clearinghouse_bannerNasdaq Governance Clearinghouse
Q&A Proxy Season Audit Committee Ethics Board Refreshment Cybersecurity JOBS Act

Fredrik Voss, Nasdaq Vice President, Talks About What Blockchain Could Mean to Your Company, Part 2
Publication Date: April 28, 2017

Following up on our interview last year, we had the chance to speak again with Fredrik Voss, who is spearheading Nasdaq’s blockchain innovation initiative. Fredrik described the advances and accomplishments over past year, and gave us some idea of what to expect in the future. Excerpts from our conversation follow.

Q: Last year, Nasdaq announced a blockchain-based solution for voting in Annual General Meetings in Estonia, an application of the technology that went beyond settlement and clearing, an area that seems to be garnering a lot of attention. What made you choose this project?

A: We chose that project for a couple of reasons. One, we deliberately wanted a project that wasn’t related to the issuance and settlement of assets on blockchain. We wanted to do something else. We also wanted a project where we really had to explore issues around identity on the blockchain: the identity of a person, identity of a person representing a firm and then firms and people representing other firms in a proxy arrangement.

So those were two things we wanted to explore and then we wanted to find a space where we could do that with internal knowledge and by leveraging the blockchain technology and know-how from our partner Chain. It so happens that in Estonia, we actually do run annual general meetings for a number of companies, as a service. So we had a good understanding of the current business process, so to speak. Also, we would have to rely on a central security depository (CSD) for a share ownership data and we actually own and operate the CSD in Estonia.

As we explored leveraging that environment, we also identified that the Estonian government has put in place a system called e-Residency, which is an advanced way of handling digitized identity for Estonian citizens, but anyone can become an electronic resident of Estonia through that mechanism. So a lot of planets aligned while we picked that particular use case and that particular market as the pilot.

Q: With respect to annual meetings, what are the advantages of a blockchain-based system versus the traditional model?

A: You can obviously do electronic remote voting using traditional technology but the blockchain (or distributed ledgers) has some inherent capabilities that make them quite attractive for a use case like annual meetings, in that it’s very easy to track the provenance of a digitized asset. A digitized asset can be anything, but in this case, it’s a vote, and it is easy to track its whereabouts in a blockchain user base.

One of the problems with the proxy process today is actually demonstrating to the shareholder that their vote was cast in accordance with the instructions of the shareholder. It is actually difficult to do that. But with blockchain technology, you can easily track the whereabouts of that vote. Also, with this system, the ledger is immutable; you cannot change the records, you can undisputedly prove that votes were cast in accordance with the instructions.

Basically, the way it works is that when a vote is coming up, you poll the CSD, and you issue the right number of voting tokens to the shareholders. An individual shareholder can then transfer that voting token to a delegate, or of course they can vote on their own as well. Then you can actually track the whereabouts of that voting token in the network. You can also see in which ballot – if it was in the yes one or the no one –it was cast. There are some inherent functions in blockchain that make it an easy technology to use for that particular use case.

Q: So a company is no longer just sitting back and waiting for the votes to come in? They actually have total visibility into the whole process from beginning to end?

A: Exactly. They have total visibility from the issuance of those voting tokens. You can allow various parties to see where the votes are in the network, and if you are the shareholder, for example, and if you delegated your vote to someone, you can actually see where it is, you can see when it’s cast, you can see in what ballot it was cast, depending upon the rules of the voting process. You can allow the issuing company to see the complete picture of where the votes are for everyone in the network.

The technology provides transparency and certainty to these processes. You cannot quite emulate that using the existing technology of trusted third parties and traditional databases. That would be a more complex and cumbersome solution to build than versus leveraging the inherent capabilities of blockchain ledgers.

Q: In a report issued in January 2017, the Estonia AGM project was described as “successful” and well received by the user community. What were the highlights from this effort?

A: As highlighted in the report, we tested our solution in cooperation with a recently listed Nasdaq Tallinn company, LHV Group, an Estonian financial group. Some reactions from LVH’s management team were:
  • Mr. Erki Kilu, CEO of LHV Pank: Testing the prototype was simple and user friendly. The options were intuitive and required minimal amount of clicks. It is a joy to use a blockchain-based system that actually works and which is awaited by the market and can be used by thousands of people at the same time.
  • Mr. Madis Toomsalu, CEO of LHV Group: It is a good initiative (i.e. start-up) and has a lot of potential. Testing of the prototype was convenient and simple. If the future solution enables mobile ID authentication as well and the security is granted, then we would definitely consider using the product in the future.
Some feedback we received from various investors included:
  • “The GUI was very clean and intuitive, design is nice.”
  • “Everything was logical, simple and understandable. The only disappointment is that I did not find any bugs to report.”
  • “Quick and simple way to vote. The future seems bright!”
They appreciated the transparency in the process. We had proxy companies and custodians involved in the process, and for them, the fact that they now could validate and have evidence that they have fulfilled their obligations was helpful for them. We also learned a couple of things on what is needed to do to make it a complete product, so that was helpful as well.

Q: Looking back on the Estonia project, in what areas do we still need to make improvements?

A: I think the core piece of the solution is very solid. To make this a complete and attractive solution for the users there are some areas we can improve upon. Currently, for example, you have to use a laptop to participate remotely. Obviously you want to be able to provide handheld capabilities. What we delivered was sort of a first minimum viable product or a pilot, and there are some analytics and additional features we’d like to add to it when we turn it into a full blown product.

Q: Do you think that blockchain technology will facilitate shareholder engagement?

A: Totally. That’s one of the key promises of the technology. We explore, broadly speaking, three uses of the technology. The first would be post-trade issuance and settlement, as you mentioned earlier. We’re also looking to regulatory transparency. But we also are looking at whether this technology can be used to bring issuers and investors closer to each other. And I think this project proves that is the case.

We think that a solution like this could promote a more active investor base. It will be a cheaper, more intuitive, more effective way of participating. For example, in a shareholder meeting, it doesn’t mean that everyone wants to participate on their own, but the delegation methodology is a more attractive solution for the issuer, the investor and the proxy custodian. So this project is actually evidence that the technology potentially has that capability.

Of course, to continue on that theme, that voting token we talked about earlier could basically be any digitized asset. If you’re a coffee company, the token could be a beverage coupon that you can easily send to your shareholders using the electronic ledger network, as an example of something you could do in the future. So we definitely think the technology will facilitate shareholder engagement.

Q: Nasdaq is utilizing blockchain technology with private companies through the Nasdaq Private Market. How are private companies utilizing the blockchain technology?

A: That is the first project we embarked upon, what we call the Linq project, which combines Nasdaq solutions with technology developed by our partners at Chain. That falls into the first bucket of the areas we’ve explored: the issuance, settlement and transfer (in the case of secondary market transactions) of ownership of securities. So that is mainly how we’ve used the technology in the private company space.

So basically, a private company using this solution issues shares, and it can transfer those shares to its investors. When investors trade in the secondary market, they can transfer ownership of those shares using this technology. This is all electronic, secure, and done in real time. But there is no trusted third party in the middle. There is no central depository involved so this is a true peer-to-peer network that’s leveraging the technology. It is actually the technology that keeps track of who owns what, instead of a trusted third party in the middle, like a depository.

Q: With private companies, what advantages does the distributed ledger provide over traditional systems?

A: In the U.S. for example, you’ve traditionally had paper certificates. You’ve had capitalization tables being managed in Excel spreadsheets. You have had these certificates being shipped by common carrier, and stored in vaults. You’re talking about a labor intensive, error prone infrastructure…but the key feature has been a peer-to-peer network between these parties. Now you can actually keep this peer-to-peer network if this industry does not want to have a depository function in the middle. This technology secures the processes, provides capitalization information in real time, and is cheaper than the way it happens right now.

Q: How do you see the landscape changing in 2017? What roadblocks are limiting the mass adoption of the blockchain technology?

A: In terms of blockchain in capital markets, we are sort of moving out of the proof of concept (POC) era. Not only at Nasdaq, but among the blockchain industry as a collective, there are fewer POCs, and we are seeing more and more solutions, products being deployed for real assets with real customers. So we are leaving the POC era and entering into more of a pilot era with real products. It’s going to be interesting to follow how those products perform over the next, let’s say, two years. We are seeing increased certainty in the technology. That said, blockchain is not yet, of course, a mature technology.

We will see a lot of evolution in blockchain protocols over the coming years and there are still certain issues around functionality that need to be developed. But we and others increasingly believe that actually these types of enhancements they will be achievable and where companies like our partners Chain are in the forefront. So the technology seems to be increasingly validated as a good candidate for use in capital markets. Now the focus is on the obstacles or challenges limiting wide-scale adoption, and they are mainly non-technology related and non-technical in nature.

One challenge is actually going from vision to concrete designs of how these solutions, these networks, are going to work. The blockchain has wonderful potential as an enabler of faster transaction processing, lower need for capital, better operations, lower cost for IT, among other things. That is the vision – but actually bringing that down into a concrete design that a community of users can agree upon? That’s not a show stopper but it takes a bit of time to achieve. So that’s one area.

A second area is legislation and regulation. Some of these new business models and market structures that are being thought about are so innovative that they are simply not contemplated by existing laws and regulations. The issue is not that they are prohibited, the issue is that there’s a legal uncertainty around them in the current regulatory context. You cannot expect capital market participants to allocate billions worth of assets into solutions where there is legal uncertainty. So there needs to be some legal and regulatory innovation in parallel with the technical innovation. Again, that is not a show stopper – we change laws and regulations all the time, but it takes a bit of time and effort to do it.

Third is something Nasdaq has been thinking about from the beginning: the integration and transition processes. Whatever you want, the fact of the matter is that this technology is being implemented in a pre-existing context – a rather complex technology infrastructure. It needs to be integrated in an efficient way. And then, of course, if your business idea or your business model relies upon replacing a pre-existing piece of infrastructure, you also need to have a credible transition plan to put in the new and get rid of the old technology. You don’t want to be stuck halfway through a transition process because then you end up having to support both the old infrastructure and the new infrastructure. We don’t want that to happen.

So while technology evolution is still very important, that is less of a concern. Now, more and more focus in terms of challenges is being directed to these three things I just spoke about.

Q: What effect do you think the proposed changes to Delaware General Corporate Law (DGCL) will have on the adoption of blockchain technology for corporate purposes?

A: That is an example of an initiative that addresses the challenge of legislative and regulatory uncertainty. If you can create legal certainty that, for example, shares issued in the blockchain format actually represent ownership in the company that would be tremendously helpful. So I think these proposed changes are a sign that these challenges are starting to be addressed, and that is positive for the landscape.

Q: Besides annual meetings and settlement and clearing, what other uses of blockchain do you foresee for publicly-held and private companies?

A: In terms of the corporate nature of things, those are definitely the key areas. Particularly, issuance, settlement, and transfer of ownership combined with services like voting. That is core. There are a lot of use cases that could be relevant for companies in certain industries.

We know, although we are not active in some of those industries ourselves, that there are a lot of use cases being explored in the insurance industry, in supply chain management, and a number of initiatives in the healthcare industry. So there could be broad implications – some in specific industries, but also general features that address needs for all companies, regardless if they are private or public.

Q: Basically new infrastructure for them to utilize at that point?

A: New and better infrastructure. Of course, if the technology delivers on its promises in terms of creating better transparency into who owns a company’s shares, you can think of all kinds of interesting things that a company can do with that information to become a more valuable company to its shareholders.

Q: Last question: do you have any other projects planned for 2017?

A: Yes, there are a number of exciting projects going on. Some are public; some are yet to be publicized. One that has been publicized is that we are working together with a company called The New York Interactive Advertising Exchange (NYIAX) to create a blockchain-based marketplace for advertising instruments.

We are continuing to work on the Linq concept with our partners at Chain and expanding the feature sets. We’re expanding the markets for which it is used. We already use it for company shares and we’ve announced that we’re going to use it for alternative investments as well. And as I said, we are working on the features included in the Linq solution as well.

We have also added blockchain capabilities to the Nasdaq financial framework, which is basically a platform for capital market applications, where a user of that platform can use any data store they want. You can use the blockchain or you can use a traditional data base or you can use them in combination.

And then we have a couple of other projects that we actually cannot talk about publicly yet, but when we can, we can add them to the list.

Q: Sounds good. Let’s catch up again next year and you can tell us more about this.

A: Yes, we should.

Frederik Voss is a Vice President at Nasdaq responsible for Nasdaq's blockchain innovation initiative.


audit committee
Is Your Audit Committee Overloaded?
Publication Date: April 20, 2017

Strained audit committee agendas are a growing concern of the corporate governance community. In addition to the already weighty oversight responsibilities over financial reporting, internal controls, and the qualification and independence of a company’s independent auditor, audit committees are increasingly tasked with taking a larger role in corporate risk management. Nasdaq asked Angela Brock-Kyle, an experienced risk and governance consultant and audit committee veteran, to share her insights on this topic. She described the warning signs of potential audit committee overload and outlined strategies to mitigate it.

Q: Are audit committees overloaded and if so, what is causing this trend?

A: Yes, some audit committees are overloaded and overwhelmed, but the causes depend on the particular situation.

One factor causing this trend is that audit committees are often viewed as the natural place for boards to move items that are new or of concern, whether from a risk perspective or understanding a new regulation. That practice may be driven by the fact that boards often rely on the audit committee to be a “committee of experts” that can quickly slice and dice to get to the core of new issues and come back with either a plan of attack or some reassurance that things are well in hand.

Another factor is that business changes seem to, immediately or long term, drive new issues toward the audit committee. As companies grow and evolve, they offer new products or new services, enter new geographic regions, or they begin dealing with new suppliers. In addition, the paradigm shifts that all companies are dealing with, for example in the technology space, means boards must examine cyber risk, understand big data, and become familiar with any number of other technology-related issues.

Like many organizations, audit committees in and of themselves are subject to inertia. If you compare what was on their docket five years ago to their agenda today, they may not have made necessary changes to the pace of meetings or the intervals between meetings, or taken a “white board” approach to thinking about how to do things differently or what other resources might be brought to bear on the situation.

Q: What are some red flags that an audit committee may be overtaxed?

A: A number of signs may indicate that an audit committee is struggling to address the scope of its assigned workload in the proper level of detail:
  • Meetings that are consistently rushed, because a committee is still allocating the same hour or 90 minutes to cover double the number of topics that were covered before.

  • Board books that are edited right up to the start of the meeting or sometimes during the meeting. Although that can happen from time to time, it shouldn’t happen at all. If there isn’t predictability, deadlines and order to the process of updating board books in advance of meetings, that is one indication of being overwhelmed.

  • Too many one-off or sidebar conversations, where some audit committee members are muttering amongst themselves or reaching out to the audit chair to express concerns that issues aren’t being handled properly because there isn’t enough time during the meeting.

  • A board assessment result that indicates board members aren’t confident the audit committee is doing its job properly.

  • Lack of a structured board refreshment process to identify who should be on the audit committee and what skills and knowledge they bring to the table.

  • No time or effort to access expertise outside of the company, either for director education or industry education.
Q: What strategies can the board implement to effectively manage a robust audit committee agenda?

A: Start with a clean perspective. Don’t rely on the way the committee has done things in the past: focus instead on what needs to be done, what issues the audit committee should be handling and how they should handle them. Look across that broad landscape to develop strategies to ensure the audit committee is effective.

In my experience, there are several strategies that work well:

Delegate work to other board committees or audit subcommittees.
A good first step is to examine the audit committee “kitchen sink” and talk through whether all agenda items properly belong there. Some items may belong under the purview of another committee, or a subcommittee should be convened to better handle certain topics. Subcommittees are an effective way to compartmentalize issues and have a subset of the audit committee work on problem A, and a different subset of the committee work on issue B.

“Right size” the audit committee meeting schedule.
It’s critical to look at the calendar to ensure there are enough official audit committee meetings scheduled to support the audit agenda and any special situations that arise. The committee can also consider scheduling more meetings between the official board meetings, with relevant experts. For example, if there's a technology issue that's arisen and you don’t have that expertise on your audit committee—which is a regular occurrence these days—there should be room in the meeting schedule to tap outside resources that can help the committee understand those issues or bring things back online without over-burdening the agenda.

Tap outside expertise to fill in knowledge gaps and triage agenda items.
Many corporate boards view themselves as being time constrained and don’t reach out to a wider than normal array of resources (both inside and outside the company) to get a holistic perspective of how the company is doing. Taking the time to gain additional insights helps the audit committee to focus meeting time on the right topics for the right amount of time.

Although there may be ten different issues on the agenda, they should not all receive the same weight or attention. And some of them can drop off for a while, and then come back. For example, there are often issues a board may think are critically important, but once they get outside information on those topics, they realize they have it better covered than they thought. Or, they become aware of other simmering issues. I've had more of the latter experiences, where with the help of outside resources we identified issues that had not fully developed and nipped them in the bud.

Building time into the calendar for regular engagements with experts inside the company, like the CFO, internal audit, the CRO, the CISO, and other folks who have important perspectives frequently proves as helpful as meetings with outside experts like external auditors.

Be flexible on the spot to fully accommodate agenda items.
I once participated in an audit committee meeting that had a crowded agenda and a new audit committee member. That meeting absorbed not just the time that was allocated to the audit committee, but also the time that was allocated to the board meeting immediately following. While it took much more time than expected, after the meeting a few committee members expressed that it was one of the best audit committee meetings that they had participated in. When it’s possible, an on-the-spot extension of a meeting time to sufficiently cover a crowded agenda helps ensure committee members are satisfied that critical issues are well in hand.

Q: Is the audit committee the right place for risk management?

A: No, I don’t believe that the audit committee is the right place for risk concerns to land, unless they are related to the audit process. While the audit committee can handle certain risk issues, enterprise risk is a subject that everyone on the board needs to engage in and share their perspectives. There are three topics that the entire board owns: dealing with the CEO and compensation issues, strategy, and risk management.

A collective effort should be made by the board to gather information from many resources (inside and outside the company), to engage with accounting firms and law firms, to read about all sorts of governance issues and current events. They should position themselves to understand, at a minimum, as much about the company as the CEO understands. Then board members can lift their heads above the treetops and survey the landscape from that perspective to get a sense of the range of risks, and put their heads together as an entire group (not a subset!) to strategize how to address and mitigate those risks.


Betsy Atkins

Angela Brock-Kyle is founder and CEO of B.O.A.R.D.S., a privately held governance, strategy and risk advisory firm. In addition, Angela sits on public and non-profit boards. She serves as audit chair and member of the nominating and governance committees of Infinity Property and Casualty Corporation (NASDAQ: IPCC); a trustee of Guggenheim’s Rydex Funds on the audit, governance and risk and compliance committees; a trustee of the YMCA Retirement Fund on the investment and compensation committees; and formerly served on the audit committee of the United Way. Angela enjoyed a 25-year career with TIAA, where she served as a senior leader in the asset management and risk management organizations.

Five Key Components for Building and Maintaining an Ethical Workplace Culture
Publication Date: April 11, 2017

A strong ethical culture is essential to effective compliance risk management. There is no shortage of compliance failures to illustrate how a weak ethical culture can sabotage even the best corporate compliance programs. Almost universally, misconduct took hold in these cases because employees felt pressure to prioritize performance over compliance and, in response to such pressure, figured out how to evade controls meant to ensure compliance.

Given the importance of ethical culture in producing positive outcomes and enabling business goals as well as its profound impact in preventing significant compliance failures, boards and executive management teams should make sure the company’s approach to building and maintaining an ethical culture incorporate these key best practices:

1. Establish clear accountability for ethical culture as a management function

Ethics and compliance functions rely on similar skillsets, leverage similar tools and operationally need to be well-coordinated. While program management for ethics and compliance program elements can be combined, ultimately, an ethical workplace culture is determined primarily by senior executive management, not by an Ethics and Compliance Department.

To ensure that managers understand their accountability for setting the company’s ethical culture:
  • Establish an Ethics Steering Committee comprised of senior business and operations executives along with senior representatives from compliance, Human Resources (HR) and Communications to ensure the ethics program is fully integrated in the business’ operations;

  • Appoint a senior executive as the Ethics Officer (as a part time role) for each geography or business unit to evaluate and reinforce the ethical culture; and

  • Connect ethical conduct to compensation and make it part of each executive’s performance objectives.
2. Evaluate your employee-facing compliance policies so they enable rather than inhibit ethical culture

Overly detailed and technical policies can undercut an ethical culture. This is especially true when responsibility for compliance falls on individual “line” employees and managers. Think of the core messages that are commonly associated with ethical business – “we are a values-based organization” or “we trust our employees to exercise good judgment.” – Now consider a lengthy compliance policy that reads like an excerpt from a federal regulation. The implied message this type of policy can convey may inhibit an ethical culture, and instead, imply counterproductive messages such as – “we are only concerned with bare legal or technical compliance” or “you could try your best but still get something wrong.”

To demonstrate that compliance policies are ethical culture enablers:
  • Create a policy committee comprised of average level employees and managers to review new company policies to make sure they address employee needs with appropriate but not hyper-technical detail;

  • Post employee compliance policies on their own intranet site supported by strong search functions; and

  • Use reading level software on all policies – targeting readability at below the average education level of your employees as many are likely not familiar with the topic.
3. Include ethical behaviors in promotion criteria

When employees perceive that ethical behavior helps them climb the corporate ladder, it reinforces the emphasis that the organization places on building and maintaining an ethical culture. Many companies require some form of risk screening for employees under consideration for promotion to senior level positions. In some instances, this involves reviewing HR files to make sure there have not been any disciplinary actions or significant policy violations; in others, it can involve credit, litigation or public records review to make sure that the individual does not pose risks to the organization before ascending into a position of greater trust and influence. Keep in mind, however, that a lack of unethical conduct is not the same as affirmatively demonstrating ethical behavior.

To help ensure that your promotion process reinforces the importance of an ethical workplace culture:
  • Incorporate specific ethical behaviors into performance and promotion expectations, such as keeping promises and commitments, upholding values while under pressure and demonstrating honesty and transparency;

  • Require a manager to document instances of employee integrity before a promotion to a senior level position; and

  • Conduct 360 degree reviews of high potential staff prior to promotion.
4. Ensure executives and managers have the skills to build and maintain an ethical culture

It can be tempting to confuse personal ethics with ethical leadership – to believe that because someone is an ethical individual with personal integrity that he/she will naturally become an ethical leader. To be sure, ethical leadership starts with personal integrity. But it also means understanding team dynamics, motivations and pressures and how those may influence employee perceptions and behaviors. Lastly, and perhaps the most intimidating to many managers, ethical leadership involves speaking confidently and effectively about the company’s values and “ethical narrative.”

To help ensure that your managers are ready to be ethical leaders:
  • Explicitly incorporate ethical leadership into general leadership development courses, helping new managers understand that ethical leadership is just a key dimension of good leadership;

  • Require managers to share a personal message about their values or a story about an ethical dilemma they have faced; and

  • Provide managers with prepared discussion frameworks to help with discussions about ethical issues with their staff.
5. Prepare managers to identify and respond to employee ethics and compliance concerns

As with most workplace concerns, employees are most likely to raise ethics and compliance concerns with their managers – in most studies, reporting to management is favored by large margins over going to HR, the law department or the hotline. It is therefore all the more important to train managers to recognize signals from their employees. An employee’s offhand “comments” at the end of a meeting might be viewed by an untrained manager as just office banter, but for the employee, who was likely mulling over this issue for days and the potential risks and rewards of coming forward, he or she just raised the issue to management and expects some sort of response. In addition to missing the opportunity to address an issue early-on, if the manager misses these signals repeatedly over time, the team’s ethical climate can begin to erode as issues are not addressed and bad behavior becomes enculturated.

To help ensure that your managers can identify and respond to issues effectively:
  • Make identification and responding to employee ethics and compliance reports part of your annual training program for managers;

  • Provide managers toolkits on how to respond to employee concerns, including what to say and who to contact based on the issue involved; and

  • Reinforce the importance of engaging company resources quickly rather than trying to solve the problem themselves.
The author, Michael Kallens, is an Associate General Counsel in Nasdaq’s Office of General Counsel and is a senior member of Nasdaq’s Global Ethics and Compliance Team. Michael has led industry working groups on developing best practices for corporate ethics programs and is a frequent speaker on ethics and compliance topics. In 2014, he received the Outstanding In-House Counsel Award from the Association of Corporate Counsel-National Capital Region for his work in the area of corporate ethics and compliance.

board refreshment
Seven Critical Elements of a Board Refreshment Plan
Publication Date: April 3, 2017

We asked Betsy Atkins, veteran of 23 boards and 13 IPOs, to share her perspective on the art and science of board refreshment. In addition to her board service, Ms. Atkins is also well known for making very early stage investments in Yahoo and eBay through her venture capital firm Baja LLC. Following is her sage advice on structuring an effective board refreshment cycle.

1) View the corporate board as a strategic asset, not just a fiduciary.

The first step to an effective board refreshment plan is understanding why refreshment is so important. Historically, the function of boards was to act as a financial fiduciary and steward for shareholders. However, for the past decade or so, the role of boards has been evolving as boards are being held for “futureproofing” against threats, and ensuring the competitive relevance of the company.

Just as a company’s leadership team is forward-hired based on long-term strategy, the board is now equivalently an asset to be reviewed for critical expertise and experience, and refreshed as needed. Unfortunately, it’s still not common for a board to have a holistic view of board composition as a strategic asset, and many corporate boards still view themselves as fiduciaries.

2) Take a proactive versus reactive approach.

It’s never been more important to address the topic of refreshment internally- if the board doesn’t proactively think about it, somebody outside the organization is going to raise it. Index funds that were traditionally passive are now beginning to push for diversity, governance refreshment and renewal, and are raising questions on term limits and age limits.

A board should have an annual governance committee calendar with explicit agenda items, just as it does for compensation committees and audit committees. A typical governance committee refreshment calendar might run as follows:
  • Q1: Review board composition, long-term succession planning and rotation schedules.

  • Q2: Map board skill sets to the corporation’s long-term strategic plan.

  • Q3: Review the board skills matrix to identify gaps.

  • Q4: Outline a plan for executing graceful rotations and engaging search firms to assist in filling gaps.
A standardized annual process for board refreshment establishes expectations on term limits from the beginning, ensures recruitment of new members is not a shotgun affair, and takes the personal element out of rotating members off the board. Board refreshment becomes a pure, professional process for identifying and filling needed skill sets.

3) Annually map board skill sets against the company’s long-term strategic plan.

In the absence of a detailed vision of board composition, it’s human nature to place a premium on good working relationships. Therefore, it’s very important when taking a strategic approach to board refreshment to identify whether the board’s skill sets align with the company’s long-term strategic needs.

A board needs to look closely at its company’s long-term strategy, map that against the skills around the table, identify potential gaps, and create a matrix. The skills matrix is not a one-and-done task-it’s a living document, updated every year against the company’s strategy. For example, the board of a bricks-and-mortar retailer planning to establish an ecommerce channel might determine it needs a board member with ecommerce, web advertising and data analytics expertise.

4) Do not let search firms drive the recruitment process.

Too often a board’s decision to replace a member is triggered by a retirement, an activist, or an institutional shareholder. The result of a passive refreshment process is that search firms wind up driving recruitment by default. A far better practice is for the governance committee to lead the board through it as part of the natural refreshment cycle. That way, the board gets the critical skills it needs and new members understand from the beginning that it’s not a lifetime appointment.

When refreshment is driven by a standardized process based on maintaining competitive skill sets, the board isn’t caught back on its heels if a board member is suddenly incapacitated or an activist rattles the doors. It’s also easier to tell a colleague that it’s time to surrender their board seat to somebody who has more critically relevant experience.

5) Set guidelines for retirement or term limits.

Retirement ages are extending, because people are staying active longer and working longer. Age limit guidelines are an effective way to trigger graceful rotations and maintain director independence. The term is guideline—not mandate—because it’s important to retain the ability to waive the age limit as part of governance. For example, at Berkshire Hathaway they’ll likely waive any age limit as long as Warren Buffet is sharp.

Europe is leading the way in board term limits; some European countries have already mandated 10-year terms. Institutional shareholders in the U.S. are taking note and beginning to discuss term limits as a method to maintaining director independence. Term limits also keep a board’s skill set fresh—but again, the governance committee has to retain the ability, by exception, to waive it. Microsoft isn’t going to ask Bill Gates to step down anytime soon.

6) Don’t get too comfortable with board colleagues.

It’s only human that people who serve together on a board will over time become friends, just as coworkers often do. So it becomes awkward to tell a long-time board colleague that they aren’t the right person going forward. To make it more difficult, boards lack the hierarchy of a private corporation. Instead they are led by a group of peers, with a lead director or a chairman who should together with the governance/nominating chair own the board makeup and refreshment topic.

Executing a proactive approach to refreshment eliminates the awkwardness of asking long-time colleagues to leave a board, because transitioning board members off becomes part of a natural, smooth cycle. The expectation is set from the beginning that board appointments are not for life.

7) Measure boardroom diversity using a holistic set of benchmarks.

Diversity shouldn’t be measured strictly by gender. What boardrooms need is diversity of perspective: gender diversity, ethnic diversity, international diversity, entrepreneurial diversity, and don’t forget technical diversity as technology is the biggest disrupter of virtually every business.

Betsy Atkins serves as President and Chief Executive Officer at Baja LLC, a venture capital firm. She is currently Lead Director and Governance Chair at HD Supply. She is also on the board of directors of Schneider Electric, Cognizant and Volvo Car Corporation. She also served on the board of directors at Nasdaq LLC and as Clear Standards CEO and Chairman. She is also on the SAP Advisory Board, among many others.

A self-proclaimed “veteran of board battle scars,” Ms. Atkins will be collaborating with Nasdaq to produce a series of corporate governance “nuts and bolts” articles. Stay tuned for an upcoming interview with her about the importance of executive sessions as a risk mitigation strategy.

Do you have a question about corporate governance for Betsy Atkins? If so, please send your question to and we may address it in a future post.

Top Cybersecurity Concerns for Every Board of Directors: Technology
Publication Date: March 29, 2017

This is the third of a four-part series of white papers authored by Cybersecurity expert John Reed Stark. This series -- published for the first time on Nasdaq’s Governance Clearinghouse --outlines a strategic framework for boards of directors to effectively analyze and supervise corporate cybersecurity risks.

The technical systems in place at any company provide the foundation for cybersecurity infrastructure and should be one of the primary focuses of any board of directors. Top Cybersecurity Concerns for Every Board of Directors: Technology outlines the various technological system classifications involved in an effective cybersecurity program.

The data points covered in the attached white paper are organized into broad categories helpful for shaping analysis and scrutiny and include:
  • Evaluating logging capabilities
  • Vetting penetration tests and testing consultants
  • Adopting data loss protection (DLP) systems
  • Patching and updating software
  • Installing endpoint detection and response (EDL) tools
  • Assessing physical security of facilities
This four-part series of white papers covers the following cybersecurity topics:

Part 1, Cybersecurity Governance: critical components related to the governance practices, policies and procedures of a strong cybersecurity program.

Part II, People: cybersecurity recruitment, training and retention as well as hiring outside firms for digital forensics and data breach response.

Part III, Technology: the technical systems that provide the foundation for cybersecurity infrastructure.

Part IV, Data Mapping and Encryption (Coming in May): the board’s oversight responsibilities with respect to two of the largest enterprise undertakings in the field of cybersecurity: encryption and data mapping.

By using these white papers as a guide, boards of directors can become not only more preemptive in evaluating cybersecurity risk exposure but they can also successfully elevate cybersecurity from an ancillary IT concern to a core enterprise-wide risk management item.

Read John Reed Stark's Latest White Paper on Cybersecurity Technology >>

John Reed Stark is President of John Reed Stark Consulting LLC, a data breach response and digital compliance firm. Formerly, Mr. Stark served for almost 20 years in the Enforcement Division of the U.S. Securities and Exchange Commission, the last 11 of which as Chief of its Office of Internet Enforcement. He also worked for 15 years as an Adjunct Professor of Law at the Georgetown University Law Center, where he taught several courses on the juxtaposition of law, technology and crime, and for five years as managing director of a global data breach response firm, including three years heading its Washington, D.C. office. Mr. Stark is the author of, "The Cybersecurity Due Diligence Handbook," available as an eBook on Amazon, iBooks and other booksellers.

jobs act
Nasdaq Testifies on the JOBS Act at Five
Publication Date: March 22, 2017

Edward Knight, Nasdaq’s Executive Vice President, General Counsel and Chief Regulatory Officer, testified before the House Financial Services Committee Subcommittee on Capital Markets and GSEs on the impact of the JOBS Act and proposals to further enhance capital formation. As the only Exchange invited to testify, Mr. Knight noted the success of the JOBS Act in allowing companies unready for the public markets to stay private longer and allowing many companies that were eager to go public to do so. However, he also noted certain difficulties in being a public company and suggested simple reforms that could restore balance and improve the public company experience without sacrificing investor protections. These reforms include:
  • allowing early stage, high growth companies to choose a market structure that aggregates liquidity for their shares;
  • increasing the transparency around proxy advisory firms and requiring those firms to disclose potential conflicts of interest;
  • allowing companies of all sizes to initially submit their IPO and other types of registration statements on a confidential basis;
  • extending the testing the waters provisions to all companies;
  • modernizing the proxy access rules;
  • updating corporate disclosure rules; and
  • streamlining shareholder record keeping and communication systems.
Read Nasdaq’s testimony >> 

Learn more >>


Governance Clearinghouse RSS Feed Governance Clearinghouse RSS Feed

In the News
2017 Shareholder Activism Preview: Business As Usual
Publication Date: April 28, 2017

The Manhattan Institute’s Proxy Monitor has published a report that details 2016’s proxy season shareholder-proposal activism and previews the 2017 season.

According to Proxy Monitor’s research, in 2016, a majority of all shareholder proposals involved social or policy concerns. Excluding proxy-access proposals, less than 4% of shareholder proposals received majority shareholder support in 2016. Thus far in 2017, there is no observable uptick in the number of shareholder resolutions submitted, and no increase in shareholder support for resolutions. The report further concludes that most large companies are adopting proxy-access rules, and the major activity in 2017 surrounds shareholder efforts to revise existing proxy-access standards in favor of more relaxed standards. To date, these efforts have failed to garner majority shareholder support.

Read summary at Manhattan Institute>>

Read Proxy Season Preview: Shareholder Activism en Marche >>

Fearless Adaptability Improves Tech Startup Success
Publication Date: April 24, 2017

Lyft started as a company called Zimride that facilitated carpooling to companies. Instagram began as a location-sharing media similar to Foursquare. Groupon was initially conceived as a community-organizing platform.

A recent study co-authored by William Barnett and Elizabeth Pontikes, respectively of Stanford and the University of Chicago, focuses on the success rates of startup software companies. They concluded that entrepreneurs who were willing to adapt their original business plan and products in search of the best markets (and to make choices counterintuitive to tech community consensus) had the highest rates of success.

Read more in Stanford Business >>

Read The Non-consensus Entrepreneur: Organizational Responses to Vital Events Study >>

Equilar Study Finds Over-Boarding Directors More Common, Better Paid
Publication Date: April 21, 2017

The idea of multi-boarding, also known as “overboarding”, has become a topic of debate for investors, board members, and advisors. Although some argue public directorships on multiple boards can positively promote shareholder engagement and corporate governance experience, others question if directors with multiple board commitments are putting sufficient time and energy into their other commitments. A recent Equilar study found that multi-boarding is more present in larger companies, has increased 48.6% to 53.6% in the past five years, and has led to greater director pay-outs. The study also revealed that the increase of women on boards, and a desire for directors familiar with issues scrutinized by shareholders and stricter regulatory requirements, may lead to candidates who are well-versed with these issues serving on more boards.

Read more from Equilar >>

Women in Fortune 500 Board Rooms
Publication Date: April 10, 2017

Women represent roughly 20% of board members in Fortune 500 companies, compared to just 11.2 percent in the late 1990’s. While this increase has been positive, a recent Bloomberg article asked what kind of roles and responsibilities women are now getting on board committees? The article suggests several possibilities for why women have been underrepresented as chairs of major committees, including that certain committees with a high percentage of woman chairs may become more important over time and women may chair committees that focus on areas where their skill sets better fit. The article notes that in major decision-making committees, diversity of knowledge, skill, and demographics may translate into more favorable outcomes. While it is unclear exactly why women are still underrepresented in board rooms, the article reminds readers that less diverse firms have been noted to have more governance-related controversies.

Read more from Bloomberg >>

Nasdaq Nordic and Baltic Exchanges Issue ESG Reporting Guide
Publication Date: March 29, 2017

Nasdaq’s Nordic and Baltic exchanges issued the Environmental, Social and Governance (ESG) Reporting Guide to support disclosure initiatives introduced by the United Nations Sustainable Stock Exchanges’ “Campaign to Close the ESG Guidance Gap.” The ESG Guide is an ongoing effort intended to provide support for Nasdaq Nordic-listed companies in meeting ESG disclosure requirements, and will reflect various global stock exchange guidelines provided by the United Nations and European Union, as well as provide businesses with critical focus points for ESG-related reporting.

Read More from Nasdaq Here >>

Defining Nominating and Governance Committee Roles
Publication Date: March 22, 2017

Proactive and engaged nominating and governance committees are crucial in ensuring board effectiveness, according to a new E&Y Center for Board Matters study. The study analyzed various committee guidelines and practices from Fortune 100 companies to help define what is expected from these committees in their leadership role. The nominating and governance committees oversees stakeholder communications and plays a large role in regulating corporate governance through performance evaluations, director education, and risk management, in addition to director candidate selection and education.

Read more from E&Y >>

Nasdaq Governance Clearinghouse
App Store       Google Play       Windows Store       Governance Clearinghouse RSS Feed
The Nasdaq Stock Market, Nasdaq, The Nasdaq Global Select Market, The Nasdaq Global Market, The Nasdaq Capital Market, ExACT and Exchange Analysis and Compliance Tracking system are trademarks of Nasdaq, Inc.
FINRA® and Financial Industry Regulatory Authority, Inc.® are registered trademarks of Financial Industry Regulatory Authority, Inc. OTCBBTM and OTC Bulletin BoardTM are trademarks of FINRA