affairs have integrity.

Key to markets for talent, goods and services, investment, financings, corporate transactions, and ultimately the sustainability and long-term value creation of companies, is the integrity of the company, the goods and services it produces, and the information it provides, and the people it employs. Serious lapses in corporate integrity have resulted in substantial, sometimes tragic, financial and nonfinancial consequences for employees, vendors, customers, financing parties, shareholders, and other stakeholders. Boards must redouble their efforts to assure the integrity of the companies they govern. Ultimately, the sustainability of our free enterprise system depends on it.

***

This article originally appeared in the December 2016 edition of Business Law Today, a publication of the Business Law Section of the American Bar Association.

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.

Publication Date*: 1/18/2017 Identification Number: 1307 Mailto Link
Frequently Asked Questions
Taking Your Proxy Statement from Good to Great by Ron Schneider
Identification Number
1292
Clearhouse
Taking Your Proxy Statement from Good to Great by Ron Schneider
Publication Date: December 8, 2016 

This article was written by Ron Schneider, Director of Corporate Governance Services with Donnelley Financial Solutions.

Companies are constantly innovating and pushing the boundaries of traditional proxy statement disclosure, inspiring others about what can be accomplished. Proxy innovations should align with a company’s corporate culture and support business, corporate governance, and proxy solicitation goals. Donnelley Financial recently published its 2016 Guide to Effective Proxies that is intended as a tool to help inspire and guide companies in improving the visual appeal and clarity of their proxies, as well as develop a style and format that is right for their organization.

There is no one perfect proxy or CD&A that all other companies should emulate; rather, there are many excellent proxies that work well for their companies at particular points in time. Even these successful proxies must evolve, as performance changes from year to year, areas of investor focus shift, and the key messages companies wish to highlight change.

The best place to start when refreshing the proxy is ensuring you know your audience.

Understand that different investor types read and “use” proxies differently.

For retail (i.e., individual) or employee investors – it’s a reading document. The printed and mailed proxy is the most effective and proven way to maximize retail voting participation. For employee shareholders, electronic reminder notices and follow up campaigns can be effective in generating voter turnout.

For most institutional investors – it’s a reference document. The larger institutional investors that have dedicated corporate governance, engagement and voting teams report that they use proxy advisors as screening tools, along with their own internal policies and review. These institutional investors then use proxies as reference documents. If your company is flagged by a proxy advisor or investor on an issue, that investor will likely do a deeper dive into your proxy before voting to see what you are saying about the issue. Here, navigation is critical as the investor will want to find the section or topic quickly. In this case, what’s written needs to be clear and compelling if it is to help that investor “get to ‘yes’” and support you.

Many of the larger institutional investors access online versions of the proxy – but where? Our research shows that ISS’s voting site is the top destination of major investors, and this may well continue with ISS’s recent purchase of iiWisdom, a creator of enhanced online proxies. In advising clients, we first focus on the filed and printed version of the proxy. We then ask: What else do you want to do with the enhanced online proxy, whether through a company-branded hosting site, additional color (which doesn’t cost more in a digital environment), enhanced navigation, links to videos and other interactive features?

Know the top areas of investor focus.

Through our primary research with institutional investors about their use of proxy statements, Donnelley has confirmed that the top areas of institutional investor focus are:

  1. Boards – Their independence, skills and qualifications, diversity, tenure and refreshment.
  2. Performance metrics – How do pay plans work, and does “pay support strategy”?
  3. Pay for Performance Alignment – Do you connect how you pay executives with how they and the company have performed or do you let proxy advisors and others tell this story for you? Perceived Pay for Performance disconnects are a primary driver of negative Say on Pay votes.
  4. Peer Companies – How are peers used and selected? What is the rationale for changes from year to year? Are the majority of peers size-appropriate for your company?
  5. Engagement – If you conduct regular engagement with investors, are you taking sufficient credit for this practice? You want to make sure others you haven’t or can’t engage with are aware of your efforts.

Engage with investors to develop relationships and understand informational needs.

Engagement in this context is defined as company (management, board or both) interaction with the governance teams and proxy voters at institutional investors, especially outside of proxy season when you are “chasing the vote.” These conversations typically involve relationship building, learning about investor views, hot-button issues and informational needs, as well as clarifying important aspects of the company’s story.

This engagement over governance and compensation issues typically supplements the traditional IR dialogue about company strategy, performance and outlook.

Many of our clients report that such outside-of-proxy-season (or post-meeting) engagement has been instrumental in helping them better understand how investor informational needs are not bounded by SEC disclosure requirements. It also helps them sharpen and target their messaging accordingly, helping investors better understand their companies and why they make the decisions that they do. Clearer proxy messaging helps secure investor support and also can mitigate the impact of inevitable negative proxy advisor recommendations.

Understand the relationship between content, navigation, design and context.

Content is key, as your content reflects the reality of your company, your practices and how you tell your story. Design can help make content more visible and impactful, but you can’t design your way out of a weak story. Efforts to do so likely will be seen through, which can damage your credibility and reputation.

Ease of navigation is critical, particularly for institutional investors and others using the proxy as a reference document. Not all readers gravitate to the same sections or topics for all companies they own. If you are satisfied that your content adequately and effectively tells your story, why not make it easily located and accessible? In other words, why risk key content being missed and overlooked? Navigational tools include detailed Tables of Contents, CD&A roadmaps, clear section headings and sub-headings, and page headers and footers. Online proxies should feature hyperlinked tables of contents, drop-down menus, key word search functions and other features that promote rapid and easy navigation.

Design should support the messages, and can include company-specific branding (such as branded document covers, enhanced navigation systems, page footers and web-hosting sites), as well as visual elements that by definition draw the reader’s eye and make key points quickly and impactfully.

  • When you are discussing performance achievements, why not use graphics?
  • When discussing peer companies or performance metrics, why not use a tabular format?
  • When discussing governance and compensation practices, why not use a checklist?
  • When discussing a process such as pay-setting, succession planning or investor engagement, why not use a timeline?

We’re not suggesting that every page has to feature visual elements, but increasingly, long passages of dense text risk losing readership and retention. At Donnelley Financial, we believe in “design with a purpose” as opposed to “design for design’s sake.” In other words, design can and should support and reinforce key messages and ease of location.

Context is crucial to helping investors understand and appreciate your governance and compensation programs and why they are appropriate for your company. For example, the SEC does not require companies to explain how pay supports strategy, yet that is the number one question investors have about executive compensation. Context is particularly important if you have certain practices that may not be considered standard or best practice, yet believe are appropriate for your company and thus its efforts to generate shareholder value.

Also, consider the fact that most of the proxy voters at larger institutional investors are not portfolio managers who are experts about your industry and company, but rather are governance and compensation generalists. They do wish to cast thoughtful, company-specific votes on many issues, but lack the time and resources to do in-depth research including reading the annual report, your IR website or analyst research reports. For this reason, we are seeing more companies spoon feed some business context within the proxy statement. Often this context and content are borrowed from the annual report cover letter or MD&A, or company investor relations messaging. This business content often is contained in a robust CEO or board cover letter, proxy summary or CD&A summary.

“I know my proxy is in need of a refresh, but where should I start?”

We hear this daily from clients.

Engage: First, if you haven’t yet engaged with your larger investors on corporate governance, compensation and other proxy-related issues, start developing those relationships now. During this process you may receive some valuable feedback on the quality and clarity (or lack thereof) of your current disclosures. If you are not ready for that step, review our latest survey of institutional investors about proxy statements, titled “Deconstructing Proxy Statements – What Matters to Investors.” By reading the survey data, you will get a better idea how institutional investors consume proxy statements and what can make your proxy more useful to them.

Benchmark: In addition to the governance leader companies whose proxies we may admire and even envy, take a look at the proxies produced by your peers. Your investors may own many of your peers, and they may compare the quality and clarity of their disclosures to yours. Do you appear to be making an equal effort to communicate clearly and help investors understand your company and actions?

Incremental refreshment: Remember that proxy evolution is often just that – an evolutionary process that initially takes two to three years before achieving your ultimate goal. Even then though, your philosophy should not be “set it and forget it,” since performance, investor interests and the key messages you wish to highlight may vary from year to year.

Specific areas in which we have helped clients begin a process of proxy improvement:

  • Modernize the document’s look and feel with a company-branded cover page, clearer fonts, and improved navigation via a robust table of contents and page headers and footers.
  • Add a new proxy summary at the beginning.
  • Highlight aspects of board diversity and skills via diversity graphics, and various types of skills matrices (both traditional, check-the-box matrices as well as “matrix-lite” versions that highlight board skills without naming which directors possess those skills).
  • Update and make the CD&A more visual and layered in its disclosure flow.

Start with a couple of these points one year, and then add another one or two more each subsequent year. Simply by making incremental improvements, you may be amazed at how far you will progress in just three years’ time!

Download Donnelley Financial’s 2016 Guide to Effective Proxies >>

***

Ron Schneider is Director of Corporate Governance Services at Donnelley Financial and can be reached at ronald.m.schneider@dfsco.com.

Donnelley Financial helps thousands of companies deliver accurate and timely business communications to investors, regulators and other stakeholders on our global delivery platform. A single point of contact helps you stay on top of the dynamic regulatory landscape and create, securely store, localize, analyze and disseminate critical business content for regulatory compliance, capital markets transactions, shareholder communications and language localization.

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular situation and nothing contained herein should be construed as legal advice.
Publication Date*: 12/8/2016 Identification Number: 1292 Mailto Link
Frequently Asked Questions
Outdated, Inefficient and Misused – It’s Time to Fix the Shareholder Proposal Process by John Hayes
Identification Number
1276
Clearhouse
Outdated, Inefficient and Misused – It’s Time to Fix the Shareholder Proposal Process by John Hayes
Publication Date: October 31, 2016 

John Hayes is the Chairman, President and Chief Executive Officer of Ball Corporation, and Chair of the Business Roundtable Committee on Corporate Governance.

America’s business leaders these days are highly focused on advancing the economic interests of the United States and the overall economic climate in which our companies operate. In particular, we strive to create long-term value, good-paying jobs and innovative products and services for shareholders, workers and consumers that, in turn, lead to demand creation for our products and services.

Unfortunately, the attention and focus of senior management at U.S. public companies is strained by an outdated system that needs reform: the process for submitting shareholder proposals.

Originally designed to replicate attendance and participation by shareholders at corporate annual meetings, the Securities and Exchange Commission (SEC) Rule 14a-8 is an important component of good corporate governance in the United States. Over time, however, the process has been misused by a small number of individuals – with often de minimis stakes in companies – who file common proposals at an array of corporations.

For example, during the last four years, only three shareholders and their families accounted for more than 70 percent of all proposals submitted by individuals to Fortune 250 companies. Many of these proposals do not promote the creation of long-term value for the economic benefit of shareholders. As a result, 92 percent of non-management proposals were voted down by shareholders this year.

How does such a small group dominate shareholder submissions? The eligibility threshold for submitting a proposal, set decades ago by the SEC and not updated since, has been effectively lowered by inflation and economic growth. It allows shareholders who have owned just $2,000 worth of shares or 1 percent of the outstanding shares – whichever is less – for a minimum of one year, to submit a proposal. Let’s put that into today’s context. At current market prices, an investor only needs to purchase three shares of Google’s parent company, Alphabet, to file a proposal.

An additional problem is that a 1970 federal court ruling prevents the exclusion of shareholder proposals explicitly designed to promote political, religious or social causes. This is in place even though such proposals frequently are unrelated to the business of the company in question (nor necessarily within its control). The problem is steadily worsening. In 2015, 479 proposals were filed by various shareholders that had origins tied not to issues that an informed investor would consider material to make an investment decision in such companies, but rather to social, environmental and political issues. This marked the highest number public companies have faced since 2010.

The time required to educate, respond and engage on these topics with a corporation’s shareholders is not only a meaningful distraction, it also takes away valuable time spent on ways in which companies can grow and invest in their businesses, create jobs and further develop the U.S. economy.

Business Roundtable believes this outdated, broken system needs to be fixed. To that end, we have come together and put forth specific, pragmatic solutions to modernize and improve the process, outlined in a new report.

Our first key recommendation is to update the eligibility requirements. For any topic other than the election of directors, the monetary eligibility standard should be based on a sliding scale related to company size with a requirement to hold at least 0.15 percent of outstanding stock for proposals submitted to the largest company and up to 1 percent for proposals submitted to smaller companies.

We also recommend increasing the length of the holding requirement to three years, which would mirror the standard frequently used for proxy access. Increasing the length of time a shareholder must hold stock before being eligible to submit proposals would encourage a longer-term view. In addition, the process should require shareholder proposal proponents to provide increased disclosure, such as indicating their intentions, economic interests and holdings in the target company.

Another key, equally important fix is increasing the resubmission threshold for proposals that have been rejected in previous years. Current rules allow a proposal to be eligible for resubmission if it garners at least 3 percent of the vote on its first submission, 6 percent on the second and 10 percent on the third. This means that if a proponent can win 10 percent of the vote, then that proposal can be resubmitted indefinitely. Of course shareholders should be entitled to submit proposals more than once. However, a proposal rejected by 90 percent of shareholders should not be eligible for resubmission year after year without limit.

Improving this decades-old system is overdue. It’s time to fix it for the long-term economic benefit of our companies and, in turn, the shareholders, workers and consumers that make them go.

Read the full report here >>

***

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular situation and nothing contained herein should be construed as legal advice.
Publication Date*: 10/31/2016 Identification Number: 1276 Mailto Link
Frequently Asked Questions
Common and Not-So-Common Sense on Executive Compensation by John Roe
Identification Number
1251
Clearhouse
Common and Not-So-Common Sense on Executive Compensation by John Roe
Publication Date: August 29, 2016 

This article was written by John Roe, Managing Director and Head of Advisory and Client Services at ISS Corporate Solutions.

A storied list of investors and corporate leaders including Warren Buffett, Bill McNabb, Larry Fink, and Jeff Ubben recently released the Commonsense Principles of Corporate Governance (the “Principles”), a treatise describing consensus views on key governance topics.  Sitting back and putting the Principles in perspective, we wonder – how much “common sense” is there in today’s executive compensation programs, and is “common sense” enough to satisfy the company’s stakeholders?

It turns out that the Principles, for the most part, really are “common sense” – but it also turns out that simply adhering to the guidelines provided by the principles may not be enough to keep companies out of hot water (although many of them will certainly help.)

Let’s take a walk through the principles, one by one, and see where there might still be some gaps to achieving “common sense” – and where “common sense” might not be enough.

Parsing the Common Sense Principles

Here we go, starting with the first principle (which we’ve rephrased for brevity and clarity in bold and italics throughout – see the original document for the original wording):

Executive Compensation Principle 1: Compensation plans should reflect the company’s business and the industry in which it competes. Compensation forms may need to vary for different types of businesses and different types of employees. Compensation plans will evolve over time, but they should have continuity over multiple years to ensure alignment with long-term performance.

It’s common sense that companies are customizing their programs to their unique business situations. For instance, from our Incentive Lab performance award database, we know that S&P 1500 firms that disclose metrics average 4.8 metrics in their short term programs, and 3.4 metrics in their long-term programs. A few companies skew these results since they have large numbers of metrics; the median S&P 1500 company has four short-term metrics and two long-term metrics in their most recently disclosed program.

Based on disclosure, companies are working hard to customize their metrics to their situations. Among S&P 1500 companies, we are currently tracking more than 500 different ways to describe long-term metrics and more than 2,000 ways to describe short-term metrics.

Continuity is one place where some companies have some progress left to make. Swapping metrics in and out of their programs on a regular basis with weights being adjusted frequently can raise questions among shareholders. Even proxy adviser ISS gets frustrated when companies overhaul their metrics year-to-year, as they noted in a recent proxy recommendation:

[The company’s] LTI program used at least four different metrics during the three-year period under review, and none were repeated in a subsequent year. This lack of consistency makes it impossible to determine which goals the compensation committee believes will help the company achieve long-term shareholder value creation, and makes it difficult to reward an executive for sustained growth against performance goals.

What should companies think about in addition to the Principles? Start with ensuring the metrics you select can be linked to long-term shareholder value creation, and adding rigor to how the goals are set.

Executive Compensation Principle 2: Compensation should have both a current component and a long-term component.

This is one Principle where there is plenty of common sense. Almost 95 percent of the S&P 1500 disclosed granting both short- and long-term pay in the most-recent proxy. Many of the remaining 5 percent likely are “special cases,” such Amazon’s Jeff Bezos, who receives no annual equity compensation, or Apple’s Tim Cook, who received a large grant back in 2011 and hasn’t received subsequent grants.

Data from ISS Corporate Solutions’ (ICS) ExecComp Analytics database offers a closer look, with data cut by index membership:

Outside Inside Graph 1

Executive Compensation Principle 3:  Benchmarks and performance measurements should be disclosed to enable shareholders to evaluate goal and the goal-setting process rigor. Compensation should not be entirely formula based, and companies should retain discretion (appropriately disclosed) to consider qualitative factors.

This principle is really two in one – first, encouraging adequate goal-setting rigor and disclosure, and second, encouraging companies to include a qualitative component in executive pay.

On the first part, the principle seems focused on the disclosure, rather than the process. And we firmly agree with the Principle – there are far too many companies that simply gloss over how they arrived at the goal-setting process. But that, in some cases, may be because the board did gloss over the process, electing to set the performance target at management’s business plan, and applying a simple plus or minus to arrive at the threshold and target. Clearly, the bar is rising here, and perhaps this is one of the areas in greatest need of more common sense.

On the second point, it’s clear that formulaic approaches to payout calculations are now commonplace. But contrary to popular opinion, “discretion” need not be a pejorative in the compensation context, although “business judgment” may more accurately reflect what the compensation committee is really doing.

After an empirical look at investor voting behavior, here are some “common sense” guidelines for employing and explaining business judgment in the CD&A:

  1. Limit discretionary/subjective components to no more than about 25 percent of the total STI program target.
  2. Be specific in what you’re measuring in the discretionary components.
  3. Defend, with specific examples that can be linked directly or indirectly to the well-being of shareholders, the reasoning for above-target payouts on discretionary components.

Executive Compensation Principle 4: Consider paying a substantial portion (e.g., as much as 50% or more) of compensation for senior management in the form of equity or equity-like instruments. Vesting or holding periods for equity compensation should link management’s economic alignment with the long-term corporate performance. All equity grants (whether stock or options) should be made at fair market value or higher at grant, with particular attention given to shareholder dilution.

This Principle is decidedly a mixed bag. Compensation committees are clearly delivering a lot of equity – but the long-term alignment seems to be more at the discretion of the executives than at the requirement of the committee.

Let’s start with the percentage of pay delivered through equity – where ICS’ ExecComp Analytics data shows that there is ample “common sense:”

Outside Inside Graph 1

Equity grant governance remains a work in progress, however. Vesting periods are increasingly being adopted, with many companies requiring executives to hold awards for at least one year after the grant. Equity Plan Scorecard data from 2016 shows that 51 percent of companies putting an equity plan on their ballot this year included a provision to require at least one year before the first tranche of at least one type of awards would vest.

Holding period use has increased as well but usually in the context of accelerating the attainment of ownership guidelines. Of equity plans on the ballot thus far in 2016, 38.7 percent contained a holding requirement – with 85 percent requiring executives to hold a meaningful portion of their grants until reaching ownership guidelines. Only 2.7 percent of plans this year have long-term ownership requirements, requiring executives to hold stock through the end of employment.

The jury is still out on whether luminaries such as Warren Buffet or Larry Fink would call a one-year vesting requirement, or dropping holding requirements once ownership thresholds are met, to effectively “link management’s economic alignment with the long-term corporate performance.” But compensation governance is certainly far ahead of where it was a decade ago.

Executive Compensation Principle 5: Companies should clearly articulate compensation plans to shareholders. Companies should not feel constrained by the preferences of their competitors or proxy advisors, they should articulate how compensation links to performance and aligns the interests of management and shareholders over the long term. Shareholders should consider giving the company latitude in connection with individual annual compensation decisions to well-designed compensation plans with clearly-explained rationales.

Disclosure is, arguably, one of the areas where companies have made the largest advances over recent years, moving from “how” and “what” questions of compensation to the “why” questions behind the committee decisions.

Interestingly, the Principles clearly call out “models of proxy advisors,” perhaps calling out an overemphasis on TSR for performance-based pay programs. However, for its part, ISS has been careful to say for many years that TSR isn’t the silver bullet for pay design. ISS has stated for years (page 6):

Note that ISS does not advocate that companies use TSR as the metric underlying their incentive programs; on the contrary, shareholders may prefer that incentive awards be tied to the company’s short- and long-term business goals.

If there is a failure of “common sense” on this Principle, it is that too many companies have implemented TSR as their solitary or main long-term metric, and not metrics which may more accurately reflect the evolution of their businesses, and the contributions of their executives.

Executive Compensation Principle 6: If large, special compensation awards are given to management, such awards should be carefully evaluated and clearly explained.

Special awards often cause problems with shareholders. In fact, they constitute one of the seven reasons why companies face resistance from shareholders most often. While we believe there are cases where special awards are warranted, companies must clearly and plainly lay out the rationale for these awards and how they are in the best interest of shareholders. Retention awards are particularly problematic with many investors. Historically, they have been used too often as “make-up” awards when performance awards have failed to pay out – and that’s not a good reason to use a special award.

The classic situation is encapsulated by a recent ISS “against” recommendation on a say-on-pay proposal:

A vote AGAINST this proposal is warranted. CEO pay increased significantly due to two problematic one-time awards. First, he received a large retention equity grant subject to non-rigorous performance goals measured over a relatively short two-year vesting period. Executives also received discretionary cash bonuses, intended to supplement pay after a previous performance award was earned below target. These actions have resulted in increased pay amid declining company performance.

Most companies do a good job here – but this is one case where the circumstances at hand can (and do) generate results out of line with “common sense,” and on occasion have created difficult situations for companies and their boards.

Commonsense: Necessary, but Not Necessarily Sufficient

The commonsense principles on compensation form a solid foundation for executive pay – but they are just that: a starting point. Most companies don’t – and shouldn’t – stop with the principles, but rather should move far beyond them to build robust executive compensation programs that drive broad stakeholder support. -- John Roe is Managing Director and Head of Advisory and Client Services at ISS Corporate Solutions, a unit of Institutional Shareholder Services Inc.

***

A version of this article first appeared in the July/August 2016 edition of ExecComp Insights, an e-newsletter published by ISS Corporate Solutions providing independent and insightful analysis on the latest trends in executive compensation and shareholder voting on corporate pay practices.

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.

Publication Date*: 8/30/2016 Identification Number: 1251 Mailto Link
Frequently Asked Questions
Making Sustainability Reporting Work for Investors and Companies by Alan L. Beller
Identification Number
1228
Clearhouse
Making Sustainability Reporting Work for Investors and Companies by Alan L. Beller
Publication Date: July 27, 2016

I became Director of Corporate Finance at the SEC in January 2002, in the immediate aftermath of the Enron accounting and auditing failure and bankruptcy, and most of my first 18 months at the SEC were spent on financial reporting, audit committees and the like. Even then, however, others at the SEC and I were convinced that, in the 21st century, financial information doesn’t provide a complete picture of corporate performance. We sought, with limited success mostly due to lack of bandwidth and a practicable plan for moving forward, greater emphasis on operating metrics and other forms of non-financial disclosure.

Investors agreed with the efforts then, and they agree even more violently today. In a 2015 CFA Institute survey, 73 percent of institutional investors indicated that they take sustainability (environmental, social, and governance) issues into account in their investment analysis and decisions, to help manage investment risks.

Notwithstanding the title of a recent book regarding the future of accounting, excerpted in the Wall Street Journal, accounting is not dead, and financial information and analysis remains critically important. However, investors need better disclosure in respect of sustainability matters, and under current reporting systems companies have the ability to provide what investors need. The SEC has acknowledged the need for disclosure to evolve in this area. In its long-awaited recent Concept Release regarding disclosure effectiveness, currently open for public comment, the SEC asks “which, if any, sustainability and public policy disclosures are important to an understanding of a registrant’s business and financial condition and whether there are considerations that make these disclosures important to investment and voting decisions.”

These questions bring companies and investors to an inflection point, whether or not the SEC expeditiously takes the next steps towards disclosure effectiveness. Investors want and already receive disclosure regarding sustainability and related matters through a variety of channels. Companies already provide such information, through SEC disclosures, websites, sustainability reports and questionnaires. What is needed now is a pathway to make sustainability reporting more cost-effective for companies and more decision-useful for investors. In particular, for companies sustainability reporting is already reality. The full-stretch ostrich position of ignoring it and hoping it will go away, to which some companies still seem committed, will not work. What is necessary is implementation of robust and effective governance around sustainability disclosure and effective engagement with investors, as well as other stakeholders.

As noted above, companies currently report sustainability information in a variety of channels, including the periodic reports and offering documents filed with the SEC, sustainability reports, and investor questionnaires. However, standalone sustainability reports lack standardization and comparability and in at least some cases reflect insufficient attention to existing regulatory requirements. The generalized requirements followed for some of these reports also result in both companies and stakeholders spending time and focusing attention on unimportant information. Investor questionnaires raise their own issues. Questionnaires follow different formats and seek information in non-standardized ways, and information made available to an investor may differ from that provided by the company through other channels or to another investor. This disharmony of information is not good for a company, and if there is differentiated or selective disclosure of information that is in fact material under the federal securities laws, a company’s practices may run afoul of the SEC’s Regulation FD (Fair Disclosure). This current situation provides ample evidence that companies need effective governance around the sustainability disclosure choices that they are making now.

A critical area of focus for governance and engagement involves disclosure in a company’s filings with the SEC, including the annual report on Form 10-K (or for foreign companies registered with the SEC, Form 20-F). This is the appropriate channel for disclosure of improved sustainability information to investors within the framework and requirements of the federal securities laws, and it is the one in which my principal expertise lies.

Other disclosure efforts, including those aimed at other stakeholders, should be considered as complementary to and not competitive or conflicting with the decision-useful disclosure that investors deserve under the securities laws. Continuing investor and other stakeholder engagement with companies regarding sustainability disclosure is not inconsistent with the efforts of SASB, described below, to use the existing legal framework and its standard-setting to ensure disclosure of material sustainability information in SEC filings. Neither should these other activities delay or prevent the accomplishment of SASB’s mission to make these material disclosures in SEC filings a reality.

Regulation S-K and analogous SEC disclosure regulations, which set forth the specific disclosure requirements associated with Form 10-K and other SEC filings, contain principles-based requirements that call for disclosure of both current and forward-looking information. As the SEC noted in its 2010 guidance regarding disclosure related to climate change, certain sustainability information should be disclosed under existing SEC rules. A lot of good sustainability disclosure requires careful analysis and disclosure of matters as they exist today. At least as much requires similar careful analysis and disclosure of forward-looking information, or how tomorrow is reasonably likely to turn out in respect of material matters, based on what is known today. In particular, Item 303 of Regulation S-K requires that companies describe known trends, events, and uncertainties that are reasonably likely to have material impacts on their financial condition or operating performance in the so-called Management’s Discussion and Analysis sections of their annual and quarterly reports and securities offering documents. Similar requirements exist for non-US issuers registered with the SEC in their annual reports and offering documents filed with the agency.

Because of these requirements, companies often include sustainability information in SEC filings. SASB’s research shows that information regarding 74 percent of SASB disclosure topics is already being disclosed in companies’ annual reports on Form 10-K. However, currently these disclosures are only rarely presented in a manner that is decision-useful for investors. More than 40 percent of all disclosures on sustainability topics contain boilerplate language: broad, generic, nonspecific wording. Current sustainability disclosures in SEC filings do not provide investors with comparable, industry-specific data with which to evaluate and compare performance.

Disclosure of performance on sustainability topics that would be decision-useful to investors and cost-effective and sensible for companies and that would be equal to the quality that markets expect for financial information—can best be accomplished via a clear focus on material information and on an industry-specific market standard. Just as the markets have a standard for material financial information—US GAAP—the markets need a standard for material sustainability information.

This is the need SASB was created to address. SASB standards are designed to help companies effectively disclose material sustainability information and comply with regulatory obligations, working within the framework of existing U.S. securities laws. SASB’s provisional standards have been developed, and SASB is embarking on a project to make the provisional standards final, in both cases through processes that are designed to produce standards that are cost-effective and decision-useful, and to embody in those standards industry-specific sets of disclosure topics and metrics that are reasonably likely to constitute material information for companies in that industry. SASB seeks to incorporate by reference metrics already in use by industries where it concludes that is practicable.

In order to move from boilerplate disclosure to metrics, companies will need to strengthen their governance and internal controls and procedures, as well as procedures for independent assurance. However, accepted improved disclosure on material sustainability factors will have benefits for companies. First, they will reduce the cost and burden of the plethora of varied shareholder resolutions and questionnaires that will be the most likely alternative to market standards. Second, there is some support in recent academic research that suggests that by focusing on the limited set of sustainability related risks and opportunities identified by the SASB standards—those reasonably likely to have material impacts—companies can achieve superior results, including return on sales, sales growth, return on assets, and return on equity, in addition to improved risk adjusted shareholder returns.

In addition to improving the quality of sustainability disclosure in their SEC filings, companies need to ensure their description of material information is consistent across corporate communication channels. For example, 81 percent of the S&P 500 companies now produce stand-alone sustainability reports, designed for a broad range of stakeholders. These reports often describe matters as “material” but in some cases use that term more loosely than is the case under federal securities laws. The inconsistent characterization of information as material across corporate communications channels within a company may present legal, reputational and operational risks and itself calls out for more robust governance. Significant issues arise as a result of inconsistent characterization of information as material among companies in an industry.

The SEC’s disclosure requirements including Regulation S-K already exist. To make sustainability reporting work better for companies, we need a market standard and a commitment by companies to embrace that standard. A market standard for sustainability information should reduce the pressure for additional regulation and the current practice of scattershot disclosure. It should also level the playing field, so that no one company in an industry is required to say materially more, or less, than another. Lastly, it will reduce the uncertainty around what is material, and maybe even drive competitiveness by helping companies improve performance on the most important issues for their industry.

***
Alan Beller is a Senior Counsel at Cleary Gottlieb Steen & Hamilton LLP in New York and a Board Director of the Sustainability Accounting Standards Board (SASB). He is a former Director of the Division of Corporation Finance and Senior Counselor to the Commission at the SEC.

The views and opinions expressed herein are the views and opinions of the author at the time of publication and may not be updated. They do not necessarily reflect those of Nasdaq, Inc. The content does not attempt to examine all the facts and circumstances which may be relevant to any particular company, industry or security mentioned herein and nothing contained herein should be construed as legal or investment advice.
Publication Date*: 7/27/2016 Identification Number: 1228 Mailto Link
material_search_footer*The Publication Date reflects the date of first inclusion in the Reference Library, which was launched on July 31, 2012, or a subsequent update to the material. Material may have been previously available on a different Nasdaq web site.
Page: 1 of 1
home_footer_links
Copyright_statement
App Store       Google Play       Windows Store       Governance Clearinghouse RSS Feed
The Nasdaq Stock Market, Nasdaq, The Nasdaq Global Select Market, The Nasdaq Global Market, The Nasdaq Capital Market, ExACT and Exchange Analysis and Compliance Tracking system are trademarks of Nasdaq, Inc.
FINRA® and Financial Industry Regulatory Authority, Inc.® are registered trademarks of Financial Industry Regulatory Authority, Inc. OTCBBTM and OTC Bulletin BoardTM are trademarks of FINRA