Ethical Boardroom Autumn 18 by Ethical Boardroom

Published by Ethical Board Group Limited | www.ethicalboardroom.com

Autumn 2018

Keeping it above board

Understanding risk in strategy-setting Adapting to change is key to success Independence insight Evolving expectations in global boardrooms

From polar bears to penguins Activist investors accelerate their efforts across Asia Japan’s shareholder revolution — at last Investors are finally making the difference

Raising cyber risk to the enterprise level It’s time to recognise the impact of cyberattacks

611002 9 772058

IHCL's MD & CEO Puneet Chhatwal on the company's foundations of integrity, excellence and ethical values

UK £9.95 USA $14.99 CAN $16.99 EUR €11.99 14

Indian hospitality

ISSN 205 8- 61 1 6

Ethical Boardroom | Contents

COMMENTARY

Far-reaching impacts of our natural capital Integrated reporting recognises an organisation’s impact on the assets it uses to create value

ESG risks and opportunities Investor expectations regarding environmental, social and governance investments

Gender diversity in Australia Australian boards edge closer to the 30 per cent target but shouldn’t parity be the ultimate goal?

Boards, investors and sexual harassment in the workplace Strategies and best practices to mitigate the risk of misconduct

So what does good governance look like? How investors and boards can move from a tick-the -box approach to actions that are meaningful

MIDDLE EAST

Global News: Middle East Sustainability, gender equality, transparency and investment

COVER STORY

Indian Hotels Company: Rated five stars for corporate governance EB talks to Puneet Chhatwal about IHCL’s foundation of integrity, transparency and ethical values

BOARD LEADERSHIP

Independence insight Global perspectives: evolving expectations for board and director independence

New insights on CEO succession Strategic leadership profi les and communications planning are key to a director’s preparation

Fund management under the spotlight Boardrooms across the UK need to get themselves ready for independent NEDs

Time to abolish non-executive directors? With an increasing expectation on NEDs to oversee the boardroom, it’s time to rethink their label 4 Ethical Boardroom | Autumn 2018

46 www.ethicalboardroom.com

Powerful board insights: ticking all the right boxes? Value-added board evaluation is achieved by measuring the board against five levels of governance

NORTH AMERICA

Global News: North America Gender quotas, shareholder activism and board reshuďŹ&#x201E;es

BOARD GOVERNANCE

Is good enough, good enough? A call to action in support of transforming internal audit

C O N T E N T S 50

The power of checklists A strong organisational culture will pay attention to how an outcome is achieved

Understanding risk in the strategy-setting process Organisations need to be more adaptive to change in order to confidently handle the future

IPOs and executive pay Keeping pace with compensation issues is crucial before, during and after an IPO

Evolving virtual shareholder meetings Embracing best practices can ensure transparency and enhanced shareholder participation as technology grows

EUROPE

72 66

Global News: Europe Investment schemes, CEO succession and insurance claims

Spotlight on Spain Non-fi nancial disclosure and proxy season highlights in 2018

TECHNOLOGY

72 74

Preparing for new tech What does digital transformation mean for boardrooms? Governance for the modern era Best practices for enterprise governance management

10 www.ethicalboardroom.com

Five things your outsourced eDiscovery provider should be telling you Finding the right partner for transparent and sustainable relationships Autumn 2018 | Ethical Boardroom 5

RISK MANAGEMENT

Raising cyber risk to the enterprise level Cyberattacks are strategic business threats that can have a huge impact

Identifying third-party risk Ethical Boardroom talks to KPMG on how companies must examine their business relationships in order to assess risk

Building a global crisis readiness programme: 13 pitfalls Learn where it can go wrong when preparing for a crisis

Putting the spotlight on health and safety There are fewer workplace-related accidents, but a high risk of being associated with firms where they do occur

100

LATIN AMERICA

Global News: Latin America Corporate shake-ups, disputed contracts and anti-corruption

REGULATORY & COMPLIANCE

Voice compliance: The changing landscape Communications should not just be secure and MiFID II compliant but also relevant to an organisationâ&#x20AC;&#x2122;s needs

Ownership data: protect your reputation & integrity Complying with legislation is challenging but access to data can help companies make better, faster decisions

100

Compliance possible? If only it could be as easy as the movies to operate at the cutting-edge of technology

102

Committing to the corruption fight Why ISO 37001 should be your first line of defence

ASIA

104 106

Global News: Asia Board independence, gender diversity and a bribery conviction

Board diversity in Southeast Asia Why promoting women is a key ingredient for a thriving economy

6 Ethical Boardroom | Autumn 2018

138

130

102

110

Corporate governance within Asia Winds of change are blowing through Asian stock exchanges, bringing new challenges and improving standards

114

Japan’s ‘shareholder revolution’ — at last Corporate governance has a long way to go but investors can fi nally make the diﬀerence

118

Promoting growth in Japan How investor stewardship and corporate governance are evolving in Japan

110

122

Marching towards convergence Successive reforms and robust monitoring have boosted Indian corporate governance

THE EB 2018 CORPORATE GOVERNANCE AWARDS

126

Introduction & Winners list We reveal our 2018 Asia & Australasia Award winners

AUSTRALASIA

128 130

Global News: Australasia Governance reforms, leadership failures and CEO pay

Bazley Report — a blueprint for change How boards can test the culture in their workplace, create a speak-up culture and whether we can expect legislation to change

ACTIVISM & ENGAGEMENT

133

From polar bears to penguins Activist investors are accelerating eﬀorts to build inﬂuence across Asia

138

Australia’s activist awakening Activism is set to play a larger role in Australia as investors address governance shortcomings

AFRICA

142 144

Global News: Africa Corporate governance, aviation crisis and board independence Sustainable investment in South Africa The JSE’s green bond segment aims to boost investment in ESG projects Autumn 2018 | Ethical Boardroom 7

Ethical Boardroom | Foreword

Welcome to the Autumn 2018 edition of Ethical Boardroom magazine

Elon Musk’s overeager fingers A forward-thinking board will be prepared to take full advantage of the opportunities presented by social media to communicate important messages quickly with investors, customers and other stakeholders. But it will also recognise that with this ease and speed comes risk and that poorly thought out posts can have dire consequences. If ever there was a prime example of why a structured employment policy related to social media usage can be of use, look no further than Elon Musk (right), the CEO of electric carmaker Tesla. The 25th richest person in the world, with an estimated worth of $19.7billion (£15.1billion), Muskmade his fortune from online payments fi rm PayPal before moving on

8 Ethical Boardroom | Autumn 2018

to Tesla and rocket company SpaceX. But he’s also built a reputation for his unpredictable behaviour on the social media platform Twitter and is guilty of a long line of digital missteps. In September, Musk was forced to step down as Tesla chairman and pay a £15million fine after a tweet claiming he had funding to take Tesla private at $420 per share. Th is statement was questioned by the US Securities and Exchange Commission (SEC) who established that the deal was not completed. SEC believes Musk had misled the public and the $420 figure was a reference to drugs, though Mr Musk has denied this. In July, Musk called Vernon Unsworth, a 63-year-old British cave explorer who led the rescue of 12 Thai children trapped in a flooded cave, a ‘pedo guy’ in a tweet. Unsworth has now fi led a libel suit in a California

district court, seeking at least $75,000 in damages from the billionaire. Not that these episodes have deterred Musk from controversial tweeting. Despite being able to reach a settlement with the SEC, Musk was at it again just weeks later, calling the SEC the ‘Shortseller Enrichment Commission’ on Twitter. Rather appropriately, in this issue of Ethical Boardroom, contributor Anderson Dy highlights how the scrutiny of public companies is arguably at an all-time high, and responsibility for their reputations, revenues and results lies at the door of the boardroom. On page 18, Beatriz Araújo and Joanna Hewitt discuss the importance of good tone at the top, good communication and transparent relationships with investors and shareholders. While on page 40 Dr Debra Brown outlines how vital it is for a board to determine where they are strong and performing well and where they are weaker and not performing as well as they might.

www.ethicalboardroom.com

Contributors List | Ethical Boardroom

Our thanks to this issue’s contributing writers ZAFAR ANJUM Group Chief Executive Officer, CRI Group BEATRIZ ARAÚJO & JOANNA HEWITT Beatriz and Joanna are both Partners at Baker McKenzie LLP, London NICHOLAS BENES Representative director of The Board Director Training Institute of Japan DR DEBRA BROWN President and Chief Executive Officer of Governance Solutions ELISABETH CASE MD and Head of Client Advisory, Marsh US Cyber Practice RICHARD F. CHAMBERS President and CEO, The Institute of Internal Auditors JON CHAN Director of Technical Services, Anexsys PUNEET CHHATWAL Managing Director & Chief Executive Officer, Indian Hotels Company Limited (IHCL) ALEXANDRA MIHAILESCU CICHON Executive Vice President, RepRisk ANDERSON DY, PHD Vice President of Sales for Northern/Eastern Europe and Africa, Diligent Corporation SETH FISCHER Founder and Chief Investment Officer, Oasis Management Company LOUISE GREEN Chief Marketing Officer, Bureau van Dijk, a Moody’s Analytics company

RICHARD GROS & JASON SCHLOETZER Richard is President at Richard Gros & Associates. Jason is Associate Professor of Accounting at Georgetown University

TOM McLEOD Expert within the fields of risk management, fraud & corruption investigations, internal auditing and compliance activities

DR NIRAJ GUPTA & MATHEW JOHN Dr Niraj Gupta, Head & Mathew John, Senior Associate at the Indian Institute of Corporate Affairs (Corporate Governance & Public Policy)

KIRSTEN PATTERSON CEO of Institute of Directors in New Zealand

FIONA HATHORN Managing Director, Women on Boards UK

J. CHRIS RAZOOK Corporate Governance Lead for East Asia Pacific, IFC

RICHARD HOWITT CEO, International Integrated Reporting Council FIANNA JURDANT Senior Policy Analyst, OECD (The Organisation for Economic Co-operation and Development) JIM KZIRIAN & RYAN C. HARVEY Jim is Lead Consultant and Ryan a Partner at Meridian Compensation

GABRIEL RADZYMINSKI Fund Manager, Sandon Capital

JOHN ROE Managing Director, Head of ISS Analytics THOMAS SCHULZ Sales Manager, Compliance Solutions AKSHAR SEWKURAN Bonds Specialist in Capital Markets, Johannesburg Stock Exchange

LINDA-ELING LEE Global Head of Research, MSCI

ANNE SHEEHAN, DARLA C. STUCKEY & CATHY H. CONLON Anne, formerly of the California State Teachers’ Retirement System. Darla is President and CEO, Society of Corporate Secretaries and Governance Professionals. Cathy is Head of Corporate Issuer Strategy & Product Management at Broadridge Financial Solutions, Inc

YOSHIKAZU MAEDA Head of Responsible Investment, Governance for Owners, Japan

PAUL J. SOBEL Chairman, the Committee of Sponsoring Organisations of the Treadway Commission (COSO)

DANIELA MATTHEUS EMEIA Center for Board Matters & Corporate Governance Board Services Leader at EY

BILL UDELL & AARON SCHWIRIAN Bill is a Senior Partner and Aaron an Associate Director at specialist risk consultancy Control Risks

GREG MATTHEWS Partner in KPMG’s Financial Services Risk Consulting Practice

PAOLA GUTIÉRREZ VELANDÍA Corporate Governance and Stewardship Expert

ROSEMARY LALLY, KEN BERTSCH & BRANDON WHITEHILL Rosemary is the Editor, Ken the Executive Director and Brandon a Research Analyst at the Council of Institutional Investors

CHARLES MAYO Simmons & Simmons LLP

NICOLA WAKEFIELD EVANS Chair of the Australian Chapter of the 30% Club PAUL WILLSON Head of Voice Strategy & Partnerships, Trusted Data Solutions

EDITOR Claire Woffenden DEPUTY EDITOR Spencer Cameron EXECUTIVE EDITOR Miles Hamilton-Scott ART DIRECTOR Chris Swales CHIEF SUB Sue Scott ONLINE EDITORS Allegra Cartwright, Hermione Bell HEAD OF ONLINE DEVELOPMENT Solomon Vaughan ONLINE DEVELOPMENT Georgina King, Rosemary Anderson SUBSCRIPTIONS MANAGER Lucinda Green MARKETING MANAGER Vivian Sinclair CIRCULATION MANAGER Benjamin Murray HEAD OF SALES Guy Miller PRODUCTION EDITORS Tobias Blake, Dominic White VIDEO EDITOR Frederick Carver VIDEO PRODUCTION Tom Barkley BUSINESS DEVELOPMENT Michael Brown, James Walters, Steven Buckley ASSOCIATE PRODUCER Suzy Taylor ADMINISTRATIVE ASSISTANT Abigail Fitzwilliam HEAD OF ACCOUNTS Penelope Shaw PUBLISHER Loreto Carcamo Ethical Board Group Ltd | Ethical Boardroom Magazine | 1st Floor, 34 South Molton Street, Mayfair | London W1K 5RG S/B: +44 (0)207 183 6735 | ISSN 2058-6116 | www.ethicalboardroom.com | Ethical Boardroom | twitter.com/ethicalboard Designed by Yorkshire Creative Media | www.yorkshirecreativemedia.co.uk. Printed in the UK by Cambrian Printers. Images by www.istockphoto.com All information contained in this publication has been obtained from sources the proprietors believe to be correct, however no legal liability can be accepted for any errors. No part of this publication can be reproduced without prior consent from the publisher.

www.ethicalboardroom.com

Autumn 2018 | Ethical Boardroom 9

Commentary | Sustainability ENCOURAGING STABLE CAPITAL The push towards sustainability requires a more efficient approach to corporate reporting

Integrated reporting recognises an organisation’s impact on the assets it uses to create value

Far-reaching impacts of our natural capital The all-encompassing focus of boards has traditionally been their bottom line. For years, annual reports paid tunnel-vision attention only to the company’s financial progress. However, with the increased uptake in integrated reporting internationally and a growing awareness of the benefits of this to a company – to its investment potential and profit margin, too – there is now a greater understanding among blue chip c-suites that such a narrow financial focus is in fact detrimental to the company. Integrated reporting is an increasingly prevalent form of reporting that addresses the fact that corporations draw on more than one capital, including human, social and natural capital. It is an approach that crucially addresses broader value creation and long-term potential – rather than just short-term financials alone. It is now beyond argument that companies – international and regional – are subject to magnified scrutiny by the public and media on the effect companies have on the environment, whether that is land, air or sea. While through integrated reporting a business can alter the way it thinks, acts and communicates on what the international Integrated Reporting (IR) Framework defines as six capitals, it is natural capital 10 Ethical Boardroom | Autumn 2018

Richard Howitt

CEO, International Integrated Reporting Council accounting which is arguably most advanced, as we develop multi-capital thinking in business. The world’s economy is transitioning not just to low-carbon growth but it is, and will continue to be, underpinned by a parallel change in attitude towards what has been labelled sustainable finance. Th is is not an issue coming from campaigners any longer, but from the major institutions in the world. The Taskforce on Climate-related Financial Disclosure created by the Financial Stability Board, has finally tilted the balance of the argument that climate change is an economic as well as an ecological issue. The Paris Agreement signed by more than 170 countries has already seen nearly 50 introduce carbon pricing, which will have a profound and widespread impact across business in terms of energy costs, transportation and manufacturing and agricultural processes. Meanwhile, the Sustainable Development Goals of the United Nations set the economic trajectory for the entire world into an environmentally sustainable context. Far from being just an issue of cost, the Business Commission for Sustainable Development, which represented the principal business voice behind the SDGs, describes the

economic transition they will bring about as a $12trillion market opportunity for the world’s businesses. So, whether it is cost, access to finance or market opportunity, no responsible board director can afford to ignore this new reality. Of course, there are countless examples of various corporations having a negative impact on the natural world and the environment in which they are situated or use. The difference today is that current and potential investors now look negatively on any corporation that does not attempt to curb or remedy its effect on its immediate and wider natural environment. Even more so, investors look badly on companies that do not understand the impact natural capital has on their own ability to create value. It is investors more than activists today who understand long-term risk and returns are as dependent on natural as well as financial capital. The Deepwater Horizon disaster in the Gulf of Mexico in April 2010 is one of the most famous examples where a corporation’s reputation was not only hugely damaged because of environmental incompetence, but also whose share price dropped dramatically in the immediate wake of the disaster. It wasn’t just natural capital that was affected by the disaster – it was its social and relationship capital as well. The company’s reputation, its brand, its relationship with www.ethicalboardroom.com

Sustainability | Commentary society, the trust consumers placed in it was for a long time incredibly damaged. But if you’re not from an extractive company, this isn’t just about carbon. A beverage company needs to think about water conservation, an agri-food company deforestation, any industrial development its impact on habitats and biodiversity. For each one of these, value can be created, preserved or depleted, and with it the ability of the company to continue to operate with the same business model in the years ahead. For any company that fails to comprehend this, it should contemplate its own potential ‘Gulf of Mexico’ moment.

2030 Sustainable Development Goals

That’s why the 2030 Sustainable Development Goals say they are ‘integral’ to each other, and why Sustainable Development Goal (SDG) Target 12.6 specifically calls on business to ‘integrate sustainability in corporate reporting’. It is a clarion call to business for integration. In putting them together, the United Nations community was clear – these are issues that need to be tackled by private and public sectors together. And businesses have responded to acknowledge that by achieving these goals we will be creating the conditions for businesses to flourish. With thanks to author Professor Carol Adams of Durham University and funding from the Institute of Chartered Accountants of Scotland, the International Integrated Reporting Council has published a guide to help organisations enhance their contribution to the SDGs, while reducing corporate risk and increasing opportunities that arise from sustainable development. The preservation and use of natural capital, including affordable and clean energy, clean water and sanitation, and sustainable cities and communities, feature heavily in the 17 goals. The weight of importance attached to the world’s corporations and governments striving towards these goals are well-publicised. In turn, they have set the expectation level for investors when assessing a company’s overall sustainability and interaction with the natural environment.

Step change: Puma

Almost eight years ago, sports brand Puma published its very first environmental profit and loss account (EP&L). This wasn’t simply a new twist on a CSR report; this was a step change for integrated reporting. Instead of only measuring emissions or energy use, Puma made a clear effort to put a monetary figure on natural capital in order to run its business. Accounting for the environmental impact caused by greenhouse gas emissions, water use, land use, air pollution and waste in 2010, the figure came to €145m (£121m). This was a corporation actually acknowledging the www.ethicalboardroom.com

environmental debt that it owed to the planet. hard-nosed economists, to actually think Our report quotes Jonathan Hughes, forum of it as having a value as well. director and deputy chief executive of the In a fast-changing and unstable world Scottish Wildlife Trust, explaining that marked by economic and social turmoil, natural capital is a concept whose time is long businesses need to earn the trust of many overdue: “What [natural capital reporting] stakeholders: not only shareholders, but does is make visible the value of the natural also customers, employees, governments, world that we have taken for granted for so regulators and others. And what high-profi le long, and that has been completely invisible to stories from the last decade prove, is that economic decision makers up until now. The ignoring natural capital puts you on a fast current crisis in natural capital is comparable track to losing trust. Trust has become a to the financial bubble that burst in 2008. critical asset – one that boards need to We’re creating a natural capital debt bubble... nurture to sustain organisational success. If we continue to take resources from the How to create this? planet at the rate we’re taking them, then Corporate communications agency Black we will eventually reach a tipping point.” Sun has identified six principles of trust: Professor Judge Mervyn King, founding purpose, culture, stakeholders, diversity, chair of the International Integrated wider value creation and long-term thinking. Reporting Council, describing how They state that: “Individually and collectively, integrated reporting is helping business these principles contribute to developing meet the SDGs, puts it even more succinctly: corporate trust and are rooted in long-term “The goal is to achieve this by 2030 otherwise thinking, planning and preparedness.” planet earth may not be sustainable for those As a tool for growing trust across these who come after us by the end of this century.” areas, integrated reporting comes into We are already perilously close. According its own. It helps entities understand the to the Millennium Ecosystems Assessment, interplay between the many interconnected more than 60 per cent of the world’s risks they face – partly by challenging a ‘silo’ ecosystems are already degraded. Climate mentality and encouraging communication change and extreme weather events are across disparate functions. a reality. The global species extinction rate is running at What high-profile By capturing material risks and opportunities around a thousand times the stories from the in a single integrated background rate recorded by last decade prove, report, organisations the fossil record. provide investors and To halt the ongoing is that ignoring other stakeholders with a damage to our resources and natural capital more complete picture of biodiversity, natural capital reporting could allow puts you on a fast long-term potential than is achieved by traditional corporations and governments track to losing financial and sustainability to measure and manage reporting. The OECD resources sustainably. The work trust. Trust has enhanced corporate we are doing at the IIRC takes become a critical sees reporting as an important this a step further. We say that element in an effective natural capital reporting is only asset — one that governance framework. relevant if the story you are boards need to Integrated reporting is telling is integrated into the nurture to sustain also winning the backing holistic story of value creation of stock exchanges (from within the organisation. If it organisational India to Brazil), government is siphoned off into a different success ministries (from Japan to department and not part of the New Zealand), corporate governance codes central business model of the organisation, we (from South Africa to the United Kingdom) will never make the changes the world needs. and international bodies (the Global Network In undertaking this work, we draw on the of Director Institutes and the World Bank). work of IIRC Council members, such as the These organisations see integrated reporting World Business Council for Sustainable as an important tool for encouraging more Development, US-based Ceres and the World stable capital markets and crucial to the Wide Fund for Nature, as well as partnering planet – long-term, sustainable growth, which with the Natural Capital Coalition, which will in turn help these companies to attract specifically endorses integrated reporting. long-term investors. Does this mean that all business-caused So, whether it is tackling concerns over environmental impact can be described in natural capital, or building your social and precisely economic terms? Can you monetise relationship capital, I urge board directors nature, which many say is priceless? to take a look at the International Integrated To which we would say: it is priceless but Reporting Framework and consider how it’s not valueless. We have to understand you could benefit from broadening your the value of nature in all aspects of our lives understanding of value creation. in order to convince the unconverted, the Autumn 2018 | Ethical Boardroom 11

Commentary | ESG

ESG risks and opportunities The investment world has seen increasing growth in environmental, social and governance (ESG) investing over the past several years among both global institutional and retail investors.

As a result, companies may face new challenges sooner than previously anticipated and investor expectations regarding ESG are complex, varied and still shifting.1 As the world’s largest ESG research provider, we’ve observed increased interest from the issuer community as companies seek to understand how to better navigate this space.2 While reliance on voluntary corporate disclosure alone may call into question the objectivity of ESG analysis, it is likely to remain a key input source and a channel for corporate issuers to engage with investors on key ESG themes. The practice of ESG investing began in the 1960s as socially responsible investing (SRI), with investors initially excluding stocks or entire industries from their portfolios based on their involvement in business activities, such as tobacco production or their implicit support of the South African apartheid regime. While ethical considerations and alignment with values remain common motivations of many of today’s ESG investors, the field is rapidly growing and evolving. Many investors now look to incorporate ESG factors into the investment process alongside traditional 12 Ethical Boardroom | Autumn 2018

Investor expectations regarding environmental, social and governance investments Linda-Eling Lee

Global Head of Research, MSCI financial analysis. We have identified three common investor objectives (see graphic left) when it comes to ESG investing.

ESG integration

ESG integration, where investors seek to include ESG research and assessments throughout their investment process, is a rapidly growing ESG strategy. Current ESG integration strategies span a broad spectrum of goals and objectives, including: ■ Mitigation of long-term systemic risks, such as carbon or other climate-related risks. Asset owners in particular may be concerned that potential spill-over effects from their direct investments may generate costs for unrelated third parties, which ultimately may affect future returns and the broader economy ■ Reduction of systematic risks caused by changes in the market environment and global economy ■ Identification of stock-specific portfolio risks and opportunities

Investors may approach the integration of ESG in a variety of ways, but the primary goal is typically to improve investment returns. Our recent Foundations of ESG Investing series explored a possible causal relationship between changes in ESG ratings and changes in financial variables – what we call ESG momentum.3 We found that high ESG-rated companies tended to show higher profitability, higher valuation and lower risk of ESG controversies that could impact share price. In addition to a rise in active ESG integration strategies, adoption of MSCI ESG Indexes, which incorporate MSCI ESG Ratings and other MSCI ESG data and analysis, has grown significantly among global asset owners in the past few years.4 This growth has largely been fuelled by adoption of ESG benchmarks by large institutions that have historically shied away of this emerging investment area. For example, Swiss Re in 2017 changed its global equity and fi xed-income policy benchmarks to an ESG benchmark (specifically adopting MSCI ESG Indexes) for actively managed listed equities and corporate bond mandates, representing approximately $130billion.5 On the retail investing front, in early 2018, online broker Merrill Edge began incorporating ESG Ratings information from MSCI ESG Research into its user interface to provide investors with information they may use to better align their portfolios with personal values and other ESG considerations.6 These new ESG assessment capabilities opens ESG investing doors through unique and differentiating strategies, ultimately seeking www.ethicalboardroom.com

ESG | Commentary informational sources that go beyond traditional disclosures, to identify outliers. Objectivity of any assessment that is based on corporate reporting alone is a challenge and a concern for investors. It is particularly worrisome in the case of ESG assessment, given that these disclosures are still largely voluntary and not subject to regulatory (or even auditor) oversight. A 2017 PwC survey of US investors found that 62 per cent felt they don’t ‘have enough trust in the information companies report’ to be confident in investment analysis and decisions.7 Institutional investors have pressured companies to disclose more of their ESG practices and many companies have responded favourably, but such voluntary disclosure will always have its limits. Investors instead often rely on a much broader set of data sources. In the era of big data, data extracted from a wider variety of publicly available sources can provide a more accurate and complete picture of companies’ ESG risks and performance. MSCI ESG Research uses a variety of data sources to inform our ESG assessments. In addition to company disclosures (e.g. annual financial reports, sustainability reports, proxy reports and web information), we utilise external and public data sources, including specialised academic, government and NGO datasets and more than 3,000 global and local news sources. We do not use private or confidential information, with an aim of both transparency and traceability of sources. A deconstruction of MSCI ESG Ratings shows that, on average, only 35 per cent of a company’s rating is driven by voluntary corporate disclosure; the rest is derived from other alternative sources (see graph above). What does this mean for companies? For one, it debunks the myth that increased disclosure will guarantee a significant improvement in a company’s ESG ratings assessment. Increased disclosure can

FINANCIAL OBJECTIVES

Source: MSCI ESG Research

Incorporating ESG to improve our investment results

INTEGRATION

% Contribution to ESG score by data source. 2017

Beyond disclosure

Enforcement & media sources Mandatory company disclosures

100.0% 90.0% 80.0% 70.0%

Specialised data sets

60.0% 50.0% 40.0% 30.0% 20.0%

Voluntary company ESG disclosure

39.5%

10.0% 0.0%

Strong disclosures [n=843]

Industry standard disclosures [n=988]

2,434 constituents of the MSCI ACWi Index as of 30 November 2017

influence the assessment, but only up to a point. But this should not discourage companies from continuing to improve their reporting. On the contrary, it should motivate them to focus and fine-tune their efforts on strategic programmes and initiatives that mitigate the key ESG risks they face, knowing now that investors are leveraging other informational sources. Companies can also view reporting as an opportunity to engage investors on their long-term strategy. Over the years, we have witnessed a spike in investors’ influence on the extent and scope of issuers’ ESG disclosure. This demand for more data from companies comes in a form of proxy voting, support for developing

NON-FINANCIAL OBJECTIVES VALUES

Our investments should reflect our values

FINANCIAL RETURNS

Align portfolio with investor’s ethical or political values

ESG CRITERIA

IMPACT

SOCIAL & ENV. BENEFITS

www.ethicalboardroom.com

29.9%

Weak disclosures [n=603]

■ ESG leaders (AAA-AA) ■ ESG average (A-BB) ■ ESG leaders (B-CCC)

VALUES & PREFERENCES

Incorporate ESG criteria to enhance long-term return, manage ESG financial risk

34.7%

FINANCIAL RETURNS

We want our investments to Generate measurable social make a difference or environmental benefits in the world as well as financial returns

Source: MSCI ESG Research

reporting guidelines, such as the Sustainability Accounting Standards Board’s, and push for regulation to broaden reporting requirements. A recent study by Ernst & Young on FSB Task Force on Climate-related Financial Disclosures (TCFD) disclosures and recommendations and implications for boards found more than 100 global organisations with a market capitalisation of over $3.5trillion are already committed to TCFD disclosures. The study also highlighted that organisations that commit early have a first mover advantage to set the tone by proactively engaging with investors and shareholders around climate-related disclosures and to take control of their revised corporate reporting narrative. A major win has been the increasing trend in corporate disclosure adoption, despite the recommendations being largely voluntary at this stage.8 Investors have supported the various initiatives that encourage better company disclosure on ESG issues,9 including enlisting regulators to compel disclosure on select ESG topics or metrics and working with exchanges to include more sustainability disclosure as part of their listing requirements.10 The investor perspective on ESG and corporate reporting, as well as need for data and analysis, will likely continue to evolve. As investors’ expectations rise, the companies that best and most effectively respond to this reality may be better positioned to tackle the still expanding ESG landscape and its impact on their shareholder relationships. Footnotes will be run in full online.

Autumn 2018 | Ethical Boardroom 13

Commentary | Diversity

Gender diversity in Australia Australian boards edge closer to the 30 per cent target but shouldn’t parity be the ultimate goal? Female representation on the boards of Australia’s 200 largest companies has increased from just over eight per cent in 2009 to more than 28.5 per cent at the end of August this year. There are now only three companies in the top 200 – ARB Corporation, Tassal Group and TPG Telecom – that have no women on their boards, compared to 30 such companies just three years ago.

The pace and scale of change on Australian boards has been impressive. What is most remarkable about it, however is that it has been achieved without the introduction of mandated quotas for the appointment of women to boards. While comparable countries lagged behind, a coalition of Australian organisations and individuals advocated for change and achieved results through the adoption of voluntary targets. Chairs of ASX 200 companies, the Australian Institute of Company Directors, the Male Champions of Change, and importantly, the Australian Chapter of the 30% Club have moved the dial on gender diversity in Australia. The 30 per cent voluntary target has been adopted by 83 companies on the ASX 200, with the ASX 100 already at 30.5 per cent. This puts Australia’s largest 100 companies ahead of the UK, US and Canada. Crucially, the appointment rate of women to boards in 2018 has been a game changer. For the fi rst time women are being appointed to ASX 200 boards at the same rate as men (as at 31 August 2018). Indeed, in March, April and June, women accounted for 60 per cent or more of appointments. While it’s always hard to predict factors, such as board turnover and tenure, we can see through the appointment rate that the boards of most Australian companies have embraced voluntary targets as a way to achieve change.

Initial scepticism

When the 30 per cent target was set, there were of course naysayers. Some argued that we 14 Ethical Boardroom | Autumn 2018

Nicola Wakefield Evans

Chair of the Australian Chapter of the 30% Club shouldn’t have set a target in the first place, while others argued such a goal could never be achieved with voluntary targets alone and legislative intervention would be needed to achieve change. Australia’s experience shows that this is not the case. But it also however shows how valuable the support of the investor community is in achieving change. Both research and common sense tell us that boards that genuinely embrace cognitive diversity, which can be established through diversity of gender and a broad spectrum of skills and experience, are more likely to achieve better outcomes for investors. From the Australian Council of Superannuation Investors to professional investors such as Lazard Asset Management and State Street Global Advisors, the voices of investors have been powerful in advocating for change. That is not to say the fight has been easy or unopposed. Australia has a systemic and cultural problem with women in power. In many ways our society is still highly culturally conservative in the way it views women. I would be being disingenuous if I claimed otherwise. This underlying opposition was thrown into harsh relief earlier this year in the reporting around the current Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry. The Royal Commission has brought to light a number of cases of corporate behaviour that have fallen short of community expectations and, in some cases, possibly the law. However, in only one of these cases was the gender of the corporation’s chair brought into play – and there’s no prizes for guessing that the chair in question was not a man. In this case, the flawed syllogism invoked by opponents of greater gender diversity was that women have been appointed to boards to improve performance, but boards of financial services companies have failed to provide adequate oversight, and therefore greater gender diversity on boards does not improve performance.

Collective responsibility

Such a proposition is fatally flawed. It ignores the collective responsibility of all board members, including male board members. Nor does it acknowledge that boards comprised solely of men have overseen many much greater failures in Australian and international corporate history. Yet none of those prompted people to ask whether there was a problem with having only men in charge. To paraphrase International Monetary Fund chief Christine Lagarde, no one asked what would have happened if Lehman Brothers were Lehman Sisters. It is a director’s role to ask difficult questions, to challenge management and be bold enough to speak up. There are more than enough talented and qualified women in Australia to take up that challenge. Yet, as we near the 30 per cent voluntary target, some nagging fears have emerged. There are fears about a backlash to greater diversity, both gender and otherwise, on boards. Some wonder if once the spotlight www.ethicalboardroom.com

Diversity | Commentary

CHANGING THE RATIO For the first time women are joining Australia’s largest boards at the same rate as men

shifts elsewhere the big boards will revert to type – that is to say, male. Others fear that when we reach the 30 per cent hurdle, it will become a ceiling, rather than a floor. Some want to see the bar raised to 50 per cent, while others call for the spotlight to be widened beyond the top 200 companies, to the companies that have so far escaped the glare of investors and advocates. Now that the 30 per cent target for ASX 200 boards is in sight, the Australian Chapter of the 30% Club will consider where to go from here, with both these opportunities and fears in mind.

ASX guidelines

On the immediate horizon are changes to the ASX Corporate Governance Council Principles and Recommendations, which are an important component of Australia’s corporate governance framework. The Principles, which are intended to provide flexible, industry-led guidance on what constitutes good governance for listed entities, are currently being reviewed and look likely to further advance the case for greater gender diversity on listed boards. The draft fourth version of the Principles includes a new 30 per cent measurable www.ethicalboardroom.com

It is a director’s role to ask difficult questions, to challenge management and be bold enough to speak up. There are more than enough talented and qualified women in Australia to take up that challenge gender target for boards across the ASX 300. If introduced, the recommendation would support the momentum towards more gender-balanced boards. And maintaining the momentum is important. Boards need a range of skills, experience and perspectives to provide effective oversight of their organisations, particularly as we confront rapid changes in

technology and science, as well as the challenges associated with the work and workplace of the future. Put simply, having diversity around the board table is crucial for the governance challenges ahead. The evidence is clear that gender diversity and diversity on a whole is good for organisations, both in terms of performance and culture. The 30% Club continues to have a burning desire to advocate for greater gender diversity in senior leadership roles in Australia. We have strong support from the business, political and, importantly the investment communities to see diverse boards as well. I also believe our employees, customers and the community at large expects the composition of boards to reflect the broader Australian population. It’s behoven on us as governance and business leaders to meet that expectation. Autumn 2018 | Ethical Boardroom 15

Commentary | Accountability STRONG TONE AT THE TOP Boards must be accountable for combatting sexual harassment in the workplace

Boards, investors and sexual harassment in the workplace Rosemary Lally, Ken Bertsch & Brandon Whitehill

Rosemary is the Editor, Ken the Executive Director and Brandon a Research Analyst at the Council of Institutional Investors

Many ethical failings in business result from individuals making poor choices. But the more extensive and expensive breakdowns usually occur due to failures of company culture, with governance structures either broken or never properly established. Healthy companies have clear and consistent policies, open lines of communication for employees to report bad behaviour and established methods for the company to respond. 16 Ethical Boardroom | Autumn 2018

Strategies and best practices to mitigate the risk of misconduct Companies of all sizes and industries stand to benefit when the board of directors plays a central role in setting a strong tone at the top and providing leadership on corporate culture, including combatting sexual harassment, empowering employees to bring forward concerns and treating all employees fairly. Board members should pay attention to these issues, not only because they are responsible for risks that affect their companies’ bottom lines, but also because they have an obligation to shareholders to exercise oversight in the company and promote sound governance practices. Obviously, allegations against a top executive can be of particular concern to the board of directors. But board responsibilities go further than dealing with the crisis created by credible allegations against the CEO or other top executives. Earlier this year, the US Council of Institutional Investors (CII) examined

strategies and best practices for boards to mitigate the risk of sexual harassment and suggested some questions for investors to pose to boards to assess the quality of their oversight of the risk of sexual harassment. CII suggested these key takeaways for boards: ■■ Sexual harassment may go unreported because employees believe their HR departments lack the capacity or mandate to handle their cases. Breakdowns of trust can also hinder employees from coming forward with concerns. Companies have a responsibility to provide competent personnel to manage and monitor the company culture and boards have a responsibility to understand how this is done and diagnose where such efforts fall short ■■ More generally, corporate culture oversight ‘is by definition a key board responsibility’, as stated by a 2017 National Association of Corporate Directors Blue Ribbon Commission. Culture, the report advised, merits ‘regular, routine discussion among corporate leaders’. Culture clearly includes making the workplace free of sexual harassment as well as treating www.ethicalboardroom.com

Photo © Mihai Surdu/Unsplash

As we have seen repeatedly in the United States over the last two years, allegations of sexual harassment have profound repercussions for public and private companies and their shareholders. Operations become disrupted when top executives are forced out. The company’s reputation suffers and morale slumps. Management and the board may face legal charges and the financial costs can be severe.

Accountability | Commentary employees respectfully and promoting diversity. Culture also involves fostering trust between employees, managers and company leaders so that all personnel feel comfortable voicing concerns. It is up to the board to ensure that management upholds an appropriate tone at the top, with a sense of ownership and accountability for an ethical corporate culture that prioritises the dignity of all employees. ■■ Given recent revelations across many industries, all boards should discuss sexual harassment, including an examination of their companies’ policies. To ensure accountability, reports of sexual harassment – especially those against senior officials – must be brought to the board’s attention early, treated seriously and investigated thoroughly. ■■ Board composition, independence and culture can be critical in cultivating diverse perspectives to hold insiders accountable when sexual harassment occurs. Strong participation of women on boards and independent board leadership are clearly important. It may also be appropriate to assign clear leadership responsibilities on ethics and culture to a committee or subcommittee, including working with management to establish and monitor metrics on diversity and inclusion. ■■ The board should consider requesting information taking the following steps: ■ Include sexual harassment in their regular risk assessments ■ Discuss company culture, systematically and on a regular schedule, including: ■ Request information on past sexual harassment reports and records from HR ■ Require employee surveys that include questions about workplace environment, with meaningful data on employee views flowing to the board ■ Assess organisational tolerance for behaviour by high performers and other high-value employees that is inconsistent with the company’s stated values and code of conduct ■ Assess key factors that may make harassment more likely, including male-dominated power dynamics and decentralised and isolated workspaces ■■ Ensure that the company explicitly defines sexual harassment and provides examples of intolerable behaviour ■■ Direct management to ensure that harassment policies extend to the use of technology and advise that the company has the right to review any messages transmitted on company systems ■■ Have management and HR develop a plan to address harassment by third parties such as vendors and customers who are not subject to company policies and assure employees that they will be protected in those situations www.ethicalboardroom.com

■■ Verify that the harassment policy has been disseminated and is readily accessible to all employees ■■ Consider developing a means for employees to report sexual harassment directly to the board, such as through a designated board member, an online platform or an anonymous hotline. For larger companies where this may be impractical, boards should strongly consider putting some such mechanism in place for complaints about officers ■■ Where there are endemic issues or complaints against officers and senior managers, work with executives, HR and the legal department should determine the scope and timeline of investigations, including the people to be interviewed, the evidence to be weighed and the actions to be considered. In some situations, particularly involving allegations against the CEO and other top officers, a formal or informal committee exclusively composed of independent directors should investigate, drawing on resources including non-conflicted outside law firms ■■ Oversee a review and potentially revise other policies affecting company culture, including those on office parties, consumption of alcohol and disclosure of workplace romantic relationships

Healthy companies have clear and consistent policies, open lines of communication for employees to report bad behaviour and established methods for the company to respond ■■ Ensure all payouts to settle harassment cases are reported to the board ■■ Review with the legal team when information on incidents of sexual harassment should be reported to shareholders and how much information should be shared ■■ Include incidents of sexual harassment as a trigger for the recoupment of executive compensation, particularly where senior executives are involved or problems of supervised employees are endemic ■■ Verify that appropriate employee training is in place, as fostering a culture free of sexual harassment requires awareness throughout the company. Substantive training, not mere check-the-box exercises, can familiarise employees with the boundaries of appropriate workplace behaviour and the policies in place

■■ Finally, boards must assure themselves that the company is effectively promoting workplace diversity

CII suggested these key questions that investors can pose to boards:

■■ How does the board set the tone at the top of the company and how does that filter through the organisation? ■■ Does the full board discuss corporate culture annually or on some other regular basis? Is there a committee of the board that has special responsibilities in this area? ■■ How does the board learn about morale and attitudes, including employee comfort with avenues to raise complaints of sexual harassment and other workplace incidents? ■■ What mechanisms are in place for the board to learn about employee complaints generally and allegations of sexual harassment in particular? Does the board receive any direct reports on employee complaints of sexual harassment? ■■ How does the company handle sexual harassment complaints? For example, in what situations would an individual accused of harassment be put on administrative leave? How is confidentiality of the complainant protected and how do you ensure that there is not retaliation against complainants? ■■ Has the board or a board committee discussed possible causes for any sexual misconduct, or ways to eliminate sexual harassment? ■■ How does the board understand employee attitudes with regard to equal employment and diversity? Are there parts of the company or job categories of particular concern for promoting gender diversity? ■■ Does the board receive reports with statistics on employee turnover? Does the company conduct robust exit interviews and does useful information filter to the board from such interviews? ■■ Are employees required to use arbitration to pursue sexual harassment complaints? ■■ Does the board or a board committee meet regularly with the head of HR and other senior officials responsible for workplace conditions and equal employment? ■■ Is HR staffing adequate to address potential worker concerns about equal employment and sexual harassment? ■■ Please describe hot lines and whistleblowing mechanisms that would help surface complaints about sexual harassment, including those against senior officers. ■■ There is mixed evidence on the effectiveness of training about harassment. Does the board have clear explanations of training around harassment and sufficient information on the effectiveness of such training? Autumn 2018 | Ethical Boardroom 17

Commentary | Corporate Governance

So what does good governance look like? Public trust in business has eroded since the ﬁnancial crisis of 2008 but a shift appears to be happening which investors and boards need to seize. The 2018 Edelman Trust Barometer found that business is now expected to be an agent of change.

The employer is the new safe house in global governance, with 72 per cent of respondents saying that they trust their own company. And 64 per cent believe a company can take actions that both increase profits and improve economic and social conditions in the community where it operates. 2017 saw CEO credibility rise sharply by seven points to 44 per cent after a number of high-profi le business leaders voiced their positions on the issues of the day. Nearly two thirds of respondents say they want CEOs to take the lead on policy change instead of waiting for government, which now ranks significantly below business in trust in 20 markets. This show of faith comes with new expectations. Building trust is now the number one job for CEOs (according to 69 per cent), surpassing producing high-quality products and services (according to 68 per cent). This is consistent with the greater focus from the business world and regulators on a healthy corporate culture and constructive relations with a wider range of stakeholders in delivering long-term sustainable success.

How investors and boards can move from a tick-the -box approach to actions that are meaningful Beatriz Araújo & Joanna Hewitt

Beatriz and Joanna are both Partners at Baker McKenzie LLP, London Investors and boards are not always aligned as regards what a company should be focussed on – the long-term or the short-term, how to balance both. Transparency, culture and integrity are the new buzzwords. A company’s licence to operate is at risk if it fails not only investors/shareholders but its other stakeholders including employees, customers, suppliers, the environment and the community in which it operates. There is a lot of noise regarding corporate governance, that it needs to improve in practice. Corporate collapses are often blamed on poor governance and ‘bad’ conduct. In most countries, directors owe their duties to the company as a whole, not to its shareholders; this needs to be understood better in the boardroom. The agency theory of corporate ownership, most prevalent in the US, has led shareholders to act as if they own the company and

directors’ decision making has often reﬂected this – shareholders believe they have ultimate authority over a company’s business and demand that its activities be conducted in accordance with their wishes. In addition to being legally incorrect, this approach puts directors in conﬂict with their duties at law. However, this dilemma is being acknowledged with more focus being placed by regulators on the stewardship role investors must play in their interactions with companies. So, what does ‘good’ look like in governance? Good corporate governance is not simply about codes or rules; it involves strong leadership, a positive culture, robust systems and effective risk management. These all encourage and reinforce behaviours that ensure company representatives act to protect the interests of the company and its long-term success. Good corporate governance also encourages shareholders/ investors to align their expectations with the duties directors of companies are subject to. The key actors in ensuring a company’s long-term sustainable success are boards/ directors and, we would argue, also investors/shareholders – so we look in turn at what good looks like for each of them. For boards, we would summarise the five essential elements of ‘good’ as follows:

Structure (chair, board composition and committees) A good chair is one that has the independence to set a challenging agenda for the board, sets clear

SECRETS TO SUCCESS Good governance is more than just following codes and rules 18 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Corporate Governance | Commentary expectations for performance of directors, including non-executive directors and has the right balance in terms of her/his challenge and support of the CEO. S/he also has the board focussed on CEO succession. In addition to an effective chair, boards should be diverse, consist of members who cover a balance of skills, backgrounds, experience and knowledge relevant to the company’s current strategic aims, with each director fully understanding her/his duties and capable of making a valuable contribution. Boards need to be supported by strong committees Understanding their legal duties The current focus of regulators, in the UK especially, is to ensure directors of companies understand their legal duties and act accordingly. In particular, their duty to promote the long-term success of the company for the benefit of all shareholders and in doing so having regard to the interests of all relevant stakeholders. This duty is being ‘enforced’ via reporting obligations – asking boards to state in their annual reports how they have complied with their duty, to explain the stakeholders they consider relevant and why, the main methods of engagement with stakeholders and the effect such engagement has had on the company’s decisions and strategies Effective decision-making For this, the following elements are necessary (i) good team dynamics; (ii) a solid understanding of company’s strategy and strategic and model; (iii) incentives that are

www.ethicalboardroom.com

Good corporate governance is not simply about codes or rules; it involves strong leadership, a positive culture, robust systems and effective risk management aligned to desired outcomes; (iv) reliable and complete information from management; and (v) effective challenge of management Good tone at the top and a belief in the company’s purpose (and ability to articulate it) Good communication and transparent relationship with investors/shareholders

4 5

Unlike directors, shareholders (and indeed investors) have no fiduciary duties at law towards the companies they hold shares in. Where shareholders are long-term owners of the shares (such as family companies) their interests are, on the whole, aligned with appropriately incentivised boards, namely, long-term value creation. But where shares are owned more indirectly (such as via managed funds), the interests of the fund managers can be on a collision course with the legal duties of the board. There can be a mismatch between the expectations investors place on boards (essentially, to deliver ever faster and increasing returns) and the duties of directors (which, in effect, require them to take into account the long-term effect on the company’s prospects of decisions they take).

Mindful of this mismatch, the UK’s Financial Reporting Council (FRC) has set out an initial line of inquiry about the future of the country’s Stewardship Code and has highlighted support for new stewardship requirements for investors similar to those currently imposed on company directors. The response to date suggests there is general support for Stewardship Code signatories to report on how they have considered a wide range of stakeholders in their own organisations, their investment process and the companies in which they invest. For investors, we would summarise the five essential elements of ‘good’ as follows:

Engagement Good and constructive engagement with companies; investors should discuss with boards gaps in good governance regarding the five elements described above. Understand the duties of directors to promote the long-term success of the company and in the context of that framework discuss performance. Hold the board to account for the fulfilment if its responsibilities (but not for the performance promised by investors to their clients) Knowledge A solid understanding of the company’s individual circumstances, including strategy, industry, markets and competitive environment. This allows better interactions when seeking explanations for or clarifying company decisions Relevant Investors must avoid engaging in tick-the-box exchanges with companies, one size does not fit all Advisors Investors need to make sure they are clear of the role they expect their advisors, in particular proxy advisors, to undertake, consistent with their stewardship role Client voice It is important that investors take account of the factors that their clients value and vote their shares accordingly, including as regards incentives for company management

2 3

4 5

Autumn 2018 | Ethical Boardroom 19

Global News Middle East UAE exchange promotes sustainability Abu Dhabi Securities Exchange (ADX) has partnered with management consulting firm Sustainability Excellence to promote ESG and sustainability values and practices among its listed issuers. ADX said it has signed a memorandum of understanding with the consultant to enhance the market’s ability to achieve its strategy of becoming a sustainable market for securities. Rashed Al Baloushi, chief executive of ADX, said: “ADX will intensify its efforts in the next phase to promote responsible investment and encourage constructive dialogue between investors and listed companies.” ADX also launched an integrated digital platform — Sahmi — to provide services for individual investors. Sahmi will automate investors’ service requests within the platform across all major systems in ADX, as well as integrating it with digital initiatives introduced by the UAE government.

Drive to empower women in Kuwait CEOs of Kuwait’s most prominent companies have backed the launch of a United Nations’ initiative that recognises women as a driver for growth in the country. The Women’s Empowerment Principles (WEPs), developed by the UN Women and the UN Global Compact, were launched at the Kuwait Chamber of Commerce and Industry in October. The WEPs offer seven steps to guide businesses on how to promote gender equality and empower women in the workplace, marketplace and community. Some of Kuwait’s leading companies — EQUATE, Al Hamra Real Estate Co, Alghanim, Burgan Bank, Zain and Gulf Insurance Company — formally endorsed the Principles at a ceremony organised by the General Secretariat of Supreme Council for Planning & Development in Kuwait and Kuwait University.

Investment in Saudi Arabia under threat World leaders, investors and CEOs pulled out of a three-day financial conference in Riyadh after the murder of journalist Jamal Khashoggi in Saudi Arabia’s embassy in Istanbul. The forum — dubbed ‘Davos in the desert’ — gathered business figures and politicians to discuss topics related to economic development, including technology, global governance and the environment. But it was overshadowed by many top name cancellations following the death of Khashoggi. It was a blow to the kingdom’s aim to reverse a decline in foreign investment by diversifying its economy and ending its ‘addiction’ to oil. Richard Branson announced he was pulling back from two tourism projects in Saudi Arabia and has suspended discussions with the Saudi government about a $1billion investment in Virgin’s space companies. “What has reportedly happened in Turkey around the disappearance of journalist Jamal Khashoggi, if proved true, would clearly change the ability of any of us in the West to do business with the Saudi government,” Branson said in a statement. 20 Ethical Boardroom | Autumn 2018

Dubai finds partners for ‘smart’ mission Smart Dubai, the government department with a mandate to make Dubai the happiest global city through technological innovation, has forged new partnerships as it seeks to cement Dubai’s global lead in the smart city sector. IBM and Smart Dubai will collaborate to establish a Data Science Lab in the emirate, aimed at developing skills and collaboration, as well as to host a chief data officer summit in Dubai next year. An alliance between Smart Dubai and the University of Oxford Centre for Technology and Global Affairs will see the sharing of knowledge through workshops and the development of policies and technological progress.

PR mission for Pearl Initiative Pearl Initiative, an independent non-profit organisation, has hooked up with Dubai PR agency ASDA’A BCW to help promote a corporate culture of transparency in the Gulf region. An agreement was signed by Carla Koffel, executive director of the Pearl Initiative, and Sunil John, founder and president at ASDA’A BCW. John said: “Corporate governance, accountability and transparency are the pillars of successful businesses. We are happy to engage in the Pearl Initiative’s activities to raise awareness on the value of ethical business and to promote the highest principles of corporate accountability and transparency in the Gulf region.” Founded in 2010, Pearl Initiative develops programmes and publishes regional research reports and case studies, with the aim to influence the regional business and student community towards implementing higher standards of corporate governance.

www.ethicalboardroom.com

Board Progression

Board Evaluation that Adds Value Unlike traditional board evaluations which may be more past-oriented, Hawkamahâ&#x20AC;&#x2122;s board progression tool is a future-oriented and practical way to improve board effectiveness. It utilizes a progression matrix which has been developed by experienced board members, drawing from their experience of boards across the world. Our methodology is aimed at creating buy-in from all board members on the ways in which the board can progress and improve in areas that are important, and that can have a positive impact on a company's performance and competitive position. For more information, contact us on: info@hawkamah.org or +971 4 362 2551

Cover Story | The Indian Hotels Company Ltd

Indian Hotels Company: Rated five stars for corporate governance AWARDS

WINNER 2018 ASIA LEISURE & HOSPITALITY Ethical Boardroom talks to Puneet Chhatwal about IHCL’s foundation of integrity, transparency and ethical values Puneet Chhatwal

Managing Director & Chief Executive Officer, Indian Hotels Company Limited (IHCL) ETHICAL BOARDROOM: The Indian Hotels Company Limited (IHCL) is part of the TATA group of companies – synonymous with ‘Best in Class’ ethical practices. Can you tell us about IHCL’s philosophy and how it adheres to the TATA business excellence model? PUNEET CHHATWAL: India’s Tata Group has come to represent a global hallmark of quality. The subcontinent’s largest corporate conglomerate, Tata Group is recognised both at home and abroad for its ethical and transparent business practices. The Group is considered also a pioneer of governance, sustainability and responsible investing. By putting in place a solid and comprehensive governance framework, Tata Group has mitigated risks and established a reputation for fairness in all its dealings. Part of the Tata Group, the Indian Hotels Company Limited’s philosophy on corporate governance is laid on a foundation of integrity, excellence and ethical values which have been in practice since its inception. Strong leadership and effective practices have been the company’s inherited values from the Tata culture and ethos. This is a reflection that corporate governance practices are an integral part of all company activities, which 22 Ethical Boardroom | Autumn 2018

help ensure efficient conduct of the affairs of the company by involving all stakeholders, without compromising its core values. Excellence is a continual quest at the Tata Group and Tata companies are supported in their efforts to achieve world-class standards in all aspects of operations through group-level processes and systems that encourage and enable business excellence. IHCL uses the Tata Business Excellence Model (TBEM), which covers business aspects that range from strategy and leadership, to safety and climate change. The ethos of the TBEM model is to enhance value for all stakeholders and contribute to marketplace success, maximise enterprise-wide effectiveness and capabilities, and deliver organisational and personal learning, which is the base of the corporate governance philosophy of the company. IHCL insists that suppliers adhere to the same high standards with respect to human rights, health and safety, gender equality and corporate social responsibility, amongst others. Already 67 of the group’s 79 hotels possess the coveted Gold certification for sustainability and environmental care. By the end of the current year, all of its hotels are expected to have obtained the certificate. IHCL has recently been bestowed with the ‘Best Hospitality Corporate Governance in India 2018 Award’ by Capital Finance International (CFI), a leading economic & financial journal, headquartered in London. IHCL was the only hospitality company in India to have won this award. Th is award reflects our commitment to conduct business in an inclusive and transparent manner. Besides adherence to ethical practices in business, our company embraces best practices for governance continually to move towards long-term sustainability. EB: You took the helm at IHCL just over a year ago; what steps have you taken to develop the company’s governance practices? PC: The benefits of effective governance for companies includes more strategic thinking, improved decision-making processes, proactive risk management and, ultimately, leveraging investment and capital at more

competitive rates. At IHCL we have been more proactive in the establishment and monitoring of strategy, including those objectives that underpin growth. We have re-assessed how well the organisation is positioned to attract and retain the skills and resources necessary to deliver the strategy and at the same time remained alert to developments in competition and innovation. We are well aware of the new and emerging trends in the use of technology and data, digital marketing and social media, which help us identify and monitor risks as they develop and emerge, including financial, operational and compliance-based risks. Besides these, in the past one year we have taken the following steps to enhance the company’s governance practices: ■ Aligned the governance structure with the growth of the company ■ Identified and promoted the intangible asset of culture that is desired and suited to implementation of governance measures and ensuring that the tone is set across the organisation ■ Established clear lines of accountability among the board, chair, MD, executive committee members and management ■ Ensured more diverse board composition, which would have a significant impact on the boardroom culture of decision-making ■ Adopted a confl ict of interest policy, a code of business conduct, which sets out the company’s requirements and process to report and deal with non-compliance, and a whistle-blower policy with responsibility cast for oversight and management of these policies and procedures In addition to the mandated corporate governance requirements www.ethical

The Indian Hotels Company Ltd | Cover Story as per the SEBI (Listing Obligations and Disclosure Requirements, or LODR) Regulations 2018, the company has adopted more stringent governance guidelines.

SUSTAINABLE, TRANSPARENT AND FAIR MD & CEO Puneet Chhatwal is committed to improving corporate governance

EB: Having a strong, independent board is one of the pillars of long-term value creation. Can you describe how independent directors enhance IHCL’s board? PC: Independent directors act as a guide to the company and are the cornerstone of corporate governance. Their roles broadly include improving corporate credibility and governance standards, functioning as a watchdog and playing a vital role in risk management. At IHCL, independent directors play an active role in various committees set up by the company to ensure good governance. Their presence on the board helps to minimise the potential occurrence of conflicts of interest as much as possible, which is certainly a first step towards building trust. They play a crucial role in bringing objectivity to the oversight function of the board and decisions made by the board of directors, thereby enhancing board effectiveness. While they do not take part in the company’s day-to-day affairs or decisionmaking, they ask the right questions at the right time regarding the board’s decisions by raising the appropriate red flags to avoid the occurrence of unwanted situations and their consequences to a great extent. EB: Effective communication within an organisation is critically important for corporate governance structures to succeed. Tell us about IHCL’s stakeholder engagement strategy and why you believe it’s important to have open dialogue. PC: At IHCL we believe that corporate governance should be able to inspire stakeholders to willingly embrace the principles of good governance. To achieve this, effective communication systems to influence opinion, attitude and behaviour changes among stakeholders are imperative. Many of the governance problems we see or hear about, are an embodiment of disconnects between and among stakeholders. Communication can be traced to all governance activities, such as accounting and Autumn 2018 | Ethical Boardroom 23

Cover Story | The Indian Hotels Company Ltd auditing, disclosure, integrated reporting, board effectiveness, corporate citizenship, social responsibility, ethical conduct, etc. The principles of fairness, inclusiveness, transparency, accountability and rule of law are the key elements of communication with the stakeholders. Our vision as a business is to be a customer-focussed company, trusted by our communities and stakeholders. We recognise and embrace the fact that effective engagement with our stakeholders is key to our success in realising our vision as a business, and we see the role of stakeholder engagement as both broad and deep. At our company, leadership inspires people to walk within principles of good governance by connecting with stakeholders. Timely reporting of data to the shareholders and board members creates an atmosphere of trust between all stakeholder relationships. IHCL, through integrated reporting and disclosure, presents its periodic financial statements and annual reports, which provide a channel for communication among shareholders, board and management and other stakeholders. Engagement covers all the different ways in which we involve stakeholders in what we do – from simple information provision, through to the gathering of views and feedback, to joint working, problem-solving and strategic planning. The objective of our stakeholder engagement strategy is: “To continually improve how we engage with stakeholders across all aspects of our business – in order to identify and realise opportunities to inform, understand, problem-solve, plan and deliver better against our vision as a business.” Engaging with individuals, groups and organisations that are affected by our activities and responding to their concerns makes us perform better. It increases our knowledge and contributes to how we operate in the future. It brings benefits to the organisation, including improvements in reputation, resilience during difficult situations, risks management and in shaping the long-term business. Our governance structure for stakeholder engagement ensures that we have appropriate processes and opportunities in place to gather and develop strategic opinions, and to engage to make and implement decisions in line with these opinions. EB: Gender board diversity is a relatively new concept in Indian boardrooms. What progressive steps has IHCL undertaken to ensure that women are represented on the board? PC: As a Tata Group Company we believe that gender diversity in the boardroom is fundamental. A boardroom is where strategic decisions are made, governance is applied and risk is overseen. So, it’s imperative that boards are made up of competent, highcalibre individuals who offer a mix of skills, 24 Ethical Boardroom | Autumn 2018

Women directors tend to be more protective of the company’s assets, employees and reputation, and generally ensure greater scrutiny of decisions

TAJ LAKE PALACE This iconic hotel featured in the James Bond film Octopussy

experiences and backgrounds. Globally and in India, the call for gender diversity on corporate boards has gained momentum due to certain legislative actions. The Companies Act, 2013 provides that certain classes of companies must have at least one female director and additionally, as per the LODR regulations, every listed company shall have at least one female independent director. These regulations have given women a voice in the boardroom. Women directors tend to be more protective of the company’s assets, employees and reputation, and generally ensure greater scrutiny of board considerations and decisions. IHCL has two highly experienced and well-networked women independent directors on its board, Ireena Vittal and Vibha Paul Rishi, who provide valuable insights on strategic matters at board meetings. We have also ensured that all our high-level committees have women directors. EB: Corporate governance codes and regulations are still in their infancy within India, so how difficult has it been to adapt to international best practice standards? PC: India has a well-developed framework for corporate governance and received commendation for the quality of governance standards from researchers and market analysts in the recent past. As far as structural and regulatory changes are concerned, India has witnessed several enactments – the Companies Act, 2013 and LODR regulations, which have contributed significantly in strengthening governance norms and in increasing accountability by way of disclosures.

UNIQUE FLAVOUR OF HOSPITALITY IHCL is recognised for offering guests the refined luxury of heritage

India has liberalised the regulatory fabric of the country to align its corporate governance norms with those of developed countries. India has adopted international best practices, but their implementation, outside of their natural context, has remained challenging. For achieving desired results, it is important that regulatory measures are based on the practices and business environment in India and should be coupled with the board and the promoters’ embracing such reforms – in form and spirit. The compliance regime has been tightened, and criminal and administrative penalties have been toughened. It can be stated that awareness of the importance of good corporate governance practices is now reasonably widespread. Global and Indian trends have shown that shareholders and investors have embraced and rewarded companies with much higher premium/valuation for implementing the best-in-class ethical www.ethicalboardroom.com

The Indian Hotels Company Ltd | Cover Story and governance practices. As such, good governance is no longer a matter of choice but a lifeline for the survival and sustainable growth of the company.

©Ed Yourdon

EB: To grow IHCL’s portfolio significantly you have already drawn a five-year plan. Could you summarise the strategy? PC: Our number one priority is to execute Aspiration 2022, the five-year business plan to make IHCL the most iconic and profitable company in the subcontinent. Our strategy is three pronged: ‘Restructure, Reengineer and Reimagine’ our portfolio to achieve eight per cent point EBIDTA margin improvement FIVE STAR LUXURY IN RAJASTHAN Originally built in 1835, Rambagh Palace was once the residence of the Maharaja of Jaipur

by 2022. By 2022, we are aiming to increase room inventory to more than 25,000 rooms in all categories and enhance our geographical footprint in India and key growth markets abroad. One of the key aspects of Aspiration 2022 is reimagining our brandscape. The refreshed brandscape will enable IHCL to expand its portfolio across different customer segments with various brands to address different price points. The brand portfolio will comprise the iconic Taj hotels, which will continue to operate in the luxury segment in key gateway cities. Vivanta will be the growth driver for tier two and three cities and operate as upscale hotels for the sophisticated traveller. Ginger will have a significant presence in the IHCL portfolio and will address the company’s requirement to be present in the lean luxury segment. We have launched a new brand called SeleQtions a ‘named’ collection of hotels that are unique, one of a kind, where each hotel will have a distinctive name. EB: Would you say Indian hospitality has made a significant global mark or there is still some way to go? PC: IHCL has a strong international presence across some of the world’s most significant tourism markets, including London, New York, Boston, Cape Town, San Francisco and Maldives. We have received numerous global awards and accolades, which bear testimony to the fact that Indian hospitality has been making a significant mark in the global space. For instance, as per the KPMG Global Customer Experience Excellence Report, IHCL has been chosen as India’s leading brand by consumers and has been recognised as one of the ‘Top 20 Hotel Brands in the World’ by Travel + Leisure. Today, IHCL’s iconic brand Taj’ is synonymous with Indian hospitality the world over. 5 Taj hotels ranked amongst the 50 best hotels in the world by the Conde Nast Traveller US’s Readers’ Choice Awards in October 2018. Our flagship hotel, The Taj Mahal Palace, Mumbai, ranked at the top spot globally according to an evaluation by TrustYou, the world’s largest guest feedback aggregator. These awards and accolades are encouraging but

MR. BEEJAL DESAI Senior Vice President, Legal & Company Secretary www.ethicalboardroom.com

the journey to become the world’s best hospitality company is ongoing. EB: Can you elaborate on IHCL’s other global expansion plans? PC: Internationally, we aim to target the locations that have significant customer cross over and where our brands have great visibility and acceptance. Cities with presence of a large Indian diaspora who are ambassadors of our brand would be key entry points for us to venture into newer geographies. We are excited about our expansion in the MENA region, with two hotels due to open in Dubai and our fi rst foray into the Holy City of Makkah, Saudi Arabia. We have also signed a Taj hotel in Deira, Dubai. We will be introducing the Vivanta brand at London Heathrow. We have also signed a hotel in Kathmandu, Nepal. Within the Indian subcontinent, we are passionate about opening up lesser-known areas to the international luxury traveller. We have just reopened one of South Asia’s oldest historical icons – Taj Connemara after a year-long renovation. We are also looking forward to showcasing the natural beauty of Rishikesh with Taj Rishikesh Resort & Spa opening this winter. We will also open the Taj Theog Resort & Spa in Theog, Simla and Taj Aravali Resort & Spa in Udaipur in the coming months. Today we have 170 hotels, which includes 25 under development, across four continents, 12 countries and 80 locations. EB: We understand that there is a lot of emphasis on sustainability at IHCL. Please share with us some of the things that the company does in this area. PC: IHCL has a strong legacy of 115 years of giving back to the community as it is the very core of our existence. We have led many initiatives in sustainability and environmental stewardship. Most recently, we have begun the phasing out of single-use plastic in our luxury hotels and plastic straws across all our 145 hotels. We also opened India’s first zero single-use plastic hotel, Taj Exotica Resort & Spa in the Andamans. Various other initiatives in the areas of water conservation, renewable energy and providing sustainable livelihoods are ongoing and a way of life for our company.

MAGICAL MALDIVES Taj Exotica Resort & Spa is a haven of tranquility Autumn 2018 | Ethical Boardroom 25

Board Leadership | Independence Levels DECLARATIONS OF INDEPENDENCE Investors are taking a more proactive stance in evaluating the board of directors

Independence insight Conversations about board and director independence are a lot like politics: where you stand depends on where you sit.

Different stakeholders, such as shareholders, management, employees, regulators and others, often have different perspectives on what constitutes a ‘good’ board and those perspectives may vary region to region – and that’s before regulation and local code enter the mix. Even fundamental questions are still debated: ■ How should director independence be assessed – specifically, what factors should cause a director to be considered non-independent? ■ What proportion of the board should be independent to best serve the shareholder base? ■ Does long tenure threaten director independence, or do long-tenured directors act more independently than shorter tenured directors? ■ Are employee representatives or government representatives beneficial to shareholders? ■ Should controlled companies, or companies with other unique capital structures, be subject to differentiated standards? These questions, as well as many others, shape the debate over director and board independence. And, although every stakeholder group may have its own opinion about some of these issues, the 26 Ethical Boardroom | Autumn 2018

Global perspectives: evolving expectations for board and director independence John Roe

Managing Director, Head of ISS Analytics opinions of shareholders – who elect the majority of directors in most regions – may count most. But shareholders aren’t the only stakeholders having significant impact. Corporate governance codes and standards are evolving at perhaps a record pace; of the 50 largest global equity markets, 33 countries have revised their governance codes or standards within the last three years or are currently in the process of making revisions. Countries currently undergoing consultations include Australia, Belgium, France, Germany, India, Japan, Singapore and the United Kingdom. As markets mature and ownership structures diversify, giving outside investors more influence, independence standards – both in terms of what makes an individual director independent, as well as what proportion of directors should be independent – may increase. What is clear globally is that investors are taking a much more active stance in evaluating the board of directors, and they are becoming more willing to

express their viewpoints both privately and, in some cases, publicly.

Independence is in the eyes of the owners?

While local regulation and code spell out the technical definition of independence in each country, shareholders may have a different perspective; they often hold companies to a higher standard than the market requires. And to make matters more complicated for companies and directors, different investors have different perspectives on what makes a director independent and they may vote on those beliefs. As a proxy adviser, ISS works in consultation with global investors to develop a ‘benchmark’ view of independence criteria that reflect the views of institutional shareholders; those criteria frequently differ from local market requirements. Few investors will use exactly these criteria; rather, this set reflects a moderate viewpoint that incorporates the thoughts of many investors and also forms the basis of ISS’s director independence assessments. Even within ISS’s own policies, these criteria differ from country to country and region to region (see Table 1, right). Some of these criteria lead shareholders to view director independence differently from the company’s position more often than others. Among the most impactful are stricter thresholds for director tenure, a more conservative threshold for related party transactions and shareholder representatives and the more thorough consideration of familial relationships and prior employment relationships. In some www.ethicalboardroom.com

Independence Levels | Board Leadership

TABLE 1: OWNER’S PERSPECTIVE OF FACTORS THAT WOULD LEAD TO DIRECTORS LOSING INDEPENDENCE

■ ■ ■ ■ ■ ■ ■

■

■ ■ ■ regions, compensation arrangements, such as performance-based awards, stock options, or warrants, also threaten independence. At companies around the globe with market capitalisations of at least $100million, company declarations of independence match these criteria for more than 95 per cent of all directors. But in some regions – including Europe – the difference is greater. Across Europe, our benchmark criteria cause about nine per cent of directors to receive a different independence determination; five countries have at least 25 per cent of directors reclassified as non-independent: Austria, Switzerland, Russia, Germany and France. This is largely driven by divergent opinions on director tenure. When looking at global data, it’s important to note that this benchmark view varies from region to region; for example, the policy that ISS uses to classify directors in North America does not consider director tenure as a factor that could compromise independence. These differences are driven by differing regional investor preferences.

A foundation of data: board independence levels vary from region to region

Accepted market practices, regulation, investor preferences and company decisions all influence board independence globally. Pulled from our database covering more than 160,000 global directorships at more than 23,000 companies, we examined the top 20 markets (defined as those counties having the most public companies with a market cap of at least $100million and with data available on at least 1,000 directorships at those companies). A review of the data makes it clear that there is a wide range of independence levels at boards around the world (see Figure 1, right). www.ethicalboardroom.com

■ ■ ■

■

Director identified as non-independent by the company Director is an employee or executive of the company Director is an employee representative or government representative Director receives salary, fees, bonus, and/or other benefits that are in line with the highest paid executives of the company Director specifically designated as a representative of a significant shareholder of the company Director nominated by a dissenting significant shareholder unless there is a clear lack of material connection with the dissident, either currently or historically Director is a beneficial owner (direct or indirect) of at least 10 per cent of the company’s stock, either in terms of economic value or voting rights, unless market best practice dictates a lower ownership and/or disclosure threshold Director (or a relative) provides professional services to the company, to an affiliate of the company, or to an individual officer of the company or of one of its affiliates in excess of $10,000 per year Director represents customer, supplier, creditor, banker, or other entity with which the company maintains a transactional/commercial relationship (unless the company discloses information to apply a materiality test) Director has cross-directorships with executive directors or those in comparable roles Director is a relative of a current or former executive of the company or its affiliates Director is a new appointee elected other than by a formal process through the general meeting (such as a contractual appointment by a substantial shareholder) Director is a founder/co-founder/member of founding family but not currently an employee Director is a former executive (reappointed within the five-year cooling off period) Director has excessive years of service from date of first appointment, as determined by the EC Recommendation 2005/162/EC, local corporate governance codes, or local best practice Director has any additional relationship or principle considered to compromise independence under local corporate governance best practice guidance (Drawn from ISS’ European director independence policy; for complete information, visit https://www.issgovernance.com/file/policy/active/emea/Europe-Voting-Guidelines.pdf)

FIGURE 1: GLOBAL BOARD INDEPENDENCE LEVELS — COMPANY AND ISS CALCULATED Percentage of board members classified as ‘independent’ Switzerland

83%

55%

USA Canada 65% 58% 62% 53% 59% 57% 58% 55% 54% 53% 52% 51% 51% 50% 51% 46% 50% 49% 47%

Australia Sweden South Africa United Kingdom Singapore India Israel Italy Malaysia Germany France Spain Thailand Brazil Hong Kong Korea (Rep. of) China

30% 36%

81% 77% 76% 72%

47%

43% 41% 42% 41% 41% 38% 40% 39% 39% 39% 39% 38%

■ Company reported ■ ISS determined Source: ISS Analytics

Autumn 2018 | Ethical Boardroom 27

Board Leadership | Independence Levels Of course, there are many different explanations for the differences, usually driven by features of local market best practice recommendations and codes. In some regions, requirements even differ by company size or ownership structure, with smaller and/or controlled companies subject to different rules. Furthermore, disclosure standards vary dramatically by region, allowing more granular determinations of independence in certain regions; the reporting threshold for related party transactions is an example of an area where there is yet to be global alignment.

Within Europe, board independence levels vary

Within Europe, there’s an even broader spread in board independence levels. Loosening the fi lter to include all countries with at least 10 companies with a market capitalisation of at least $100million and at least 100 directors disclosed, we see large spreads in independence levels – especially in countries which are just beginning to see increased shareholder interest, such as Greece and Turkey (see Figure 2, right). A significant amount of the variation is explained by the board independence standards adopted by each country. Local codes and standards have not established congruent levels of independence in each market – even after multiple rounds of revision. What remains to be seen is how initiatives such as the Shareholder Rights Directive II, which encourages more shareholder engagement, will influence board and director independence across the EU; to date, the impact has been muted, but with more attention being paid to the board of directors, particularly on related party transactions and pay-and-performance for directors, there may be more developments to come.

Considering board and director independence in the board succession process

Boards should constantly be monitoring their independence levels against the criteria used by shareholders, especially in regions where factors such as tenure can cause an otherwise independent director to no longer be considered independent. But the occasion of nominating a new director to the board should trigger a deliberate and fresh review. Given increasing attention on boards of directors and potentially rising shareholder expectations, the very constitution of the board is becoming more important to shareholders. From the owner’s perspective, having the right board in place that (among other duties) is able to manage risk and oversee management effectively, while keeping shareholder interests top-of-mind, is important. When selecting new directors, companies should 28 Ethical Boardroom | Autumn 2018

DO DIRECTORS HAVE A USE-BY DATE? Some investors associate long tenure with a loss of independence

be aware of the differing viewpoints their investors may have on board independence; many large institutional investors make those feelings known through published proxy voting guidelines or voting policy documents. For seats that companies intend to fi ll with independent directors, finding directors that satisfy the criteria of most investors may make investor relations operate more smoothly. But when the determination is made to fi ll a shareholder-elected board seat with a non-independent candidate, it’s important to be able to clearly articulate the reasons why it is in shareholders’ best interest to support the nominee. And, as time goes on, the burden of responsibility for this explanation will likely go up. Does that mean that boards should refrain from nominating non-independent directors? The answer is clearly no. There are many non-independent directors that offer unique skills and capabilities beneficial to shareholders, and whom shareholders will continue to support. Companies often defend

INDEPENDENCE STANDARD Majority independent

50 per cent independent

One-third independent

Less than one-third independent No independence standard

ADOPTING COUNTRIES Finland Netherlands Norway Sweden Switzerland Denmark France (widely held) Ireland Spain (widely held) United Kingdom Austria France (small cap) Greece Italy Portugal Russia Belgium Poland Romania Germany Luxembourg

www.ethicalboardroom.com

Independence Levels | Board Leadership

FIGURE 2: EUROPEAN BOARD INDEPENDENCE LEVELS — COMPANY AND ISS CALCULATED Percentage of board members classified as ‘independent’ Switzerland

83%

55%

Netherlands Finland Sweden

53%

Ireland

51%

Denmark 32%

Norway

39%

Italy Germany

30%

France

36%

Poland

37%

Belgium Spain Luxembourg

33%

Cyprus Greece Russian Fed.

21%

Turkey Portugal

23% 20%

35% 33% 32% 33% 30% 29%

non-independent directors that fall into one or more categories (this is not an exhaustive list): Long-tenured directors Tenure-related loss of independence is perhaps one of the most controversial criteria, even though it is codified in many countries. In line with such codes, some investors believe that long tenure leads to a loss of independence through long association with management, long association with other directors, or an accumulating financial position in the company. But other investors – perhaps the majority of global investors – sometimes relate that having a small cadre (typically one to three) of long-tenured directors who have deep company knowledge and are less likely to be beholden to any management member, benefits shareholders. Employee representatives Employee representatives as non-independent directors are also a global hot topic. While some markets, including Germany, have requirements for significant numbers of employee representatives on the board, most do not. Europe is the exception to the rule, where nearly half of all markets encourage or require employee representation, usually at a level of about one-third of the board. However, even in the US, one of the countries with www.ethicalboardroom.com

59%

58% 55% 56% 53% 56%

United Kingdom

Austria

61% 62%

80% 76% 75%

54% 51% 46% 47% 47% 46%

44% 42% 43% 41% 40%

40%

directors in the year of or two years prior to their ascension; that period is intended to smooth the transition to the boardroom and to help build working relationships with the other corporate directors. Th is is typically viewed favourably by shareholders, particularly when the succession plan is clearly communicated well in advance. Similarly, holding a retiring executive on the board for a short period, usually one to two years, following his or her departure may also be seen as comforting to shareholders. Shareholder representatives Shareholder representatives can also be a valuable way to bring external perspectives onto the board – particularly when the shareholder’s interests are generally aligned with minority shareholders, and the shareholder has an appropriate time horizon. Many companies actively fend off attempts to bring these representatives onto their boards – but, anecdotally, once they manage to be seated, incumbent board members often relate that their perspectives and suggestions materially improve board performance.

Steps for companies to take — and what the future holds ■ Company reported ■ ISS determined Source: ISS Analytics

What does all of this mean for directors – particularly the nominating committee – at the point of board succession?

the highest levels of independence globally, there is at least discussion of adding the requirement for employee representatives. Spurred by Massachusetts Senator Elizabeth Warren’s proposal of Accountable Capitalism Act, some are calling for up to 40 per cent of board seats to be held by employees. Employee representatives can have positive impacts for companies – but choosing who those representatives are can make a difference. For instance, Delta Air Lines holds one board seat for a pilot (even though the pilot must be elected by shareholders); this board member likely adds significant insider knowledge and perspective to the boardroom. However, some companies stack their board with employee representatives sourced exclusively from corporate officers and senior executives, where there may be less of a divergent viewpoint; investors may view these situations with more scepticism.

■ Make a fresh evaluation about the need for an independent or non-independent director at each succession event. While some companies treat this event as a compliance exercise, many progressive boards go well beyond that. Consider taking into account shifting norms in your market, upcoming changes in market standards and shareholder feedback when making the decision ■ If appointing an independent director, ensure you understand the criteria that your external stakeholders will consider in determining the director’s independence – and consider whether your candidate does, or should, meet those criteria, especially when they go beyond the market requirements ■ If nominating a non-independent director, explain the reasoning for the new director clearly. Shareholders are generally very understanding, but they increasingly want the reasoning for the nomination clearly articulated

Succession plan executives Another place where companies sometimes spend non-independent board seats is on senior executives as part of a succession programme; this is generally limited to companies with a one-tier board structure. For instance, a designated successor to a CEO role may be named to a board of

Evolutionary change will continue. As more countries adopt and revise their governance codes and standards, and as shareholders become more vocal about their interests in board and director composition, we fi rst expect to see slow but steady pressure to increase transparency on factors determining director independence. Autumn 2018 | Ethical Boardroom 29

Board Leadership | Succession Planning

Richard Gros & Jason Schloetzer

Richard is President at Richard Gros & Associates. Jason is Associate Professor of Accounting at Georgetown University

New insights on CEO succession Strategic leadership profiles and communications planning are key to a director’s preparation At this moment, dozens of corporate directors at some of the world’s largest companies find themselves in the depths of an unexpected CEO transition. In the fi rst half of 2018, nearly one in three CEO transitions at large companies involved a CEO resigning under pressure.1 Whether it be issues of corporate culture at Wynn Resorts and Intel Corp, a crippling cybersecurity breach at Equifax, an unexpected health crisis at CSX Corp, or lagging financial performance at Campbell Soup Company, today’s directors must be prepared to implement the company’s CEO succession plan at a moment’s notice for a wide variety of reasons. CEO succession planning remains a critical responsibility of all directors, as most boards do not see the value of instituting a standing committee with this sole duty. A recent report by The Conference Board highlights that only a small fraction of companies assign CEO succession planning responsibilities to a dedicated, stand-alone board committee.2 Instead, succession planning oversight is typically performed by the full board. In some companies, oversight is delegated to members of the compensation or nominating/governance committee, who might not have the time to focus on succession given their already numerous fiduciary responsibilities. While the need for preparation and the responsibilities for it are clear, much less is

30 Ethical Boardroom | Autumn 2018

known about the veracity of the succession plan itself. Only a few years ago, 61 per cent of companies surveyed lacked a formal succession plan or internal leadership development processes. 3 Relatedly, 39 per cent of those surveyed indicated their companies did not have a viable candidate who could step into the CEO role if the need arose.4 Governance commentators generally assume that directors know how to develop a rigorous, actionable succession plan that can be implemented at a moment’s notice. Instead, the apparent lack of planning is typically attributed to the limited attention that succession planning receives on the board’s agenda or, in some circumstances, the refusal of the sitting CEO to discuss the issue. As a result, much discussion revolves around coaxing boards to devote more time to succession planning and providing guidance to directors on how to motivate hesitant CEOs to focus on the issue. In this article, we take a different approach. We asked three top executive recruiters – Justus O’Brien, co-leader of the board and CEO advisory group at Russell Reynolds, Tierney Remick, vice chairman and co-leader of Korn Ferry’s Global Board and CEO Practice, and John Wood, vice chairman and a member of Heidrick & Struggles’ Chief Executive Officer & Board of Directors Practice – a radically different question: given there is limited time on the board’s agenda and perhaps some push-back from the sitting CEO, what can directors do to improve their ability to develop a robust succession plan that can be readily implemented? Their answers to this

fundamental question were surprising and can help directors prepare for CEO transitions, despite time constraints and the sensitive nature of the succession planning discussion with sitting CEOs.

If you do just one thing, do this

Our interviews uncovered an implementable framework – the development of a strategic leadership profile. Directors should be involved in the articulation of a company’s strategic direction and provide advice regarding the evolution of this strategy. A good strategic discussion focusses on a three- to five-year time horizon, seeking to rigorously uncover the dynamics of the competitive landscape. One way to gain board alignment around the characteristics of the CEO of the future is to link discussions of strategy with the development of a strategic leadership profi le. Based on our interviews, the development of a strategic leadership profi le creates a natural bridge from the discussion of company strategy to succession planning by identifying the skills, experiences, and personal attributes that the CEO of the future will require in order for the company to achieve its strategic direction. The benefits of a strategic leadership profi le are at least three-fold. First, it can bring objectivity to the potentially sensitive discussion of succession planning. It does this by linking succession planning to company strategy and thereby highlighting the needs of the next CEO. Second, the strategic leadership profi le can help align

www.ethicalboardroom.com

Succession Planning | Board Leadership

the board around what the next CEO needs to ‘look like’. Th is is because if the board can agree on the company’s strategic direction then directors are also likely to converge on the talent and leadership needs to close the gap between where the company is currently and where it needs to be in the future. That is, after directors know the company’s strategic direction they are better able to assess whether the company has the right leadership with the right skill set to achieve growth targets. And, if boards cannot align on leadership strategy, then an assessment can be made about the implications

of this misalignment on the company’s ability to achieve its strategic ambitions. The third benefit that arises from a strategic leadership profi le is the board’s ability to deploy it as the cornerstone of the company’s overall talent management effort. As Justus O’Brien says: “You cannot put together a four- to five-year out development plan for the top internal candidates and conduct benchmarking of potential external candidates without a forward-looking document that identifies the strategic needs of the next CEO and the types of experience she or he will need to be successful.”

Good governance is thinking about strategic leadership

It was clear from our interviews that boards understand the importance of succession planning and devote significant discussion to the issue. There are times, however, that the succession planning process becomes a sensitive issue between directors and management. There are several drivers of this ‘us’ versus ‘them’ conversation. First, when management

The development of a strategic leadership profile creates a natural bridge from the discussion of company strategy to succession planning by identifying the skills, experiences, and personal attributes that the CEO of the future will require www.ethicalboardroom.com

exercises control over the process to an extent in which directors are limited in their ability to ask good questions and have limited engagement with potential successor candidates who are currently one or two levels below the CEO position. Second, when the board as a group lacks the chemistry or culture to ask probing questions and to engage in vigorous debate about what good governance means in the 21st century. Th ird, there can be a tendency in times of good company performance for attention on succession planning to wane. In such instances, Tierney Remick encourages directors to reinforce the importance of succession planning. “Succession planning should be actively discussed on an on-going basis. The board should be interacting with management to understand the capabilities and skills of the leadership team, not only at the CEO level, but also they should identify and nurture a leadership pipeline,” says Remick. “Good governance is a thinking about strategic leadership of an organisation to affect the strategy to the benefit of all stakeholders. When directors engage in a healthy discussion and constructive communication around good governance it can work well.” Remick has seen such engagement led by the entire board, the lead director, or the compensation committee chair if s/he is responsible for succession planning oversight, and always involves the CEO.

MAPPING OUT FUTURE LEADERS Directors must play a key role in preparing for CEO transitions

Autumn 2018 | Ethical Boardroom 31

Board Leadership | Succession Planning

Do not underestimate the importance of a communication plan

While one key step boards can take to improve their succession preparedness is to create a strategic leadership profi le that can be routinely reviewed as part of the discussion of company strategy, our interviews highlighted the importance for directors to formalise a communication plan that can be used to quickly respond to an unexpected succession event. To this end, the communication plan should vary from company to company to ensure compliance with state law, corporate governance policies, committee charters, and any stock exchange and regulatory agency requirements (e.g. Securities and Exchange Commission rules and regulations). When an unanticipated succession event occurs, the board should be in a position to respond rapidly, remain in control of the situation and smoothly manage the appointment of an interim or permanent successor. To be implementation-ready, the board should have a defined process and set of protocols that provide a step-by-step guide of what the company needs to do in the event of an unexpected leadership transition. The process5 should: ■ Outline the formalities for conference calls and board meetings ■ Maintain a list of key stakeholders to be contacted in the event of an unexpected leadership transition. The list will potentially include employees, major shareholders, large customers, key suppliers, Wall Street analysts, lenders, and media outlets. A plan for monitoring and managing various communication/media channels should also be documented including a plan for managing social media ■ Identify external advisors, such as public relations, legal, and investor relations firms, to guide the board through the emergency. Likewise, early access to key internal executives, particularly those who interface with important stakeholder groups, will be crucial to navigate the company through a period of uncertainty

When an unanticipated succession event occurs, the board should be in a position to respond rapidly, remain in control of the situation, and smoothly manage the appointment of an interim or permanent successor ■ Specify who has authority to take action (e.g. speak with the media or key stakeholders) prior to the board being able to assemble itself and discuss the situation As John Wood states: “The one piece of succession planning that tends to be overlooked is a communications plan in an emergency situation. A company may have a short-list of candidates and could likely fi ll an interim position without much difficulty. However, it is critical to have a communications plan in place to get the message out that everything is under control and the situation is stabilised.”

Why this matters

Our interviewees emphasised that the vast majority of boards take succession seriously. But this does not mean that succession planning is a stress-free task. The candidate pool is often in flux, the availability of internal and external candidates routinely waxes and wanes, and there can be a general fear regarding what constitutes a ‘good’ plan. In some instances, management either inadvertently or purposefully makes it difficult for the board to independently evaluate internal and external talent. Oftentimes, the search for qualified external candidates occurs late in the process, acting more as a ‘check-the-box’

exercise than a rigorous search for premium talent in the labour market. More than once, our interviewees used the words ‘brave’ and ‘courageous’ to describe the board’s need to engage in succession discussion. Fortunately, even when given limited time on the board agenda, directors can spur objective debate around succession planning by linking the discussion to the articulation of company strategy. As Remick puts it: “Think of this as a talent and leadership strategy. It’s not only a great way to find out where the board sits on the issues, but it is also a useful tool for the incumbent CEO as he or she prepares the next generation of leaders. Leadership now is not about one person, it is about optimising a whole team of people. Having a leadership strategy helps a board develop an optimised C-suite and executive team more broadly.” In addition, boards can focus on the development of a communications plan in the event of an unexpected leadership transition. As Wood says: “A good communication plan gives the board time to decide about succession.” And for some directors, a little extra time is precisely what they will need. 2018 Q2 CEO Transitions analysis, Spencer Stewart, www.spencerstuart.com/research-and-insight/2018-q2ceo-transitions. 2Jason Schloetzer, Matteo Tonello, and Gary Larkin, CEO Succession Practices: 2018 Edition, The Conference Board Research Report R-1663-18 32012 Survey of General Counsel and Corporate Secretaries, The Conference Board. 4Eben Harrell, Succession Planning: What the Research Says, Harvard Business Review, December 2016. 5Jason Schloetzer and Edward Ferris, Preparing for a Succession Emergency, Director Notes, No. DN-V5N3, February 2013. 1

IT’S GOOD TO TALK A clear communication plan will help reduce the risk of conflict and disengagement

32 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Boardroom Counsel Who Understand the Language of Business At Tucker Ellis, we take a creative approach when advising our clients on corporate governance to ensure they adopt frameworks that drive better business results.

Christopher J. Hewitt

Jayne E. Juvan

Corporate Governance Co-Chair christopher.hewitt@tuckerellis.com

Corporate Governance Co-Chair jayne.juvan@tuckerellis.com

tuckerellis.com

tuckerellis.com/lingua-negoti-blog @linguanegoti

Visit our blog “Lingua Negoti,” which means “the language of business” and is dedicated to transforming the practice of corporate law so legal issues do not interfere with achieving high performance.

Board Leadership | Independent NEDs FINDING TOP NEDs Diversity of boards can only be achieved by looking beyond the same small pond of executives

Fund management under the spotlight Transparency is vital in all industries if you want to call executives and boards to account and is often the only thing that works if you want to keep regulation to a minimum. However, to ensure a level playing field, I believe the regulator needs to do more and insist on NED board roles being advertised on a comply or explain basis. I am delighted that the regulator of the fund management industry, the Financial Conduct Authority (FCA), has had enough and has turned the spotlight fi rmly on the fund management community in a bid to protect the investor. It has done this because it is widely accepted that it is almost impossible for investors to work out the charges for managing their money, let alone compare and contrast what they are paying relative to what they might pay should they switch to an alternative fund. So, having read last year’s Asset Management Market Study Fund Report, published by the FCA in June 2017, it is clear that the regulator feels that the lack of transparency has resulted in limited price competition, to the detriment of investors. According to the FCA, the UK’s asset management industry is the second largest in the world, managing around £6.9trillion of assets, one trillion of which is managed directly on behalf of individual investors (UK retail). In the UK there are currently hundreds of unlisted asset managers, who largely have no independent directors and as a consequence very little governance oversight. 34 Ethical Boardroom | Autumn 2018

Boardrooms across the UK need to get themselves ready for independent NEDs Fiona Hathorn

Managing Director, Women on Boards UK

New remedies

Therefore, the FCA is intending to implement new regulations that will force the industry to appoint a minimum of two independent directors to their board. The FCA has stated quite clearly that it thinks ‘the benefits of independent scrutiny should be enjoyed by all, irrespective of the size of the business of the authorised fund manager’. At Women on Boards UK we agree wholeheartedly that the industry is ripe for change, as investors deserve not only more transparency about fees but also in investor communications. The FCA’s new ‘package of remedies’ aims to bring together a consistent and coherent framework for all in the industry to follow as regards: ■ Clarity of fund objectives ■ Fees ■ Conversion (enabling investors to convert to cheaper fund investment vehicles if it is in their best interests to do so) ■ Risk-free box profits (new rules which will prevent the industry passing on all the buy and sell spread risks to the investor) ■ Assessment of value The latter will require fund managers and their independent directors to assess annually whether the charges taken from a

fund are justified in the context of the overall value provided by the fund. I believe independent directors, whose sole job is to act in the best interests of stakeholders (which includes investors), are vital if the UK wants to remain one of the largest asset management centres globally. Independent non-executive director (NEDs) will help the industry fulfi l the objectives of ‘explaining’ its decisions and ensure it is acting in the best interests of the investor, the client. Currently, too many fund managers face almost no scrutiny, with the exception of the investment trust industry, and thus the culture of much of the industry is not benefitting from that all-important ‘why’ question from independent NEDs. Agreed, it will be costlier for the fund management industry to appoint independent NEDs onto its boards, but I believe the benefits will outweigh the costs, regardless of the size of the fund managing institution, because of the beneficial challenges that independent directors bring. The new regulations are part of a two-and-a-half-year review by the FCA that should have a profound impact on the health of the industry, because investors’ individual asset choices do have huge consequences for families and society at large. Th is industry is responsible for the savings of millions of people and to date has had very little scrutiny, which is why I applaud the FCA for its review and upcoming new regulations.

Recruitment of non-executive directors

But the question now is how are those 400-plus new NEDs going to be recruited? It would be commendable if these positions were transparently advertised and not recruited via the current practice of tapping www.ethicalboardroom.com

Independent NEDs | Board Leadership people already known to management or the head-hunter, where used. There is so much talent out there, with investment knowledge, that could easily be tapped should the FCA take the further step of insisting that NED roles are advertised transparently. While in some circumstances advertising FTSE 350 NED roles might be price sensitive, this is unlikely to be the case for the fund management industry, because this is almost purely about independent oversight of the investment products that firms sell. As the FCA itself said in its report: “We think the benefits of independent scrutiny should be enjoyed by all investors, irrespective of the size of the business of the AFM (authorised fund manager) running the fund they have invested in, and irrespective of how long the AFM has been operating.” My organisation exists to provide information, encouragement and connections to help anyone take on a board or committee role as a NED, trustee or governor. We are breaking down the barriers to entry to the boardroom and building the pipeline of board-ready individuals. We work on both the supply side and the demand side, with board candidates and with those recruiting non-executive directors. WOB is building the pool of board members by providing information, encouragement and connections to ensure more women and minorities are appointed to boards across all sectors. We do this by helping individuals understand their transferable skills, providing relevant governance information and NED CV support while at the same time talking them through the board interview process. However, helping NEDs or aspiring NEDs can only take you so far when board positions are not advertised transparently. At Women on Boards we do this via our vacancy board, a free service to any organisation, seeking a board member. As an organisation we work tirelessly to encourage headhunters to ‘turn off the spotlight and turn on the floodlights’ when recruiting board members, but sadly most lack any incentive to widen the pool of candidates; hence our desire for regulatory support. We have been enormously successful supporting members to apply for roles but less so in getting organisations to advertise them. The WOB vacancy board is designed to link the supply and demand for non-executives and we have helped more than 1,500 candidates find a new role in the last six years. But we could do with some help from the FCA and other regulators. We actively search for board positions in newspapers, on the web and via our network and we have listed around 15,000 roles since the service launched in the UK in October 2012. However, exciting as this sounds, we have only scratched the surface as today 95 per cent of board positions are still not advertised transparently. Why? Simple – out www.ethicalboardroom.com

of fear that someone who is not known to the incumbent board members might apply! So what stops companies from embracing diversity at the top? Many business leaders have embraced change, and many women have entered the boardroom, particularly as non-executive directors. But there is a long way to go in order to break the trend of white, male executives. Particularly in the fund management industry, which has fewer women fund managers today than it did (as a percentage of the total) when I joined the city in 1986. Even top women and minorities with successful executive careers behind them come across significant barriers when looking to get into the boardroom. So, what are some of the issues that our members have come across? One woman that we have helped recently is Paola Bergamashi-Broyd who last year joined the boards of BNY Mellon International and Wells Fargo International. These two companies were brave enough to advertise on our free non-executive director vacancy board. Paola had been a senior banking executive in the UK for 25 years, but the fi rst NED role she got was back in Italy, her country of origin. Interestingly, this was at the suggestion of a headhunter who advised her that her international experience in London

Too many fund managers face almost no scrutiny, with the exception of the investment trust industry, and thus the culture of much of the industry is not benefitting from that all-important ‘why’ question from independent NEDs would be of particular interest to Italian organisations and that she would probably get her fi rst NED role more quickly if she started there, which is what she did. However, she realised pretty quickly that networking was going to be really important in terms of building a UK NED portfolio, so she threw herself into relevant networking events and joined WOB for support and to view current NED vacancies, especially looking out for financial services opportunities which is where she saw her NED career specifically. Then she saw the BNY Mellon and Wells Fargo roles advertised transparently on our vacancy board, applied and eventually was offered both on the same day. What disappointed Paola was the slowness of the headhunter channel and them being unprepared to take any risks in terms of putting ‘new entries’ on a shortlist. Paola’s view

is that they ‘fish in the same pond of existing connections’. Paola knew she needed a networking strategy that would activate and open up opportunities beyond the headhunting channel which is where we came in, because we gave Paola an immediate wider range of networking opportunities and connections, invaluable for anyone looking to build a strong post-exec career, non-exec portfolio as well as starting out looking for a first NED position. However, more needs to be done, hence our request for the regulator to step up further and insist that fund management independent NED positions are transparently advertised. This could be done by creating an open appointment vacancy board like the public appointments website, which is used by the government for departmental and other public sector boards. It is not simply enough to say you need two independent NEDs, in our opinion. As Paola says, you need to be ‘in the flow’ of information ‘and keeping an eye on the market’ if you want NED positions. Most brilliant minority candidates are not in the flow sadly, so it is up to the regulator to open the ‘gates of information’. Jayne Styles, I am sure, would agree with Paola about the importance of transparent information. Jayne is CEO at MS Amlin Investment Management and a non-executive director at Hargreaves Lansdown. We interviewed her a while back and Jayne pointed out that even if women are ambitious and prepared to put themselves forward, they are often in the pipeline of ‘support’ roles, which, senior as these roles may be, are less likely to be promoted to executive board positions when competing with more obviously profit-generating functions. This is compounded by the fact that there are fewer executive board roles available generally as a result of the requirement to have more NEDs than executives on boards. Jayne went on to say: “I’m not saying that’s bad, but it is, I think, an unintended consequence that there are therefore fewer exec board roles available in general.” Jayne did also experience the NED ‘vicious circle’: “You can’t get your fi rst role because you are not experienced and you can’t get experience because few headhunters will consider you. It’s like a graduate trying to get their fi rst job with no experience but a lot to offer.” So, I and WOB, have a clear request for all regulators – not just the financial services sector. Please step up and help support the diversification of boards by insisting that NED and trustee/governor positions in your regulated sector are advertised. Because despite much positive activity on diversity and inclusion, roles are still not advertised widely enough. Headhunters continue to fish in the same small pond of executives, searching for obvious, low-risk candidates that are easy to sell to boards. Autumn 2018 | Ethical Boardroom 35

Board Leadership | Supervision

Time to abolish non-executive directors? With an increasing expectation on NEDs to oversee the boardroom, it’s time to rethink their label Charles Mayo

Simmons & Simmons LLP

Corporate governance has not prevented some spectacular corporate collapses/failures. But society’s expectations of company boards are ever increasing, in part fuelled by these corporate catastrophes.

Meanwhile, the label ‘non-executive’ is, I think, no longer apt to describe the role of a non-executive director (NED): the description is not aligned with these expectations and, worse, supports a notion that the effectiveness of NEDs is limited to their conduct in the boardroom. I think NEDs would be better called ‘supervisory directors’.

NEDs: Their role in corporate collapses

Both executive and non-executive directors have, under UK law, the same duty to exercise reasonable care, skill and diligence. The scope of the duty varies according to the director’s role. The courts have accepted that the non-executive’s role requires, among other matters, independence of judgement and supervision of executive management. I think this means that describing non-executive directors as supervisory directors is closer to the substance of their role. But, whatever the label, these directors haven’t prevented various corporate collapses and won’t necessarily be able to prevent them occurring in the future. The collapses described below have been attributed to failures by the board to instil an appropriate 36 Ethical Boardroom | Autumn 2018

culture throughout the organisation and, in some cases, alleged failures by the board/ NEDs to supervise effectively, sometimes due to the NEDs’ lack of expertise.

Carillion

In January 2018, Carillion, the UK’s second largest construction company, went into liquidation, leaving 43,000 employees at risk of losing their jobs, a £2.6billion pension liability and £2billion of debt to its suppliers, sub-contractors and other short-term creditors.1 Carillion’s downfall has been described as a ‘failure of a system of corporate accountability’. 2 The joint report from the Business, Energy and Industrial Strategy Committee and Work and Pensions Parliamentary Committee concluded that Carillion’s business model was an ‘unsustainable dash for cash’3 with a ‘rotten’ corporate culture.4 Carillion’s board was blamed as both ‘responsible and culpable for the company’s failure’.5 Out of Carillion’s seven-member board, five were NEDs.6

BHS

In 2016, BHS, the former British department store chain part of the Taveta group, went into administration, leaving 11,000 jobs at risk and 20,000 pensioners facing substantial cuts to their entitlements. The joint report from the same Parliamentary Committees concluded that Taveta’s weak corporate governance, including failure to address the pension deficit and to challenge effectively a proposal to buy BHS by Dominic Chappell, had contributed to its ultimate demise.7

Tesco

In September 2014, Tesco plc (Tesco), the UK’s biggest food retailer, admitted that its £1.1billion fi rst-half profit announced a month earlier had been overstated by £250million, with a subsequent clarification that increased the overstatement to £263million. Following a criminal investigation, Tesco was fined £129million under a deferred prosecution agreement with the Serious Fraud Office.8

It also agreed with the Financial Conduct Authority (FCA) to pay approximately £85million to investors affected by the trading statement for the market abuse of overstating its profits. The FCA found that there was knowledge of the false or misleading statement at a sufficiently high level, but below the Tesco board level, for that knowledge to constitute Tesco’s knowledge for market abuse purposes. Tesco’s 10-member board included nine NEDs, none of whom had any previous retail executive experience at the time the scandal first hit.

RBS

In 2008, RBS in effect failed and was part nationalised. It relied on the Bank of England’s Liquidity Assistance and received more than £25billion of government funding.9 The FSA (as the FCA then was) concluded that RBS’s failure could be attributed to various RBS-specific and market factors. It said that likely underlying deficiencies in RBS management, governance and culture made it prone to poor decisions, which could also be a key factor in explaining its downfall.10 RBS’s board comprised 17 members but, the regulators said, its processes met acceptable governance standards.11 In attempting to explain the failure of the board to address the risks facing the firm, the PRA/FCA report suggests that ‘as a group, the non-executive directors (NEDs) on the board lacked sufficient experience and knowledge of banking’.12 For example, only two of the NEDs on the board during the review period held direct banking experience.13 The report argues that this lack of expertise hindered the ability of the NEDs to hold executive management to account.

HBOS

The PRA/FCA report attributed ultimate responsibility for www.ethicalboardroom.com

Supervision | Board Leadership

HBOS’s failure to its board. In particular, the report argues that the board failed to instil an appropriate culture at HBOS or to set out a clearly defi ned risk appetite for the fi rm, both of which had significant consequences for HBOS’s business strategy.14 The report also found that the board did not provide effective challenge to the HBOS executive during the review period. For instance, there was little evidence of the board debating the fi rm’s reliance on wholesale funding or the risks associated with high levels of asset growth. The outcome of this was that the risks facing HBOS at a group level were, the regulators thought, never fully explored, understood or addressed by the board.15

Wells Fargo

In September 2016, Wells Fargo disclosed that it had opened several million potentially unauthorised retail customer accounts. Employees said these accounts had been opened in response to demanding sales targets and incentives put in place by the bank’s senior management.16 www.ethicalboardroom.com

Afterwards, it transpired that Wells Fargo had charged hundreds of thousands of borrowers for unnecessary guaranteed auto protection or collateral protection insurance for their automobiles and was involved in other misconduct.17 In response, the Federal Reserve restricted the bank from growing any larger than its total asset size as of the end of 2017 until it improved its governance and controls.18 The Federal Reserve concluded that the board’s lack of effective oversight and control of compliance and operational risks contributed to the harm suffered by the bank’s customers.19 According to the Federal Reserve, the board also did not take steps to improve management information, which reduced its effectiveness. For example, ‘the board and certain committees of the board

Both executive and non-executive directors have, under UK law, the same duty to exercise reasonable care, skill and diligence. The scope of the duty varies according to the director’s role

received from management assurances that corporate risk, human resources and the Community Bank were undertaking enhanced monitoring of sales practice misconduct and were addressing sales practice abuses. Management’s reports, however, generally lacked detail and were not accompanied by concrete action plans and metrics to track plan performance’.20 A separate report by Wells Fargo’s independent directors said: “Aided by a culture of strong deference to management of the lines of business (embodied in the oft-repeated ‘run it like you own it’ mantra), the Community Bank’s senior leaders distorted the sales model and performance management system, fostering an atmosphere that prompted low quality sales and improper and unethical behaviour.”21 Ultimately, in August 2018, Wells Fargo agreed to pay over $2billion in penalties for its role in originating loans that led to its fi nancial crisis. 22 There is a multitude of views on these corporate collapses, some of which are the subject of on-going proceedings. Right or wrong, fair or unfair, the examples above generally underline heavily the importance of the supervisory role of NEDs. Autumn 2018 | Ethical Boardroom 37

Board Leadership | Supervision

NEDs: their role outside the boardroom

Increasingly, a NED’s role involves supervisory activities outside the boardroom, relating to culture, stakeholders and workforce engagement.

Culture

According to the FRC’s publication Corporate Culture and the Role of Boards: ■ …many [NEDs surveyed] were much less comfortable about their role or ability to embed the values in the organisation, and some felt this is not the role of the non-executives. Yet, when we surveyed chairmen on how influential different individuals were on company culture in practice, 89 per cent felt the role of the chairman is influential or very influential and 54 per cent viewed the role of NEDs as influential or very influential ■ It is clear that shareholders need to talk to a wide range of people involved in a company in order to build an accurate picture of its culture. Th is includes executives as well as NEDs and so it is important that investment houses ensure that they are avoiding a siloed approach to dialogue ■ NEDs need to be aware that power differentials make it hard for a member of staff to challenge a senior executive ■ NEDs will also need to be more proactive in their engagement with employees and other aspects of the business and in their modelling of company values. Th is will have implications for which aspects of their role NEDs prioritise and how they allocate their time. The view expressed by the FRC (rightly in my view) is ‘… the role of the NED is changing, with inevitable implications for the skillset, diversity and experience that NEDs will add to the board in the future. Certainly, NEDs will need to become more culturally aware, more tuned in and more knowledgeable about human behaviours and relationships’. The FRC included, for example, this good guidance about site visits: “Site visits were cited as giving a good sense of what is going on, provided they were not run as ‘state visits’, although they are not always practical in organisations with multiple global locations and operations and such visits have their limitations”. Chairs and chief executives emphasised that site visits are not only an opportunity to find out what is going on but also demonstrate the importance and presence of the board. It is the degree of engagement and preparation of NEDs that makes the biggest difference; NEDs need to be focussed and ready to ask the right questions. An open discussion with the chief 38 Ethical Boardroom | Autumn 2018

executives to prepare the ground can guide NEDs to engage in a way that reinforces the values and culture and supports management’s message and reinforces culture. Debriefs with the chief executives on their return are also important and can provide useful insights for management.” Rupert Soames, Serco’s chief executive, put it more directly: “It’s good for NEDs to go out into the business but they need to do it carefully. Orchestrated royal visits by herds of NEDs are in my view often not very productive, whereas individual NEDs popping in to sniff the breeze works well.”

Stakeholders

NEDs are expected to facilitate the relationship between shareholders, stakeholders and the company. ICSA 23 and the Investment Association guidance states: “When evaluating their composition and effectiveness, boards should identify what stakeholder expertise is needed in the boardroom and decide whether they have, or would benefit from, directors with directly relevant experience or understanding.” 24

NEDs should be directly involved in aspects of the stakeholder communication outside the boardroom, as well as providing their own technical, regional or other expertise about stakeholders inside the boardroom According to the guidance, there are two broad approaches to acquiring expertise that boards could consider: ■ Reserving one or more board positions for directors drawn from a stakeholder group, such as the workforce; and ■ Extending the selection criteria and search methods for NEDs to identify individuals with relevant experience or understanding of one or more stakeholder groups Both these approaches, the guidance states, have their merits: “On the one hand, in cases where the contribution and buy-in of a particular stakeholder group is crucial to the company’s continuing success, there may be benefits in formalising that relationship by having one or more members of that group on the board as a director,” the report says. “On the other, expertise in understanding and engaging with a key stakeholder group does not necessarily have to come from within that group, and there are potentially many other individuals with relevant experience and expertise.”25 Th is, I think, supports the notion that

Workforce engagement

The 2018 UK Corporate Governance Code, applicable for financial years beginning on or after 1 January 2019, reinforces the importance of stakeholder engagement generally and, in particular, effective engagement with the workforce. Listed companies will have to use one or a combination of the following methods to engage with the workforce: ■ A director appointed from the workforce ■ A formal workforce advisory panel ■ A designated NEDs Or, the board must explain what alternative arrangements are in place and why it considers that they are effective. It seems to me that whichever method is chosen it is likely to involve one or more NEDs being more actively engaged with the workforce outside board meetings than has generally happened and, possibly, more visibly taking workforce considerations into account inside the boardroom.

Conclusion

It will obviously take much more than a change of label. My simple point is that the label of NED sets the expectations and I think it would be better now to use the label ‘supervisory director’ and to prioritise the behaviours, systems and information most likely to enhance his/her supervisory role. The increasing expectations of NEDs to supervise effectively, both through their conduct inside the boardroom, and their activities outside the boardroom have, I think, a growing importance for the types of skills NEDs must possess. And, all this impacts the time commitment and professionalism required of NEDs. An increased time commitment should, I think, lead to increased remuneration for NEDs. Better, I think, to pay more to get more time from NEDs and improve their supervision from both inside and outside the boardroom. Footnotes will be run in full online

www.ethicalboardroom.com

Board Leadership | Board Evaluation

Powerful board insights: Ticking all the right boxes? Value-added board evaluation is achieved by measuring the board against five levels of governance Dr. Debra Brown

President and Chief Executive Officer of Governance Solutions

Is your board frustrated with its approach to board evaluation? Are you tired of filling out survey after survey and not seeing any meaningful benefits for your efforts? Do you ever wonder why you are asked to answer so many seemingly pointless questions? With the proliferation of governance consultants, do-it-yourself directors and cut-and-paste evaluation questionnaires has come a hot mess of evaluation tools that only serve to add confusion rather than value to the governance system. It is no wonder that some boards question why they even bother.

Don’t throw the baby out with the bathwater

The primary purpose of board evaluation is to improve board performance and so to add value to the organisation and its governance. Evaluation does this by identifying areas of strength and weakness in the governance system and the role the board plays in it. Evaluation, therefore, remains a needful exercise for any board. The solution to problematic evaluation processes and tools is to use a tool that aligns with the purpose and process of governance and the fundamental roles and tools of the

40 Ethical Boardroom | Autumn 2018

board itself. The benefit of this approach is that evaluation surveys are laser-focussed on adding value to the governance system and the organisation overall. This article provides a clear governance framework for board evaluation that is designed to test board effectiveness in governance and organisational oversight – the job of the board. Nothing more, nothing less. It examines the definition of governance and the duties of the board, describing these in five levels of governance and it provides an example of some evaluation questions aligned with this framework along with a sample ‘board evaluation scorecard’. If we grasp the definition and purpose of governance and the role of the board, then we can understand the competencies and functions the board must excel at. It stands to reason then, that those are the areas the board should focus on and test in its evaluation. Th is will allow the board to determine where it is strong and performing well and where it is weaker and not performing as well as it might. The definition of corporate governance is ‘the system by which organisations are directed and controlled’ and this definition provides an excellent framework for board evaluation. Boards fulfi l their governance duties by concentrating their time, energy and focus on strategic direction and control: ■ Direction Setting of direction and strategy, planning, risk governance, delegation, policy setting and resourcing ■ Control Oversight and monitoring, evaluation and measurement of the plan, risk, people, policy and disclosure The board, as the governing body, sets the direction and uses its controls to ensure the organisation is on course. For an organisation to be strategically ‘in control’ means the board has confidence, or reasonable assurance, that the organisation is moving in the direction it has approved. While the board

focusses on strategic direction and control, the CEO performs the actual day-to-day work of the organisation, developing and delivering products and services. The work of the board and CEO is integrative. They are partners collaborating in achieving the organisation’s mission, vision, goals and objectives. Each does what they are uniquely equipped to do and each respects the other’s potential to succeed and to excel. Boards seek and need to fulfi l their governance duties in each of these five areas, corresponding to their main roles in direction and control:

Strategy setting and accomplishment The directional side of strategy answers the question: Where are we headed? The primary role of the board is setting (approving) the strategic direction of the organisation, including playing a role in strategic planning. Everything else in governance and operations ﬂows from strategy – strategy is the master, governance is the servant. Th is calls for a wide range of strategic information, from environmental scans, SWOT, situational and sensitivity analyses, to financial projections. On the control side, the board must monitor the strategy to ensure the organisation continues to head in the direction that was set and ensure effective reporting to principals on the

The work of the board and CEO is integrative. They are partners collaborating in achieving the organisation’s mission, vision, goals and objectives www.ethicalboardroom.com

Board Evaluation | Board Leadership

results. This answers the question: where are we compared to where we say we would be? Performance and risk oversight and 2 monitoring The directional side of

performance and risk oversight answers the question: what obstacles and opportunities might we face along the way (to where we are headed)? This includes setting risk appetites and tolerances, key performance measures and targets. On the control side, the board must gain reasonable assurance that the organisation is going – and can be expected to continue to go – substantially in the direction that the board approved. This role calls for the largest amount of strategic information, often for committees of the board, including enterprise risk management assessments and mapping, financial statements and variance analysis, performance dashboards or scorecards and non-financial and policy monitoring reports. This answers the question: how do we measure up and how well have we mitigated risks and acted on opportunities? Care and oversight of people 3 The directional side of the care

and oversight of people answers the question: who will do what? In addition to ensuring the CEO is providing effective oversight and care of the organisation’s human resources, this involves directly managing the employment relationship with the CEO. On the control side, this is the most hands-on role of the board and consequently calls for more detailed strategic information on the CEO’s performance, leadership and relationship expectations and results, as well as robust compensation information. This answers the question: how well did we perform? Policy creation and oversight 4 The directional side of policy

TOP SCORE There are five areas in which boards must fulfil their governance duties

www.ethicalboardroom.com

creation and oversight answers the question: what are the boundaries and guidelines? The board must set policy for management to follow, as well as the board itself and the organisation. These are the high-level guiding policies – the non-negotiables – that guide the work of management, the board and the organisation. This means establishing policies and the control framework within which management operates (the ‘why’ and the ‘what’). But it does not mean dictating procedures (the ‘how’). On the control side, the board oversees the fulfilment of policy for management, the board and the organisation. This answers the question: how effective are our policies and what must be adapted or updated?

Autumn 2018 | Ethical Boardroom 41

Board Leadership | Board Evaluation and distribution of 5 Allocation resources The directional side

of the role of the board in resources answers the question: how will we resource our efforts? While the control side answers the question: how are we doing compared to budget? Fulfi lling the role of the board in resource allocation and distribution is not as simple as approving and monitoring a budget. It means providing oversight of the business plan (including human resources, facilities and technology plans), as well as external and public disclosures of strategic information by the organisation. The board has a role in signing off on corporate disclosures, encompassing the whole gamut of periodic and continuous reporting, beginning with budget approval, playing its role in internal and external audit and culminating in the annual report, audited financial statements and annual fi lings.

An evaluation tool that assesses the board’s effectiveness in these five levels of this systematic framework will provide powerful insights into board performance and practical value-added diagnostics on where to invest efforts to enhance that performance. Figure 1 (below) gives examples of some of the questions the board should ask itself in each of the five levels of governance. By asking questions directly targeted on each role of the board using this framework, the output of survey data collected becomes more meaningful and nuanced. The board can pinpoint exactly which area, or areas, of the governance system needs the most attention and improvement, and it can help to prioritise efforts. Consider the tabulated results found in this board evaluation scorecard (see Figure 2) created using the five levels of governance framework. It is easy to see that this board needs to do a better job in its role in strategy – specifically, in

FIGURE 1: Governance is the system by which organisations are directed and controlled

Where are we headed? What obstacles and opportunities might we face along the way? Who will do what? What are the boundaries and guidelines? How will we resource our efforts?

LEVEL OF GOVERNANCE Strategy

DIRECTION

CONTROL

Strategy direction

Strategy control

The strategic plan

Performance & risk direction Risk appetites & tolerances

People direction

CEO job description, performance, mandate, board & committee charters

Policy direction

Board and other governance-related policies

Resource direction Budget, business plan

DIRECTION/ CONTROL Direction Control

Performance and Risk

Direction Control

People

Direction Control

Policy

Direction

Control Resource

Direction Control

The annual report

Performance & risk control

Scorecard, dashboard, risk/heat map

People control Board and CEO evaluations

Policy control

Policy compliance, internal audit reports, minutes

Resource control

Interim (quarterly) financial statements

Where are we compared to where we said we would be? How do we measure up? How well have we mitigated risks and acted on opportunities? How well did we perform? How effective were our policies and what must be updated or adapted? How are we doing compared to budget?

EVALUATION QUESTION EVALUATE THE BOARD’S EFFECTIVENESS TO... Establish a clear sense of purpose, strategic direction and priorities, including vision, mission and values Have deliberations and discussions at board meetings that are high level and strategic and focus on priority issues Establish, with management, risk tolerances and appetites for the organisation Ask probing and informed questions of management about the organisation’s results and disclosures Recruit and have the right CEO in place, and plan for their succession Oversee human resources and compensation policies, plans and employee engagement and development Articulate the right roles and responsibilities of the board, committees and CEO (e.g. charters, mandates, terms of reference, position descriptions) Monitor management’s compliance with major board-approved policies Review and approve the operating and capital budgets Oversee management and control of resources: financial, technical, capital

42 Ethical Boardroom | Autumn 2018

the directional side of strategy. The board is doing a reasonably good job in the direction and control of resources. It could do better in the direction and control of risk, people and policy. It is reasonable to observe that without a clear strategy, it is difficult to effectively oversee risk, people and policy – this pattern is clearly recognisable. If this board were to focus its efforts on improving its capacity and time spent in strategy direction, it would have the added benefit of raising its level of effectiveness in each of the other areas within its scope of responsibility. This in turn will strengthen the strategic focus of the entire organisation and have positive implications for the other levels of governance. By asking questions directly, driven by the five levels of governance, and organising survey results according to those levels, evaluations are focussed, directive, meaningful and add value to the organisation and its governance. FIGURE 2: Board evaluation scorecard Direction: Strategy 5.00

Control: Strategy 5.00

4.00

3.00

2.00

1.00

2.93

1.00

3.70

0.00

Direction: Performance and Risk 5.00

Control: Performance and Risk 5.00

4.00

3.00

2.00

1.00

3.83

1.00

0.00

Direction: People 5.00

5.00

4.00

3.00

2.00

1.00

3.13

Control: People

3.93

1.00

0.00

Direction: Policy 5.00

5.00

4.00

Control: Policy

3.00

3.00 2.00

3.77

3.92

2.00

3.76

1.00

0.00

Direction: Resources 5.00

Control: Resources 5.00

4.00

3.00 2.00

3.00

4.14

2.00

1.00

0.00

4.04

www.ethicalboardroom.com

â&#x20AC;&#x153;Becoming a Chartered Director is a huge endorsement of not only your experience but also your ability to demonstrate best practice corporate governanceâ&#x20AC;? Jeremy Biggerstaff CDir, Managing Director, Flint Studios

Join thousands of directors committed to improving corporate governance standards across the world. Get started today: iod.com/chartered-qualification

Zuckerberg’s tenure at Facebook challenged Activist investors have called for a boardroom shake-up at social networking giant Facebook following scandals over the hacking of personal data, claims of hate speech and election-rigging. Boston-based Trillium Asset Management, which holds $11million in Facebook shares, believes Mark Zuckerberg serving as CEO and chairman has ‘contributed to Facebook missing, or mishandling, a number of severe controversies’. Trillium senior vice president Jonas Kron said: “We want Facebook to be sustainable and we think in order to do that they need to change their governance.” State and city treasurers from Illinois, Rhode Island and Pennsylvania joined the New York City Pension Funds and Trillium Asset Management in requesting the Facebook board of directors make the role of chairman an independent position.

Global News North America

California passes gender quota law All companies in California will be required to have at least one woman on their board by 2019 under the new California Senate Bill 826. A majority of companies in the S&P 500 have at least one woman on their boards, but only about a quarter have more than two, Boards with five or fewer directors will need two female directors by 2021 and larger boards will need three under the new law. Non-compliant firms will be subject to a penalty. However, more than 30 business groups, including the California Chamber of Commerce, oppose the law. They argue that the SB826 quota system does not address a lack of boardroom diversity along racial and ethnic lines. Some female leaders and board members have also expressed a concern that the bill will result in companies naming women to boards to comply with regulation, rather than incorporate new skills.

44 Ethical Boardroom | Autumn 2018

CEOs of 20 leading public companies, pension funds and investment firms have committed to the Commonsense Corporate Governance Principles 2.0 standards. The Principles are described as an important step forward in promoting corporate governance practices that support responsible and sustainable economic growth in the US. Companies, including AT&T, Bank of America, Coca-Cola, IBM, Johnson & Johnson and P&G, have signed up to the updated principles. The signers have called on all companies and institutions that believe in the cause of good governance to join their ranks by adding their names to the list of signatories.

Campbell Soup’s board targeted by activists’ fight Hedge fund Third Point has launched a proxy fight to overhaul the entire board of food company Campbell Soup. Activist investor Dan Loeb and his firm Third Point released a video, called ‘Empty the Can’, which criticises Campbell Soup’s corporate leadership. The video cites dismal soup sales and lowered expectations at Campbell Soup, claiming that the board’s failed leadership has destroyed more than two decades of value for its shareholders while competitors flourished. Campbell responded in a statement: “Third Point is once again attempting to mislead Campbell shareholders by cherry picking its reference points regarding performance. Once again, Third Point has failed to present any credible ideas for how it proposes creating value for shareholders. A video is not a plan.”

Coca-Cola unveils leadership change Coca-Cola Company has unveiled Brian Smith as its new chief operating officer, a role that had been vacant since James Quincey became chief executive officer last year. The board of directors elected Smith, who currently serves as president of the company’s Europe, Middle East and Africa (EMEA) group, to serve as president and COO from 1 January 2019. John Murphy, who currently serves as president of the company’s Asia Pacific group, will become senior vice president and deputy CFO in January. He will be elevated to executive vice president and CFO on 16 March 2019 following the retirement of Kathy Waller. The company also announced that Nancy Quan has been elected senior vice president and appointed chief technical officer from 1 January 2019.

Business leaders support new governance principles

www.ethicalboardroom.com

How do you sustain momentum? Startups, mid caps, and large enterprises all grow differently, face unique challenges, and move at various paces. But despite their distinctions, they share a common goal: to not only build momentum but to sustain it in the long term. Sustaining momentum means avoiding obstacles, driving growth, and delivering results. And with the right partner, now you can. For more than 70 years, D.F. King, an AST Company, has maintained leadership in strategic advisory, securityholder identification and solicitation, corporate governance, and information agent services. We leverage in-depth research and strategic analysis to help companies anticipate obstacles and better understand and communicate with their ownership. You’ve worked hard to gain momentum. We’ll make sure you keep it by preparing your team with the critical data and insights that you will need this engagement season. Download and share your 2018 Fall Engagement Guide at: www.dfking.com/2018engagementguide

ANNUAL / SPECIAL MEETINGS M&A / INFORMATION AGENT SERVICES CONTESTED VOTE SOLICITATIONS CORPORATE GOVERNANCE CONSULTING EXECUTIVE COMPENSATION PROXY ADVISORY FIRM CONSULTING OWNERSHIP INTELLIGENCE SERVICES CALL CENTER SERVICES Visit us at dfking.com or call (212) 269-5550.

Board Governance | Internal Audit

IS GOOD ENOUGH,

GOOD ENOUGH? Is internal audit focussed on the strategic risks that matter with insight and foresight, or is it auditing transactional activity and reporting on what happened in the past (hindsight)? Is it best in class, in need of improvement, or lagging?

A call to action in support of transforming and improving internal audit

Demonstrates integrity The IIA’s member Code of Ethics states: “The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment.”

Richard F. Chambers

My fervent hope is that internal audit in your organisation is receiving the resources it needs – financially and in terms of the right talent – to continuously improve and proactively help identify the important issues and risks. From my global experiences of interacting with numerous board members and countless internal audit professionals, it is clear to me that internal audit performance falls along a bell curve. Consequently, there are some great ones and, unfortunately, some who face challenges. Yet, that bell curve keeps shifting towards greater expectations, leaving at risk far too many internal audit functions that are struggling to keep up. In today’s rapidly changing and risk-strewn environment, we certainly can all acknowledge that average may not cut it. In fact, to best serve the organisation’s governance structure and, most importantly, the organisation’s stakeholders, internal audit needs to be appropriately resourced with talent, skills, tools and expertise to continuously improve and strive for greatness. As governance leaders, it is our obligation, perhaps even our ethical responsibility, to actively support internal audit’s evolution and maturity. A couple of years ago, the Institute of Internal Auditors (IIA) made major enhancements to its internationally recognised and adopted ‘standards’ and guidance framework. Among those enhancements were the addition of a Mission of Internal Audit (why internal audit exists) and Core Principles for the Professional Practice of Internal Auditing (what effective internal auditing demonstrates). Let’s leave the more detailed, pre-existing standards and guidance to the multitude of hard-working internal audit professionals

to worry about as they execute their professional duties. But I do strongly suggest that you pay attention, as a governance leader, to the mission and principles. The Mission of Internal Audit is: “To enhance and protect organisational value by providing risk-based and objective assurance, advice and insight.” Those 15 words are laden with intentional meaning. So, please read that again and consider whether internal audit is currently accomplishing its mission in your organisation. The 10 Core Principles, meanwhile, presume conformance with The IIA’s globally recognised International Standards for the Professional Practice of Internal Auditing. Importantly, though, all 10 must be present for an internal audit function to be considered effective.

■ Is your internal audit leader viewed as someone with uncompromising ethics? ■ Are your internal audit professionals beacons of the organisation’s core values in everything they do? ■ Are your internal audit professionals viewed as trusted advisors who demonstrate courage, honesty and accountability?

46 Ethical Boardroom | Autumn 2018

President and CEO, The Institute of Internal Auditors

From my global experiences of interacting with numerous board members and countless internal audit professionals, it is clear to me that internal audit performance falls along a bell curve. Consequently, there are some great ones and, unfortunately, some who face challenges For each principle, I would like to share my introductory thoughts and then ask three intentionally challenging questions. I could ask more, but these questions represent plenty for you to ponder with regard to where on that bell curve your internal audit function resides.

competence 2 Demonstrates and due professional care

IIA standards require that the ‘internal audit activity collectively must possess or obtain the knowledge, skills and other competencies needed to perform its responsibilities’. If your internal audit plan is truly focussed on the risks that matter, I suspect that there are areas of the company (for example, highly technical subjects) where your internal audit professionals may not have all the requisite expertise. ■ Is your company’s internal audit plan truly risk-based, or are auditors focussing only on those things they know and are comfortable auditing? ■ Are all internal audit professionals given sufficient time and resources to pursue appropriate training? ■ Does internal audit have the budgetary latitude to co-source with external subject matter experts as needed? objective and free from 3 Isundue influence (independent)

Objectivity and independence are two different things. You are objective by being completely unbiased in your approach to the work you do, the decisions you make and the conclusions you reach. You are independent by virtue of your reporting relationship. ■ Do you have any concerns or doubts about the objectiveness of the work and conclusions from internal audit?

www.ethicalboardroom.com

Internal Audit | Board Governance

A CLEAR AND CONCISE PLAN Internal audit’s work should bring transparency to the governance process

■ Does internal audit report to an area functionally where it can be truly independent, such as the audit committee of the board of directors? And, does it hold regular executive sessions with this body when no one else from management is present? ■ Does internal audit report to an area administratively where its work has the least chance of being restricted or redirected (such as by the CEO)?

Aligns with the strategies, objectives and risks of the organisation Many organisations around the world have adopted the COSO Enterprise Risk Management Framework, the ISO 31000 Risk Management Standard, or some combination of the two. And most organisations have a robust strategic planning process. Hopefully, your enterprise risk management (ERM) activities and strategic planning processes are intertwined such that the organisation’s strategic objectives and the risks to achieving them are well understood. ■ Does internal audit have a robust risk assessment process that considers the strategic plan, the underlying strategic objectives and the risks to achieving those strategic objectives? ■ Does your internal audit leader participate, at least as an observer, in the strategic planning process of your organisation?

www.ethicalboardroom.com

■ How well coordinated are your ERM efforts and your internal audit activities and is there a common risk management language framework used when talking with the board and senior management? positioned 5 Isandappropriately adequately resourced

Internal audit desires a ‘seat at the (executive) table’. Granted, just because your internal audit leader asks for that seat, they still have to earn it. I go into some depth making this case in my book, Lessons Learned on the Audit Trail. And, without question, internal audit will always, like any function, want more resources. But the better question is, do they have enough of the right resources? ■ Does your internal audit leader have the executive presence, business acumen and gravitas to deserve that much-needed seat at the table? ■ Is internal audit viewed as a business partner, actively contributing to the organisation’s success? ■ Can your internal audit leader clearly articulate the ‘next project’ from a risk perspective they would undertake

if they had additional resources? And are you comfortable if that project doesn’t get done during the ensuing audit plan? quality and 6 Demonstrates continuous improvement

IIA standards require a commitment to quality, through both an internal quality assurance and improvement programme and periodic external quality assessments. This commitment to quality is measured by the level of conformity to the standards and acts as the foundation to continuous improvement. ■ Does internal audit report on the results of its internal quality assurance and improvement programme? ■ Is internal audit getting an external assessment at least once every five years? ■ Is internal audit investing in and improving its ability to leverage technology in both the administration of the function and the deployment of data analytics?

Autumn 2018 | Ethical Boardroom 47

Board Governance | Internal Audit effectively 7 Communicates Pareto’s Principle applies well as a

generalisation of internal audit’s work efforts: 80 per cent is not seen by most and 20 per cent is what the organisation sees and is what is communicated via the written word (memos and reports) and spoken. Although the documented work is critically important in support of internal audit’s conclusions and opinions, it is rendered nearly irrelevant if what is communicated misses the mark in terms of accuracy, timeliness, clarity and impact. In my book, Trusted Advisors: Key Attributes of Outstanding Internal Auditors, I stress the importance of being ‘dynamic communicators’. ■ Are internal audit reports something you place at the top of your in-box, knowing that there is critical, succinctly and well-articulated information that is important to read, digest and act upon? ■ Has your internal audit leader established strong rapport with senior management and the board? ■ Is internal audit viewed as having a positive, relationship-based and collaborative demeanour and as a go-to resource of insight on risk and control matters? Are they ‘trusted advisors’? risk-based assurance 8 Provides Internal audit plans must be based

on risk and the outcome of a continuous organisational risk assessment. If that is truly the case, however, many internal audit functions may not have all the skills and competencies they need with existing staff to fulfi l the audit plan. Unfortunately, I have seen this all too often relegate internal audit to focussing on only what it knows or, worse, trying to audit things it knows nothing about. Either way, this is a disservice to the organisation and does not result in effective risk-based assurance. ■ Has internal audit stopped doing ‘cyclical’ audit work, based on a set timetable and moved to a truly risk-based plan? ■ Does internal audit update its risk assessment periodically (more frequently than annually) and is the audit plan dynamic, based on those updates? ■ Does internal audit have the support to bring in subject matter expertise in areas where it does not have the skills or competence to do the work? 48 Ethical Boardroom | Autumn 2018

Internal audit plans must be based on risk and the outcome of a continuous organisational risk assessment. If that is truly the case, however, many internal audit functions may not have all the skills and competencies they need with existing staff to fulfil the audit plan proactive 9 Isandinsightful, future-focussed

Nearly every chance I get to speak globally, I stress the need for internal audit to move away from providing hindsight (what happened in the past) and move towards first insight (what the true impact is or can be) and then foresight (getting ahead of issues before they occur… being anticipatory). I also emphasise that internal audit cannot succeed by putting its head down and focussing solely on completing the audit plan. It must be proactive by looking up (throughout the organisation) and looking out (beyond the organisation) at all times. And it must not shy from controversy. Internal audit, if necessary, must be courageous and willing to sail towards the storm. ■ Does internal audit raise risk-based issues of merit and strategic impact that are not being considered? INSIGHT AND OBJECTIVITY Internal audit should be viewed as a trusted advisor

■ Does internal audit help the organisation ‘get ahead’ of issues before they manifest into something critical? ■ How capable is your internal audit leader in demonstrating prescience, the ability to see around corners and anticipate matters of importance? organisational improvement 10 Promotes I have no doubt your organisation has

either a broad-based plan of organisational improvement (e.g. lean, agile, Six Sigma) and/or targeted programmes geared towards improvement (e.g. cost cutting, refocus on core values). Internal audit should be identifying and recommending opportunities for organisational improvement and also be participating in/contributing to organisational improvement programmes. Organisational change programmes, as important as they are to move the organisation forward, can introduce a lot of risk.

■ Is internal audit an active participant in material organisational improvement programmes and it is able to provide useful advice and insight resulting from that participation? ■ Does internal audit consider opportunities for organisational improvement in every audit? ■ Is your internal audit leader proactively consulted on organisational improvement initiatives? If you aren’t satisfied with your reflective answers to these questions, there are some critical roles all governance leaders need to play to support internal audit effectiveness. Quite simply, within appropriate limits and reason, internal audit must be adequately resourced. But such resourcing is not only about budgetary dollars; it’s also about having the right resources, in the right place, at the right time. It is about expecting energy, competence, progressiveness and insightfulness. It’s about the availability of targeted training. It’s about respecting the importance of the dual reporting relationship and making sure internal audit navigates both its objectivity and independence with deft skill, while at the same time being viewed as a trusted advisor to the organisation. And, it is about constructively challenging internal audit to be its best, strive for excellence and continuously improve. This is what the organisation’s stakeholders assume and what you should expect, demand and unequivocally support. Is good enough, good enough? Let’s all conclude… hardly. www.ethicalboardroom.com

Board Governance | Risk

The

Power of checklists Only those who can see the invisible can do the impossible. Recently I was on a plane that was just about to land when, at the last moment, a wind shear from an already storming and unsettled evening unceremoniously greeted us weary travellers.

The pilot aborted the landing literally within touching distance of the ground and we climbed back quickly and nervously into the darkness for another fly around. Once we had regained our composure the pilot came over the public address system and explained the situation and why it was necessary to do what he had done. He said the ground wind speed had increased alarmingly as he had started the descent but that it was spasmodic in its strength thereby likely to allow for a window of opportunity to safely land. As we got closer to landing, the unpredictable gusts became so strong that the pilot decided that the best course of action was to not challenge Mother Nature but to attempt another landing at a more suitable time. After a delay of about a half hour we landed – albeit with our stomachs figuratively in our mouths – and we disembarked. As we left the plane every passenger stopped to thank the pilot not only for the skill that he had shown but for the fact that he was prepared to take us all into his confidence by communicating so well about the issues. 50 Ethical Boardroom | Autumn 2018

A strong organisational culture will pay attention to how an outcome is achieved Tom McLeod

Expert within the fields of risk management, fraud & corruption investigations, internal auditing and compliance activities

Cave rescue

A couple of days later I was watching a riveting documentary on the Thailand cave rescue. I was struck not only by the heroism of the rescuers, which was breathtakingly inspiring and incredibly humbling; and not only by the courage of the rescued, which was incomprehensible and life affi rming; but by other factors that, in today’s throwaway society, we too readily undervalue. They were the eternal determinants of experience and training. Everyone that the documentary spoke to and everyone that has been quoted in the media around this generational event was there doing what they had to do, safe in the knowledge that they had decades of experience to call upon. I was fascinated by how the divers spoke of being scared but – through experience – knew that they had to calm their emotions to execute properly. I was intrigued, again in a society that increasingly values a Kardashian view of life, that when the story needed to be told, the media reverted not to the most available person to speak but to the most experienced.

Military precision

When my family fi rst moved to Sydney in the early 2000s we lived in nature’s wonderland looking towards the ever-imposing North Head of Sydney Harbour. If there is a more impressive natural wonder than Sydney Harbour within the boundaries of a major world city, then I have not yet been fortunate enough to visit it. In the morning we would be awoken by the sound of stomping boots and chanting rhythms of the new recruits being schooled in the arduous rigours of HMAS Penguin – the home in Middle Head of the Australian Defence Forces Diving School. They would run through the streets with a wet, anchor-weighing sized rope above their head and finished it off later by treading water for an hour or so still with the tangled twine out of harm’s way. That they were the finest specimen of the male physique that I have ever seen was secondary to the impressive fact that they were being trained to within an inch of exhaustion to be ready when the moment arose. In all three instances – the pilot landing in the storm, the rescuers in the cave in Thailand and the military getting ready on Sydney Harbour for a future battle – training was the foundation stone upon which their experiences were premised. As the hands of time slowly push us all into the next demographic, categorisation my fervent hope is that we dispel the myths and www.ethicalboardroom.com

Risk | Board Governance HOW TO GET THINGS RIGHT A checklist can change the way we approach problems — including risk

discriminations that are all too present about age and experience. Having decades of experience doesn’t mean that you are tethered to the past. It means that you have lived the good and the bad of what your chosen path can throw at you. Being trained isn’t some form of abstract concept to say that you have done it and can move on. It is a fundamental basis upon which future growth is grounded. As life returns to normal and the Wild Boars again take to the football field, the lesson of the miracle moments in Northern Thailand – the importance of experience and training – stayed with me. It got me wondering as to how we can bring that experience and training to as wide an audience as possible.

In contemplating this I was reminded of one of the most important articles that I have ever had the privilege and pleasure to read. It was written in 2007 by Atul Gawande and published in Th e New Yorker. Gawande – by his own words – is a surgeon, writer and public health leader. He is CEO of the non-profit-seeking health care venture formed by Amazon, Berkshire Hathaway and JPMorgan Chase to deliver better outcomes, satisfaction and cost efficiency in care. He practices general and endocrine surgery at Brigham and Women’s Hospital and he is a professor in the Department of Health Policy and Management at the Harvard T.H. Chan

Having decades of experience doesn’t mean that you are tethered to the past. It means that you have lived the good and the bad of what your chosen path can throw at you www.ethicalboardroom.com

School of Public Health and the Samuel O. Th ier Professor of Surgery at Harvard Medical School. His article – and subsequent book Th e Checklist Manifesto – explored the importance and value of, not surprisingly given its title, checklists. The blurb to the book explains how ‘fi rst introduced decades ago by the US Air Force, checklists have enabled pilots to fly aircraft of mind-boggling sophistication. Now innovative checklists are being adopted in hospitals around the world, helping doctors and nurses respond to everything from flu epidemics to avalanches. Even in the immensely complex world of surgery, a simple 90-second variant has cut the rate of fatalities by more than a third’. Autumn 2018 | Ethical Boardroom 51

Board Governance | Risk

Three steps

So, is it possible that something as simple as a checklist could revolutionise the time-tested profession of risk management? I am going to argue a definitive yes and in the manner of a checklist have provided a three-step framework to support my proposition. First – there is no substitute in risk management for consistency. Too often in the assessment of risk the loudest voice in the room wins the day and the assessment of the threats and opportunities that the situation has given birth to are inevitably skewed to the biases of that loudest voice. A methodical risk assessment checklist that transparently encourages the user to consider not only all the appropriate steps in the assessment but also to consider the voices of all the stakeholders will result in a much more valuable assessment of risk. The important consideration for people relying on the risk assessment is to ask for – and seek evidence if necessary – that indeed all the steps have been adopted. Second – as was the case with Gawande’s selection of checklist case studies, a checklist allows you to codify the intelligence of others into a central point. We have adopted this approach many times. As much as we would like our egos to believe that we are the pre-eminent subject matter expert on a particular (usually risk-related) topic we are sufficiently humble – just! – to acknowledge that there may be people that know more about the topic than we do. Composing a checklist on a particular topic not only allows you to codify others’ knowledge but it lets them be equal owners in the quality. A good example of this is in something such as a fraud investigation protocol checklist. A fraud investigation can be a multifaceted, many stakeholder event, where – given the sensitivity of the matter – many have an opinion. What we have found very useful is to bring together all the stakeholders to discuss their respective roles and in what order they should be executed in

the event of fraud. And then document the views; experience and wisdom of the other stakeholders in a checklist. Th is checklist approach is very helpful in also providing an inquisitive stakeholder with status updates by flagging where in the investigation protocol the work is currently at and what are the dependencies on the work being completed in the manner previously agreed. The third – benefit of a checklist harks back to the dark tunnels of northern Thailand. A well-constructed checklist gives you a confidence that few other mechanisms can. The brave rescue divers were not devoid of fear – they had embraced it in a manner that, thankfully in this instance, had resulted in the best possible outcome. As we mentioned earlier, they were extraordinarily well-trained to execute their dangerous mission. On a slightly less dangerous end of the risk spectrum, a checklist can allow for the same embracing of uncertainty if it is used as a training tool.

Education framework

If education is the foundation stone of a strong risk framework in any organisation – and this is something that we fundamentally believe is the case – then that education should expose its scholars to the organisational approaches that will best suit the circumstances in which training is being sought. Too often we only test our knowledge and our approach in the heat of a proverbial ‘battle’ and where it is found wanting we promise ourselves that we will improve next time around. Imagine instead that your education framework had as its core an eternally improving approach. The best way to do this is in a living check list that it is the responsibility of each session to seek to improve. Doing so is an interesting experiment in itself – the definition of success from a training workshop was whether the class could improve on the process being presented before them. It turns the attendees into active participants in the

process rather than passive recipients. A checklist is only worth using if it is indeed used. Too often we have seen organisations develop a myriad of policies, protocols, procedures and checklists and then nearly everyone has blissfully (and in some cases maliciously) chosen to ignore every single one of them. So how do you make the use of a checklist compulsory? The easiest answer is to not focus on the checklist itself but on accountability. A strong organisational culture is one where there is a focus not only on the outcome but on how the outcome was achieved. The accountability part kicks in from holding that outcome and the process to achieve it in equal importance. An outcome delivered by an incomplete process always raises concern that there was value left on the table. An incomplete process may deliver an optional outcome but you will always wonder whether you had tried your best. Therefore, the next time that you are presented with an outcome, ask the presenter how did they come to the point of delivery? Was it done in a methodical and systematic way? Was it done in a manner that encapsulates the best thinking of subject matter experts? Was it done in a way that they – the presenter – would be happy to base the education of future generations on the process? If the answer to these questions is yes, then you have a ripe environment for the introduction of a checklist. If the answer to these questions is yes then you also have a key building block in the development and maintenance of a strong risk framework. As the last of the Thai boys were extricated from the cave, a journalist wearied from the intensity of the moment was momentarily distracted when he went to speak to his audience on live television. Later he was asked by a colleague how it felt to be there at that time. His response was interesting. He said that he had never seen before a large group of people all following the processes that they had been trained for. They were – he said – following their trusted and well-tried checklists.

CHECKLIST CULTURE There needs to be a focus not only on the outcome but how the outcome was achieved

52 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

PROVEN LEADERSHIP FOR COMPLEX LEGAL CHALLENGES FIRST-TIER NATIONAL RANKING IN CORPORATE LAW — U.S. News – Best Lawyers® “Best Law Firms” Survey 2019

Sophisticated advice for the full spectrum of corporate governance issues. Ever-evolving laws and regulations, coupled with heightened scrutiny into corporate governance and compensation practices, have created an increasingly complex environment for publicly traded corporations, privately held entities and their individual executives and directors. We offer our clients advice on a range of issues impacting their business, including board management, financial reporting compliance, risk management and crisis preparedness, takeover defenses, proxy contests, shareholder relations and executive compensation. TALENT. TEAMWORK. RESULTS.

Holly J. Gregory holly.gregory@sidley.com +1 212 839 5853 John P. Kelsh jkelsh@sidley.com +1 312 853 7097

AMERICA • ASIA PACIFIC • EUROPE

sidley.com Attorney Advertising - Sidley Austin LLP, One South Dearborn, Chicago, IL 60603. +1 312 853 7000. Prior results do not guarantee a similar outcome. MN-9509

Board Governance | ERM

Understanding risk in the strategy-setting process Responsibilities of board members continue to increase across the globe.

Among the myriad expectations for boards, the G20/OECD Principles of Corporate Governance, last updated in 2015, states that the board should fulfi l certain key functions, including: ‘reviewing and guiding corporate strategy, major plans of action, risk management policies and procedures…’. 1 Boards have long understood their responsibility to oversee strategy setting and risk management, but the link between those two responsibilities has not been clear. Fortunately, the Committee of Sponsoring Organisations of the Treadway Commission (COSO) covered this topic in its updated enterprise risk management (ERM) framework in 2017. That framework, Enterprise Risk Management – Integrating with Strategy and Performance, highlights the role of risk in strategy selection. The framework’s executive summary states that strategy selection is about making choices and accepting trade-offs. So, it makes sense to apply enterprise risk management to strategy as that is the best approach for untangling the art and science of making well-informed decisions. Risk is a common consideration in strategy setting, but its role tends to be too narrow. The framework provides a more comprehensive way of understanding and assessing risk in the strategy-setting process.

Enterprise risk management and strategy

The COSO framework emphasises that enterprise risk management helps an organisation better understand how its mission, vision and core values provide

54 Ethical Boardroom | Autumn 2018

Organisations need to be more adaptive to change in order to confidently handle the future Paul J. Sobel

Chairman, the Committee of Sponsoring Organisations of the Treadway Commission (COSO) the foundation for understanding what types and amount of risk are acceptable when setting strategy. That foundation results in three distinctively different ways that risk arises in the process: ■ The possibility that strategy and business objectives may not align with the mission, vision and core values ■ The types and amount of risk that the organisation potentially exposes itself to by choosing a particular strategy ■ The types and amount of risk inherent in carrying out its strategy and achieving business objectives and the acceptability of this level of risk and, ultimately, value Figure 1, opposite, illustrates strategy in the context of mission, vision and core values and as a driver of an entity’s overall direction and performance. The figure starts with the organisation’s mission, vision and core values, which define what it wants to be and how it wants to conduct business. Essentially, these three make up its basic business model and reason for existence. The middle of the figure depicts the ongoing operations of the business, focussing on the establishment of strategy and business objectives and day-to-day performance of activities

to achieve the strategy and objectives. Effective strategy, business objectives and performance will drive enhanced performance, which, ultimately, leads to the creation of enhanced value. When conducting strategic planning, it’s easy to see the future through rose-coloured glasses. That is, imagining the possibilities for success isn’t that difficult. But recognising the potential challenges to that success is much harder. However, studies have shown that the most significant causes of value destruction are embedded in the possibility of the strategy not supporting the organisation’s mission and vision and the implications from the strategy. The COSO ERM framework discussed three different types of risk that may arise as a result of determining strategies and business objectives. The following discussion and examples are extracted from the framework.

Possibility of misaligned strategy and business objectives An organisation’s mission and vision provide a top-down view of the acceptable types and amount of risk for the entity. They help the organisation to establish boundaries and focus on how decisions may affect strategy. An organisation that understands its mission and vision can set strategies that will yield the desired risk profi le. A misaligned strategy increases the possibility that the organisation may not realise its mission and vision, or may compromise its values, even if the strategy is successfully carried out. To illustrate the risk of strategy not aligning with mission and vision, the framework provides an example of a healthcare company. Such an organisation would consider the risks associated with providing high-quality care (part of its mission) and convenient and timely access (part of its mission) and being a terrific place to practice medicine (part of its vision). Considering its high regard for quality,

www.ethicalboardroom.com

ERM | Board Governance

The COSO framework emphasises that enterprise risk management helps an organisation better understand how its mission, vision and core values provide the foundation for understanding what types and amount of risk are acceptable when setting strategy www.ethicalboardroom.com

FIGURE 1: STRATEGY IN CONTEXT

MISSION, VISION & CORE VALUES

Possibility not a of lig n

te ra st ng i

Imp str lica at

from the ns sen tio y cho eg

service and breadth of skill, the organisation is likely to seek a strategy that has a lower risk profi le related to quality of care and patient service. This may mean offering in-patient and/or out-patient services, but not being a primary on-line presence. On the other hand, if the organisation had stated its mission in terms of innovation in patient-care approaches or advanced delivery channels, it may have adopted a strategy with a different risk profi le. There are many famous examples of an organisation pursuing a strategy that doesn’t align with its stated core values. For example, Enron developed a strategy that it believed would result in great commercial success. However, that strategy was not aligned with its core values (at least its stated core values). As a result, individuals charged with pursuing Enron’s business objectives made decisions that, ultimately, resulted in the company’s demise. Similar examples from that time period include WorldCom and Tyco. More recently, we see the impact on otherwise well-respected companies, such as Volkswagen and Uber. The key is for those involved with strategy setting and the boards that oversee the process, to leverage the principles of enterprise risk management to help the organisation avoid misaligning a strategy. The board can provide the organisation with insight to ensure the strategy it chooses supports the entity’s broader mission and vision for management and board consideration.

STRATEGY, BUSINESS OBJECTIVES & PERFORMANCE

ENHANCED PERFORMANCE

Implications from the strategy chosen

Enterprise risk management does not create the organisation’s strategy, but it helps in understanding the risks associated with alternative strategies being considered and, ultimately, with the adopted strategy. Decisions must be made on the trade-offs inherent in development of a strategy. Each alternative strategy has its risks – these are the implications arising from the strategy. The board of directors and management need to determine if the strategy works in alignment with the organisation’s risk appetite and how it will help enable the establishment of business objectives and allocation of resources that, ultimately, will lead to value creation and enhanced performance. Stated differently, the organisation needs to evaluate how the chosen strategy could affect the entity’s risk profile, specifically the types and amount of risk to which the organisation is potentially exposed. Failure to properly

consider such implications may result in unintended consequences. When evaluating potential risks that may arise from strategy, management also must consider any critical assumptions that underlie the chosen strategy. These assumptions form an important part of the strategy and may relate to any of the considerations that form part of the entity’s business context. Enterprise risk management provides valuable insight into how sensitive changes to assumptions would affect achieving the strategy. For example, the healthcare organisation illustrated before can consider what risks may result from the chosen strategy – risks related to medical innovation may be more pronounced, risks to the ability to provide high-quality care may elevate in the wake of cost-management initiatives and risks related to managing new partnerships. Those and many other risks result from the choice of strategy. Yet, there remains the question of whether the entity is likely to achieve its mission and vision with this strategy, or whether there is an elevated risk to achieving the set goals.

MANAGING RISKS IN UNCERTAIN TIMES An organisation that understands its mission can set an appropriate strategy

Autumn 2018 | Ethical Boardroom 55

Board Governance | ERM Understanding the risks and their implications is not easy. Consider Wells Fargo. Recognising that the financial services industry was changing and looking for new ways to create revenue and market share, the company established a strategy to increase the number of client accounts. At a high level, this seemed like a prudent business strategy. However, management and the board failed to consider the possibility that the sales incentives to open new accounts might motivate employees to open accounts without their customers’ permission. After opening as many as two million unauthorised accounts, Wells Fargo was faced with more than $1billion in US dollars in fines and the incident forced turnover at the board and executive level. The long-term effect on its brand is yet to be determined. Clearly, a seemingly sound strategy had severe unintended consequences.

Risk to implementing the strategy and business objectives

Risk is a consideration in many strategy-setting processes. But risk is often evaluated primarily in relation to its potential effect on an already-determined strategy. In other words, the discussions focus on risks to the existing strategy: we have a strategy in place, so what could affect the relevance and viability of that strategy? There is always risk to carrying out a strategy. An organisation must consider whether it has the capabilities (for example, people, processes, systems and information) to carry out the strategy. Lack of the necessary resources creates a risk to strategy achievement. Sometimes, the risks become important enough that an organisation may wish to revisit its strategy and consider revising it or selecting one with a more suitable risk profi le. The risk to carrying out strategy may also be viewed through the lens of business objectives. An organisation can use a variety of techniques to assess risks using a common measure. Wherever possible, the organisation should use similar units for measuring risk for each objective. Doing so will help to align the severity of the risk with established performance measures. Assessing risk to the strategy and business objectives requires an organisation to understand the relationship between risk and performance – referred to in the ERM framework as the ‘risk profi le’. An entity’s risk profi le provides a composite view of the

risk at a particular level of the entity (e.g. overall entity level, business unit level, functional level) or aspect of the business model (e.g. product, service, geography). Th is composite view allows management to consider the type, severity and interdependencies of risks and how they may affect performance. The organisation should initially understand the potential risk profi le when evaluating alternative strategies. Once a strategy is chosen, the focus shifts to understanding the current risk profi le for that chosen strategy and related business objectives.

Summary

A key board responsibility is to contribute to and oversee the development and execution of the organisation’s strategies and business objectives. Since the inception of enterprise risk management, it has become common to consider the risks to achieving a given strategy and related business objectives. Boards routinely question management on their capabilities to achieving their strategy and business objectives and receive periodic updates on the organisation’s progress in doing so. Th is focus on the risks embedded in strategy and business objectives remains critically important. However, there are two other aspects of risk that arise during the strategic planning process. The fi rst, the possibility of misaligned strategy and business objectives, relates to the risks that arise when a seemingly sound strategy doesn’t align with the organisation’s mission, vision and core values. Such misalignment can result in tragic consequences, as evidenced by many examples of corporate failures in the past decades. The second relates to the potential unintended consequences of a strategy chosen. A strategy viewed through one lens may seem appropriate, but there may be hidden risks that could have dire consequences to the organisation. The extra step in strategic planning of considering potential implications of unintended scenarios is a prudent step. By definition, risk involves uncertainty and, therefore, no board can be certain that all three types of risk are comprehensively considered at the culmination of the strategic planning process. However, taking the time to consider the three ways risk can arise in strategic planning will increase the likelihood that the chosen strategies and business objectives are successful.

CONSIDER THE RISKS Boards need to question management on their capability of achieving goals

Risk is a consideration in many strategy-setting processes. But risk is often evaluated primarily in relation to its potential effect on an already-determined strategy 56 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Board Governance | Initial Public Offering

Jim Kzirian & Ryan C. Harvey

Jim is Lead Consultant and Ryan a Partner at Meridian Compensation

IPOs and executive pay As the equity markets have recovered and continued to grow since the ﬁnancial crisis, many private companies are considering an initial public oﬀering (IPO) of their stock as a way to raise capital and create liquidity for their existing investors and employees.

Many companies have been taken private by private equity investors over the past decade and now are looking to an IPO as a source of liquidity. In 2017, 374 companies globally completed an IPO – up from 268 global IPOs in 2016.1 A public company’s approach to executive compensation differs from that of a private company in several key respects. As a public company, equity is readily available as an incentive vehicle to directly link the compensation of executives to the creation of shareholder value. Publicly traded equity also gives executives real-time feedback from investors on their performance and the value of the company. Executive pay programmes of a public company are subject to scrutiny of public shareholders, which may have different expectations and, time dimensions than private shareholders and therefore, public company equity programmes generally have certain design features. In preparing for an IPO, there are a number of tactical issues, such as drafting plan documents, preparing required disclosures and ensuring plan designs are compliant with applicable securities and tax rules. But

58 Ethical Boardroom | Autumn 2018

Keeping pace with compensation issues is crucial before, during and after an IPO there are six critical compensation issues a board must consider in preparation for an IPO on a US-based exchange. These include: ■ Long-term incentive design and equity reservation ■ Shareholder engagement and governance considerations ■ Long-term incentive design and equity reservation ■ IPO equity awards ■ Competitive pay levels ■ Change-in-control and severance compensation ■ Board compensation structure

made as a single award intended to cover the entire period prior to IPO (with no liquidity). Beginning with the IPO, the newly public company will implement an annual long-term incentive (LTI) award cycle in which equity-based incentives become an ongoing part of each executive’s annual compensation mix. In establishing an LTI programme, post-IPO boards must determine the appropriate design of any future awards and they must approve an initial reservation of shares available for future grants.

No element of executive pay has a greater impact on motivating desired behaviours than long-term incentives. Often the most significant change in compensation for a newly public company is the way equity is used as an incentive. At many IPO companies, equity-based incentives were awarded in the years prior to an IPO. However, these pre-IPO awards are generally

www.ethicalboardroom.com

Initial Public Offering | Board Governance Generally, LTI design at a public company is very different than at a private company, given the availability of publicly traded equity as an incentive and retention vehicle. The three categories of LTI vehicles among public companies are stock options, restricted shares/RSUs and performance share plans. While performance shares generally comprise more than 50 per cent of the senior executive LTI mix at most US-based public companies, among newly public companies performance shares are much less common. The difficulty in establishing meaningful multi-year performance goals drives many IPO companies to use a mix of stock options and restricted shares in the first year or two post-IPO. Stock options often make up the majority of LTI value at IPO companies with a significant minority portion in the form of restricted stock. As the dust settles following the IPO, many boards will begin to consider the use of performance shares in the LTI mix. Typically, within two to three years following an IPO, a company will implement performance shares as a significant proportion of LTI. Performance shares provide an opportunity for the board to align senior management pay outcomes with achievement of multi-year financial/ market-based company objectives, and are generally viewed favourably by investors. Companies typically seek to reserve sufficient shares to provide for equity awards for a three- to five-year period post-IPO. Given that most US-based companies award approximately one to two per cent of equity annually in LTI awards, a three- to five-year reservation is often six to 10 per cent of total common shares, with a median of approximately eight per cent. If a large award is made at the IPO, this range could be

higher. A board should consider the potential shareholder dilution of any reservation in relation to outstanding equity incentives at the time of the IPO, and the project dilution levels in the future when the company will eventually need to seek shareholder approval for an additional reservation of shares.

FIGURE 1: DILUTION CONSIDERATIONS AT IPO Potential dilution should be evaluated against industry norms Shares needed ■ Ongoing share reservation (3-5 years) ■ Grants at IPO ■ Outstanding pre-IPO awards

IP equity awards

A key question often considered by boards at the time of an IPO is whether a one-time grant of equity incentives should be awarded at the time of the IPO. In cases where significant equity was not granted in the years prior to the IPO, or if most of the outstanding awards will be fully vested at the time of IPO, a special equity award or ‘founders grant’ is often granted to executives at or near IPO. However, to the extent that a meaningful value of equity awards remains unvested following the IPO, the company may simply transition into its first regular annual LTI award at the time of the IPO, or in the year following the IPO, if a grant was made prior to the IPO.

A founders grant provides a boost in equity holdings of senior executives to levels typical of a public company. The grant also provides critical retention incentive during a potential time of uncertainty when investors will want assurances that leadership remains in place. A special grant also leverages the link between shareholder returns and executive pay at an important time. We have been closely tracking IPO-related equity grants at US companies for the past 20 years. Our findings have been that 40 to 50 per cent of IPO companies provide some form of special equity incentive grant to executives near the time of the IPO. For IPOs that occur due to a larger parent company divesting of a business unit (spin-off), the prevalence of special IPO-awards increases to 70 to 80 per cent of IPO companies. The special grants are often one to two times the value of a typical ongoing annual LTI award that would be made to an executive. Although less common than a founders grant, some companies will provide special targeted retention incentives or transaction incentives to key employees of the company. These may be employees who are asked to perform additional duties for a period of time related to the IPO or individuals of particular retention risk. While far less common, some IPO companies will provide a one-time grant of equity to all employees as part of the transaction. These broad-based grants are generally provided as a fixed number of restricted shares and serves to provide an ownership connection to a broader employee population.

REAL-TIME FEEDBACK Publicly traded equity can give executives insight from investors

www.ethicalboardroom.com

Autumn 2018 | Ethical Boardroom 59

Board Governance | Initial Public Offering

Competitive pay levels

Retaining and motivating a talented executive team is a critical element of any successful IPO. Potential shareholders will evaluate the compensation arrangements of the leadership team to gauge the retention effectiveness and link between performance of the company and rewards to executives. A key to retaining and motivating these executives is ensuring their overall pay arrangements are competitive in comparison to other public company arrangements. This is particularly true in many IPO situations in which incentive arrangements that motivated the team prior to the IPO will often become vested or pay out shortly after the IPO. An important first step in reviewing the competitiveness of pay is the development of an appropriate peer group for pay comparison purposes. This group of companies should represent the company’s competitors for executive talent. The peer companies should be of similar size and industry to the IPO company, typically no larger than three times the revenue size and no smaller than a third of the revenue size. In some instances, obtaining a robust set of peers with industry similarity

value in the two to three years following the IPO, the company may be an acquisition target. As an independent and publicly traded organisation, the company may face a greater prospect of a change-in-control. Therefore, many companies that have undergone a recent IPO review their change-in-control severance programmes to ensure appropriate protection for executives to remain engaged and motivated through a potential transaction, thereby ensuring that shareholder value creation is kept paramount.

Board compensation structure

While most private companies have a board of directors, an IPO often requires the addition of new ‘independent’ directors and the development of competitive board pay arrangements. A typical director pay arrangement in the US will include a cash board retainer, cash committee retainers for committee chairs and an annual equity grant. Separate meeting fees paid on a per meeting basis have significantly declined in prevalence in recent years. Equity is typically delivered in restricted shares with a one-year vesting period, or fully vested at

NUMBER CRUNCHING Most IPO company boards will gather benchmarking information on best pay practices among peers

can be challenging, and in those instances, we recommend a broadening of industry filters to ensure a sampling of at least 15 to 20 peers can be obtained. Any peer companies used in evaluating pay completeness must be disclosed in the public proxy filings of the company following the IPO. This group will get some scrutiny by proxy advisory firms, so the board should take time to properly vet any companies included in the peer group. Once this group is established, the salary, annual incentive and long-term incentive levels, and incentive design practices of the peer companies are analysed to determine competitive targeting of compensation for the company post-IPO.

Change-in-control and severance compensation

Often, when companies make a decision to IPO, they have also considered other transaction alternatives prior to the IPO, such as the possibility of a sale or merger. Once the IPO is complete, and particularly if the executive team creates shareholder 60 Ethical Boardroom | Autumn 2018

for a newly public company. Not only will the company be required to fully disclose all material aspects of executive compensation, but shareholders will also have an advisory vote on executive pay matters, referred to as a ‘Say on Pay’ vote. While this vote is only advisory, it has driven a much greater level of engagement between US corporate boards and their largest shareholders on issues of executive compensation. A company planning for an IPO should not only consider the potential reaction of shareholders to any pay decisions being contemplated, but also should plan to regularly interact with large shareholders to understand any compensation concerns. In the US, a registration statement or S1 is prepared and filed with the Securities & Exchange Commission (SEC) in an IPO transaction. The statement provides information required by the SEC related to the company and its business. The S-1 contains much of the same information that might typically be disclosed in the 10-K form required in the US by the Securities and Exchange Commission (SEC), and in a proxy statement, but with additional information on the future prospects of the company that would be pertinent to new shareholders. Information on current executive compensation practices and intended executive compensation actions are also disclosed in the S-1 filing for the SEC. After a preliminary filing, the S-1 will typically have a number of amendments prior to its final filing in the form of a prospectus. Any material executive compensation plans, such as the LTI plan, must be filed in the final S-1. Following the IPO, the company will file a proxy in connection with its annual shareholder meeting that will

The IPO is much more than simply an offering of shares on a public exchange — it fundamentally changes the governance expectations of the board and changes the role compensation plays within the company grant. Depending upon industry, the total director pay package often ranges from approximately $100,000 to $300,000 in value. The development of this package generally must be completed prior to the IPO, since directors need to be recruited and in place prior to going public. Given the heightened scrutiny on director pay in recent years, it is advisable to establish a clear target pay objective for directors, such as 50th percentile positioning. Most IPO company boards will also gather benchmarking information on director pay practices among their peer companies to provide an objective external benchmark on which to base any pay decisions.

Shareholder engagement and governance considerations

Engagement with shareholders on executive pay issues is a completely new consideration

provide significant detail on its executive compensation practices, particularly as they pertain to the top five officers.

Conclusion

An IPO is a unique milestone in the life cycle of a company and an event that many board members and executives may only experience once in their careers. The IPO is much more than simply an offering of shares on a public exchange – it fundamentally changes the governance expectations of the board and changes the role that compensation plays within the company. Addressing key compensation and governance issues early in the IPO process will ensure a positive transaction and ensure compensation becomes a tool for achieving strategic business objectives. Source: Renaissance Capital

www.ethicalboardroom.com

Executive Pay in the UK: Cost or Value? The following is based on a conversation with Simon Patterson, a managing director with executive remuneration consultancy Pearl Meyer. Simon is head of the firm’s London office. Q: You have talked about the current challenge of serving on a remuneration committee in the UK. Why is this a tough assignment? A: Directors are incredibly frustrated. Regulators and proxy advisors are driving all of the change and the result is pay programmes that mimic one another. When you combine that with politics and media, remuneration committees become focused on the risks of changing pay policies, rather than the potential benefits. There’s a lack of creativity and strategy because fear of failure is so high. Much of the remuneration committee’s time is spent on benchmarking pay against peer companies. While this can be helpful contextual information, it is not the best way to design an executive compensation programme, nor does it result in good outcomes performance-wise for the companies. Q: What’s the starting point for a bold remuneration committee chair who wants to change their company’s approach?

“There’s a lack of creativity and strategy because fear of failure is so high.”

A: Our research, the UK CEO Value Index, has shown that companies perform best using a balanced approach—tying shortand long-term incentives to a mix of financial metrics and strategic measures, which are company-specific goals and objectives based on your business plan. These companies deliver more value over three and four years to shareholders than those that focus too heavily on either side. Focus, too, on succession planning. The Index shows us generally that CEOs promoted from within, rather than hired from outside, deliver more value relative to their pay. The ultimate goal I would encourage for all remuneration committees is to focus less on the cost of a CEO than the value he or she creates. Develop pay programmes that are driven by business strategy and informed by market practice. And notice there’s a very big difference between those two!

Learn more at pearlmeyer.com/global-reach

Board Governance | Technology

Evolving virtual shareholder meetings Embracing best practices can ensure transparency and enhanced shareholder participation as technology grows Anne Sheehan, Darla C. Stuckey & Cathy H. Conlon

Anne, formerly of the California State Teachers’ Retirement System. Darla is President and CEO, Society of Corporate Secretaries and Governance Professionals. Cathy is Head of Corporate Issuer Strategy & Product Management at Broadridge Financial Solutions, Inc

State laws require companies to hold annual meetings of its shareowners to elect directors and to vote on matters required for approval. In that context, shareowners may attend the meeting and vote their shares during the meeting. The annual meeting also serves as an opportunity for management to update shareowners on company developments and to review company performance. Shareowners are usually provided an opportunity to ask questions of management and directors about the business of the company. It is generally accepted that shareowner participation should be welcomed and encouraged at a company’s annual meeting. Shareowners who attend a company’s annual meeting often view it as an opportunity to see and hear the company’s management and to judge their quality. For some shareowners, it is an opportunity to express concerns or advocate action on important issues, including shareholder proposals. 62 Ethical Boardroom | Autumn 2018

Virtual shareholder meeting: an overview

The use of technology to enhance shareholder communications and to facilitate individual investor participation is a goal of regulators, public companies, shareholders, industry participants and others who are invested in the corporate governance process. Applying technology to the annual meeting by allowing virtual participation in the shareholder meeting is a way to make the meeting more relevant, accessible and engaging for all involved. Over the past 10 years, we have seen a convergence of the annual meeting process with the use of technology which brought about the concept of a virtual shareholder meeting (VSM). VSMs are held online at a secure website and shareholders attend remotely via the internet. The meeting may be video streamed over the internet so that shareholders can see the presenters (although this adds to the costs). The more common way is an audio webcast. A hybrid shareholder meeting combines a physical meeting with the features of a virtual meeting, offering shareholders the option

to attend either in person or remotely. The technology validates shareholders and allows them to vote and ask questions as in a live meeting. A virtual meeting is now a true alternative to a physical annual meeting, or, in the case of a hybrid meeting, a complement to a physical annual meeting.

Two enablers

The fi rst is regulation. In the case of shareholder meetings in the US, state corporation laws govern the annual meeting. In 2000, Delaware amended its General Corporation Law to allow ‘electronic meetings’. Other states followed suit and today, 30 states allow virtual-only meetings and 42 states allow hybrid meetings – i.e. both physical and virtual. Currently, nine states require an in-person-only format, so companies incorporated in those states are prohibited from having a virtual meeting. The second is technology, which must be accessible enough that shareholders have the practical ability to use it. In the case of virtual meetings, a key technological advance was the increasing availability and use of broadband (high speed, high www.ethicalboardroom.com

Technology | Board Governance availability) access to the internet. When Delaware changed the law to allow virtual meetings in 2000, broadband was not readily available or used by households. Today, in the United States and globally, almost all active users of the internet have broadband access. The number of publicly traded companies holding virtual meetings has increased as companies are discovering the benefits of virtual meetings. They allow a wider group of shareholders to participate in the annual meeting, regardless of their location, and the costs to them can be considerably less. In addition, the costs to the company of a virtual-only meeting are typically less than an in-person annual meeting. Virtual meetings eliminate the need for large physical spaces, security, refreshments and large support staff. Meetings can be executed by small groups via telephone and/or video connection. Directors may attend in person, via telephone and/or alongside outside auditors and the inspector of election. Replays of these meetings are also available. All shareholders – registered and beneficial – can easily attend and vote as in a physical meeting. This enables companies to more easily share their corporate results and strategy with all shareholders.

How to decide if a virtual meeting is right for your company When contemplating whether or not to hold a virtual meeting, there are several things to consider:

■ What type of meeting will you will hold? Is it virtual-only or hybrid (assuming you are incorporated in a state that allows such)? Virtual only meetings have no physical location for shareholders – everyone attends online. A hybrid meeting combines a physical meeting with the features of a virtual meeting and offers shareholders the option to attend either in person or virtually. This would allow the greatest shareholder participation possible. One drawback to the hybrid meeting is expense. A company incurs

COMPARING MEETING TYPES

the costs of both a physical, in-person holding a virtual meeting can provide meeting as well as the additional costs flexibility. They may join the virtual meeting of a virtual meeting. Furthermore, some either by telephone or video and make companies find it challenging to equally comments and answer questions during manage questions from in-person the live meeting even if they are not in the shareholders as well as those participating same location as other board members or remotely; some shareholders may feel left management. If the meeting has a video out, despite a company’s best efforts. component, companies should consider ■ What format will your meeting be? carefully how the directors will be viewed Will it be audio only, or audio plus live video online, whether they are physically located stream? Whether you choose virtual-only in the meeting room or remote. or hybrid, you must determine whether the How does a virtual virtual portion will be exclusively audio or shareholder meeting work? have a video component. Most companies The good news is that the process for are choosing the live, audio-only event, conducting a VSM is very similar to the foregoing the cost and logistics of setting process for a physical up a live video stream. Additionally, an audio event A virtual meeting meeting. The company creates its proxy materials, is similar in many respects is now a true which are distributed to a quarterly earnings call, alternative to a to shareholders. For the where participants engage meeting location the with management remotely. physical annual company provides a URL This is a process that is meeting, or, in that directs shareholders familiar to both companies to the online location of and their investors. the case of a the meeting. Shareholders ■ How will you handle hybrid meeting, go to that URL, where they shareholder questions? There are three options to a complement to enter their control number, was distributed consider. The first is to take a physical annual which with their proxy material. questions live via the text A shareholder’s unique box at the electronic meeting meeting control number is used to page. The second is to have a validate his or her entry into the meeting live phone line open for shareholders to ‘room’ and enables him or her to ask call in to ask their questions. Additionally, questions during the meeting. It also companies can also allow shareholders to assures the company that it is a validated ask their questions before the meeting, or shareholder who is asking the question. ‘pre-meeting’. Companies can choose one, Shareholders can also cast their votes two or three of these options. online in a secure manner while polls are ■ Will you allow guests open and the meeting is in progress. (non-shareholders) into the meeting? The company’s management team is Some companies allow guests to listen but directed to a private URL from which the disallow questions from non-shareholders. team manages the meeting. The meeting ■ Where will management and the dashboard allows the company to monitor directors be during the meeting? A benefit in real-time how many shareholders are of a virtual meeting is that management attending the meeting, how many shares and directors can attend remotely from any are being voted throughout the meeting location that is convenient for them. While and any questions that are submitted by often directors and management are in the validated shareholders (see below). same location for an annual meeting,

IN PERSON

HYBRID

VIRTUAL

Traditional

Innovative

Innovative, cost-conscious

Meeting participation

Shareholders must be physically present

Shareholders can attend in person or online

Shareholders need a digital connection

Number of attendees

Constrained by venue

Unlimited

Support staff needed

Many

Many, including technical

Many

Logistics

Complex

Simple

Expense

Varies

High

Low

Large and well-established

Innovative and prosperous, seeking to maximise shareholder participation

Small, startups or innovative company seeking to maximise shareholder participation

Shareholder perception of company

Ideal type of company

www.ethicalboardroom.com

Autumn 2018 | Ethical Boardroom 63

Board Governance | Technology 300

~30

250

200

Projected increase in VSMs from 2017 to 2018

■ Virtual-only meetings ■ Hybrid meetings (physical & virtual)

150 100

Total number of meetings

COMPARISON THE RISE OF THE VIRTUAL-ONLY SHAREHOLDER MEETING

2009

2010

2011

2012

2013

Industry concerns

There is debate over virtual shareowner meetings. Virtual participation presents an opportunity for shareowners who cannot travel to more easily attend and engage. Some endorse virtual-only shareholder meetings, noting that few shareholders physically attend smaller companies’ shareholder meetings. Others are concerned that virtual-only participation could diminish the ability of shareowners to fully participate and have their questions and concerns heard without the risk of management exerting excessive control. In this view, if virtual technology

HOW MEETINGS ARE HELD? Of the 24 companies that held a hybrid meeting in 2016, 12 of them switched to virtual-only in 2017 10%

90%

10% Hybrid

90% Virtual-only

■ 17% were conducted ■ 3% were conducted with live video with live video ■ 83% used live audio ■ 97% used live audio

PROFILES OF COMPANIES HOLDING VSMs 17% Large-cap 26% Mid-cap

57% Small-cap

9 S&P 100 companies 33 S&P 500 companies 23 Fortune 500 companies 64 Ethical Boardroom | Autumn 2018

2014

2015

2016

2017

2018

(Projected)

replaces in-person meetings, the only opportunity for shareholder engagement with independent board members may be lost if the company does not allow shareholders to ask questions of directors, or otherwise makes directors available to shareholders outside of the annual meeting process. Despite the benefits, some investors object to virtual-only meetings by adopting policies expressing their views about how meetings should be conducted. These investors believe shareholders do not have the same access to board members and senior management as they would at an in-person annual meeting or hybrid meeting. This is the case when directors and management are not able to be seen live with video. Some worry that a company will not respond to all shareholder questions posed during a meeting. It is important to know who your investors are. Be aware of annual meeting conduct policies and whether a company’s approach would satisfy its investors. A company should maintain a policy stating that all legitimate shareholder questions will be responded to either during the meeting or in writing, given time constraints. Policies should also state that responses will be posted to the company’s investor website page. An excellent resource on the subject of online meetings and shareholder participation in those meetings is Principles and Best Practices for Virtual Annual Shareowner Meetings – developed by the Best Practices Committee for Shareowner Participation in Virtual Annual Meetings.1 The guidelines include suggestions for ensuring that shareholders are able to fully participate in virtual meetings.

The Best Practices Committee

The Best Practices Committee for Shareowner Participation in Virtual Annual Meetings is a committee of interested constituents, comprised of 17 executives representing retail and institutional investors, public company representatives and proxy and legal service providers. This working group discusses best practices for virtual shareowner participation

in annual meetings – with a view towards ensuring that the needs of all constituents are met in a fair and well-balanced manner. Together, the working group identified five principles and 12 best practices that companies should consider when managing annual shareowner meetings.

Five guiding principles

The Virtual Annual Shareowner Meetings Study Group outlined five guiding principles that every company should consider before undertaking a virtual shareowner meeting:

Broad investor participation in annual meetings should be valued and encouraged Shareowner meetings should promote equitable and equal treatment of investor participants Opportunities for meaningful engagement between investors and directors should be provided Issuers should communicate the benefits of a virtual meeting to shareowners Virtual meetings should be used as a way to provide meaningful open dialogue between shareowners and companies

2 3

4 5

12 best practices

In addition, companies should consider these 12 best practices as a guide to ensuring the virtual meeting expands and enhances opportunities for participation by all shareowners in a fair and balanced way:

Recognise that the meeting format must be determined before the proxy is published When deciding on annual meeting format, companies and their boards should consider the items to be voted on at the meeting as well as other issues that may be of current concern to their shareowners Evaluate constantly changing technology and processes for supporting a virtual meeting Ensure equal access to all shareowners Create formal rules of conduct for the meeting Establish reasonable time guidelines for each participant in the virtual meeting Establish rules for when questions are out of order Establish rules to promote transparency Post questions received online during the meeting Ensure shareowners have access to board members Have a technical support line available Archive virtual shareowner meetings for future viewing

2 3

4 5 6 7 8 9 10 11 12

https://www.broadridge.com/white-paper/principles-andbest-practices-for-virtual-annual-shareowner-meetings

www.ethicalboardroom.com

JAN. 7â&#x20AC;&#x201C;9, 2019 | LAS VEGAS, NV NACD invites directors to kick-start 2019 ahead of the curve at the Consumer Electronics Show (CESÂŽ). This exclusive, board-focused opportunity, available only through NACD, provides advanced

boardroom insights into the innovations and mega trends poised to disrupt every industry across the globe. Space is limited.

LEARN MORE AT

NACDonline.org/CES

Global News Europe

Daimler CEO Zetsche to step down in 2019 UK boards are not Daimler has confirmed that chief executive insurance savvy Dieter Zetsche will step down from his post in 2019 as part of an overhaul that will also see the car maker split into three separate units. Ola Källenius, head of development for Daimler, will replace Zetsche — becoming the first non-German to take the helm of the car giant. It has also been announced that Zetsche, who has been with Daimler for 42 years, will return to the company and chair the supervisory board in 2021. But after two profit warnings in four months, investors are questioning whether Zetsche should make that return. Jürgen Pieper of Metzler Bank told Handelsblatt Global that the second profit warning this year was a ‘disaster’, that he ‘can’t foresee Daimler finding the right track again soon’ and that the company will face ‘turbulent times’.

Aryzta pushes for €800million capital raise Three corporate governance advisory groups have all recommended that shareholders support a planned capital increase by Aryzta. The Swiss-Irish baking company, which supplies buns to McDonald’s, wants to raise €800million in new equity to meet its liquidity and financing needs. But its largest shareholder, Cobas Asset Management, has accused Aryzta of painting ‘an unduly grim picture’ of its financial situation to force through the capital hike. According to the Irish Independent, ISS, Glass Lewis and Ethos have made the recommendation on the proposal to be put to shareholders at the company’s next annual general meeting.

OECD warns Europe on ‘golden passport’ schemes Malta, Monaco and Cyprus are among 21 countries flagged as operating high-risk schemes that sell residency. The warning comes in a report by the Organisation for Economic Cooperation and Development (OECD). The investor visas, known as ‘golden passport’ schemes, essentially allow rich foreign investors to buy citizenship, or long-term residency rights, in a country. According to the Independent, Cyprus offers citizenship within six months to those who invest €2million in local real estate. For

66 Ethical Boardroom | Autumn 2018

permanent residency an investment of just €300,000 is required. “Residence and citizenship by investment schemes, often referred to as golden passports or visas, can create the potential for misuse as tools to hide assets held abroad from reporting under the OECD/G20 Common Reporting Standard,” said the OECD. The OECD’s Common Reporting Standard compels financial institutions in member states to automatically exchange information on who holds bank accounts.

The boards of many UK corporates do not have an adequate understanding of the limitations and conditions of their insurance policies, experts have warned. Data from insurance governance specialist Mactavish has revealed that as many as 45 per cent of large, complex commercial claims are disputed by insurers. Mactavish’s data suggests major corporate claims can take around three years to resolve and settlements tend to be around 60 per cent of the initial values estimated. Bruce Hepburn, CEO of Mactavish, commented to International Travel & Health Insurance Journal: “Generally speaking there is low board engagement in insurance, which is out of line with their focus on other capital instruments. “All chief financial officers, for example, would know about their banking covenant conditions but very few would have knowledge about the limitations of their insurance cover.”

Thyssenkrupp appoints advisors to handle break-up German conglomerate Thyssenkrupp has hired Goldman Sachs, JP Morgan and Deutsche Bank as advisors following the decision to split the company in two. The steel company and industrial equipment maker, born of the merger of two German conglomerates in 1999, bowed to pressure from activist investors and proposed two companies, one focussed on capital goods and the other on materials. Thyssenkrupp’s supervisory board has named Bernhard Pellens as its chairman and Guido Kerkhoff as chief executive officer. Kerkhoff, in a Bloomberg TV interview, said: “With the materials and the industrials now clearly focussing on their two markets, which are clearly different to each other, we can create a lot more value for our shareholders.”

www.ethicalboardroom.com

Chart the right course with Georgeson.

Navigating corporate governance issues is complex work. With our unique knowledge of global and local governance guidelines and practices, Georgeson provides you with the strategies to approach governance related issues in the boardroom and across your organisation.

Europe | ESG

Spotlight on Spain The governance community often waits on public policy demands before taking considerable steps towards the so-called trending topics related to social, environmental and governance (ESG) issues.

However, despite the implementation of the 2014/95/EU directive of the European Parliament and EU Council regarding disclosure of non-financial and diversity information, the Spanish government seems to be not only late but extremely simplistic and, well, simply lacking.

Non-financial disclosure and proxy season highlights in 2018 Paola Gutiérrez Velandía

Corporate Governance and Stewardship Expert

On 24 November, the government enacted the Royal Decree-Law 18/2017 regarding non-financial information and diversity issues. Measuring and implementing performance metrics is

not only about citizenship; companies in Spain are considerably mindful that these may inﬂuence the confidence of institutional investors and contribute to the avoidance of reputational risks. The Royal Decree establishes that in order to improve the consistency and comparability of non-financial information, some companies will be required to publish a non-financial information statement that contains information relating at least to: ■ Environmental and social issues ■ Personnel, respect for human rights ■ The fight against corruption and bribery

NO SPANISH SURPRISES There has been a recent lack of regulatory change in Spain 68 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

ESG | Europe The statement must include a description of any policy’s results and the risks linked to these issues must be incorporated in the management report. As an alternative, companies may issue a separate report that meets the same requirements established by law for the management report. The key aspect of this initiative is that the board of directors will be responsible for oversighting the integrity of the information disclosed. The Royal Decree establishes that the disclosure should be based on national or international benchmarks and companies will have to justify why they chose one methodology over others. Finally, external auditors will be in charge of verifying that the non-financial information disclosed is complying with the requirements, otherwise it will be mandatory for the fi rm to state that such information is not available. Granted it’s a huge step to compromise boardrooms on the ESG information submitted to the public. However, it is easy to predict that most companies will include the information in the management report, as a ‘bundle proposal’ and it will be diﬃcult to measure the real level of support from investors on the quality of the information.

Principles of the United Nations Global Compact (UNGC), Guiding Principles on Business and Human Rights (Ruggie Framework), Sustainable Development Goals (SDG), International Labour Organisation’s (ILO) Fundamental Conventions and OECD Guidelines for Multinational Enterprises (OECD). The Institute for Social and Ethical Accountability AA1000 standard is mentioned in the reports of 12 companies of the Ibex 35. Commitments to climate change, LGTB community rights, non-discrimination policies and the need to innovation to promote a wider range of opportunities for

Most companies that haven’t adopted speciﬁc policies on ESG matters choose to include statements of commitments on environment, human rights and social issues in the corporate social responsibility (CSR) policy or CSR management integrated system

Proxy season in Spain has not left any significant surprises during 2018. Overall, the same issues that have generated greater scrutiny by foreign institutional investors during the previous seasons persist, in part due to the lack of substantial changes in the regulatory framework.

Corporate actions

The season was marked by corporate operations, such as the take-over bid for Abertis by the Italian group Atlantis and its competing offer issued by the Spanish ACS group (through Hochtief). The takeover bid for Abertis also affected other listed companies in which it had a relevant stake, such as Cellnex with around 34 per cent and Hispasat with more than 89 per cent of the issued share capital. In the end, Atlantis and ACS presented a joint offer, which has led Abertis to exit the Ibex 35 index and will lead it to stop trading in the markets in 2019. One fun fact of this season is that Gas Natural became Naturgy and the new name was announced to the market during the annual shareholders meeting.

Changes in politics

Most companies that haven’t adopted specific policies on ESG matters choose to include statements of commitments on environment, human rights and social issues in the corporate social responsibility (CSR) policy or CSR management integrated system. Analysing publicly available information we reviewed 33 companies.1 General benchmarks to disclose non-financial information, are the IIRC Conceptual Framework, the Global Reporting Initiative Sustainability Reporting Guidelines (GRI G4) and we observed frequent references to the

employment seem to be a priority and common ground that, if applied eﬀectively, will hopefully convey great benefits to Spain, where tolerance and innovation are key components to preserve the cornerstone of European principles and foundations. Twenty-five of the companies in the Ibex 35 stated a clear commitment against any kind of discrimination, including gender, race, religion or sexual orientation. Some stats on how ibex 35 companies approach non-financial disclosure can be seen in Tables A, B and C below.

The political environment had a considerable inﬂuence on the structure of the governing bodies for some listed companies. On 1 June 2018, a no-confidence motion against the then president of the government, Mariano Rajoy of the Popular Party (PP), went through and the head of the opposition party, Pedro Sanchez of the Spanish Workers Party (PSOE), was appointed as new head of the government. The Spanish state owns a relevant stock, generally through the SEPI (State-owned Industrial Participation Company), a vehicle for holding shares. The most representative companies are Indra with 18.7 per cent, Red Eléctrica Corporación with 20 per cent, Enagas with five per cent and AENA with 51 per cent (through Enaire). As always happens, a change of government precipitated changes to the boards of most of these companies.

TABLE A: FORMAT OF DISCLOSING NON-FINANCIAL INFORMATION AMONG IBEX 35

TABLE B: BENCHMARKS USED BY COMPANIES

TABLE C: FIRMS HIRED TO CONDUCT EXTERNAL EVALUATION

Current practices of the Ibex 35 in disclosing non-ﬁnancial information

6% 22%

31%

36%

35%

27%

31% 41%

■ Annual report ■ Corporate social responsibility/ Sustainability report ■ Integrated report ■ External evaluation www.ethicalboardroom.com

15%

18%

■ Reports according to GRI 4 ■ Reports reflecting IIRC ■ Specific reference to AA1000 ■ External evaluation included

15%

■ Deloitte

■ EY

23%

■ KPMG

■ PwC

Autumn 2018 | Ethical Boardroom 69

Europe | ESG In AENA, two female proprietary directors resigned and were replaced by a man and a woman. The CEO and chairman Jaime García-Legaz Ponce also submitted his resignation, while Maurici Lucena Betriu was appointed in the same capacity on 16 July 2018. As for Red Eléctrica Corporación, on 31 July 2018, the board of directors accepted the resignation of the chairman D. José Folgado Blanco and appointed Jordi Sevilla Segura in the same capacity without executive functions, keeping Juan Lasala as CEO.

business and operational headquarters of the onshore business: measures to ensure compliance therewith. The shareholders’ meeting was held on the fi rst call with a quorum of 81.40 per cent. Although the proposals did not prosper, the fi rst item relating to strengthening the corporate governance of the company obtained 22.95 per cent support, while the second item included in the agenda obtained 12 per cent of support.

The proxy season in numbers

Quorum-related issues The level of attendance during this proxy season has been reasonably high, which may be due to a reasonable level of concentration of ownership on some companies. It is important to clarify that the present analysis is carried out with the components of the ibex 35 valid during the season, including Abertis which was replaced later on by CIE Automotive. Arcellor has also been excluded since the bulk of issues related to corporate governance are concentrated outside of Spain. The average attendance quorum during 2018 was 71.02 per cent. Compared with 2017 (66.22 per cent) and 2016 (65.85 per cent), we see that there has been a significant increase.

Proxy ﬁghts

A contentious issue to highlight is Iberdrola shareholder’s proposal at Siemens Gamesa Renewable Energy shareholders’ meeting, held on March of this year. Iberdrola submitted the following items to be included in the agenda: (i) strengthening of the corporate governance of the company in the area of related-party transactions for the protection of minority shareholders considering the risk of de facto management by the majority shareholder; and (ii) commitments made in connection with the maintenance in Spain of the registered oﬃce, the principal place of business and the operational headquarters as parent company of the group, as well as the principal place of

FIGURE 1: QUORUM vs FREE FLOAT 88.24%

83.82%

83.55%

82.89%

40.74%

82.07%

43.3%7

39.93% 31.46%

31.4%

Companies with highest level of participation in 2018 were Inditex (88.24 per cent); Gas Natural (83.82 per cent); Cellnex (83.55 per cent); Acciona (82.89 per cent) and Mapfre (82.07 per cent) (see Figure 1, below). It’s interesting to see the level of attendance of companies with the highest free ﬂoat, such as BBVA, Banco Santander, Banco Sabadell, Enagás and ACS. With the exception of the latter, they have a significant foreign capital penetration that is reﬂected in their commitment to corporate governance standards and initiatives to engage shareholders (see Figure 2, below). peak of the season 2 The Unlike other hemispheres, the

months with the highest concentration of shareholders’ meetings in Spain were March and April with nine meetings each month, followed by May in which eight meetings were held, then June with seven venues and July with one. The majority of the meetings (17) were held in Madrid, followed by Alcobendas (3), Valencia (2) and Bilbao (2).

3 Compensation During the proxy season, 22 companies

submitted for the approval of the shareholders the remuneration policy, which under Spanish legislation requires a binding vote and a renewal every three years; 16 companies oﬀered incentives plans linked to shares. Within the financial sector five entities requested authorisation for the award and pay out of the variable remuneration for identified staﬀ under the premise of the CRD IV of the European Central Bank. Both Bankia and BBVA were the exception to requesting authorisation for the approval of share incentives plans. Figure 3 (right) shows the top 17 companies with more support for the say-on-pay during 2018, compared with 2017. of directors 4 Boards One hundred and sixty-six directors

Inditex

Gas Natural

Cellnex

■ Quorum 2018

Acciona

Mapfre

■ Free Float

FIGURE 2: QUORUM vs FREE FLOAT 100%

99.33%

91.3%

82.39% 64.54%

64%

95%

61.35%

61.5%

45.62%

BBVA

Banco Santander

ACS

■ Quorum 2018 70 Ethical Boardroom | Autumn 2018

Banco Sabadell

■ Free Float

Enagás

were appointed or re-elected during this season by the shareholders. The largest number of directors to be submitted for approval were the independent external directors (99), executive directors (28), proprietary directors (27) and other external directors (20). Eleven listed companies submitted for approval the exact number of board seats. Figure 4 (right) shows which the viewer may see which category to directors were submitted of the meeting by company. firms 5 Audit Fourteen of the ibex 35 companies

submitted the external auditor for re-election during the proxy season, while only one of them (Amadeus), submitted a proposal for the appointment of a new fi rm to the general shareholders’ meeting. The average number of consecutive years that www.ethicalboardroom.com

ESG | Europe the Ibex35 audit firms are with listed companies today is almost eight years. Meanwhile the average of non-audit fees is 24.17 per cent compared to the total perceived by the firm during the fiscal year. The listed companies that have more consecutive years with the same audit firm are Banco Sabadell (35), Grifols (28), Day (27) and ACS (27). Currently, the firm that has the largest number of concentrates within the ibex 35 is PwC, which audits 11 listed companies (see Figure 5, below).

FIGURE 3: TOP 17 COMPANIES WITH MORE SUPPORT FOR THE SAY-ON-PAY DURING 2018, COMPARED WITH 2017 89.51

■ AENA ■ Bankia

90.3

■ Caixabank ■ Técnicas Reunidas

Due to problems in accessing the website Mapfre was not analysed and neither was Arcellor Mittal as it´s mainly listed abroad.

■ BBVA

98.2

99.89

■ Endesa

97.99

92.75

95.11

■ Albertis

97.51

94.22

■ Banco Santander

68.33 96.18

93.53

■ Bankinter

95.39

■ Telefónica ■ Indra

94.49

96.18

97.4

94.28

■ Cellnex

97.09

95.56

■ Iberdrola

95.62

FIGURE 4: COMPANIES vs TYPE OF DIRECTORS 1

2 3

2 2

10 1 3

3 1

2 2

1 1

0 0

7 15

1 0

3 1

6 1

3 1

1 0

1 2 1

1 1

1 0

■ Proprietary

■ Executive ■ Independent ■ Other

FIGURE 6: CORPORATE DOCUMENTS ■ By-Laws ■ Shareholders’ Meeting ■ Board of Directors

Acciona

Aceronix

Amadeus

Banco Sabadell

Banco Santander

Caixabank

Ferrovial

Gas Natural

INM. Colonial

MAPFRE

Merlin Prop

Técnicas Reunidas

■ Deloitte, S.L. ■ KPMG ■ PwC ■ EY, S.L. www.ethicalboardroom.com

96.02

91.6

■ Siemens Gamesa

Viscofan

99.5

98.98

68.21

90.9

FIGURE 5: NUMBER OF COMPANIES AUDITED BY EACH FIRM 6

96.11

Viscofan Telefónica Técnicas Reunidas Siemens Gamesa Repsol Red Eléctrica Merlin Prop Melia Hotels Mediaset Mapfre Inm. Colonial Indra Inditex Iberdrola IAG Grifols Gas Natural Ferrovial Endesa Enagas Dia Cellnex Caixabank BBVA Bankinter Bankia Banco Santander Banco Sabadell Amadeus AENA ACS Aceronix Acciona Abertis

Items related to corporate documents Thirteen companies requested the amendment of the bylaws and five submitted for approval by the shareholders the modification of the regulations of the shareholders’ meeting. Eleven companies reported on the modification of the regulations of the board of directors (see Figure 6, below).

94.17 95.89

■ Repsol

Eight companies requested authorisation to delegate to the board of directors the possibility of issuing convertible bonds. Fifteen companies requested authorisation to acquire shares, while only two requested authorisation to issue bonds. This is because of the reform incorporated in the law for the promotion of business financing that allowed companies to transfer to the boards of directors the ability to authorise the issuance of debt without previous approval of the shareholders’ meeting. Ten companies requested authorisation to delegate to the board of directors the issuance of share capital, with the possibility of excluding pre-emptive rights. Eighty per cent of the companies requested authorisation for five years to increase up to 50 per cent of the capital, limiting the right to exclusion up to 20 per cent. However, some companies limited the authorisation to three years.

99.37

90.6

■ Viscofan

related to issued 6 Items share capital and debt

99.73

Autumn 2018 | Ethical Boardroom 71

Technology | Digitalisation

Preparing for new tech Digital transformation is one of the most important priorities for boards today – with good reason. In this era of continual technological disruption, boards are constantly confronted with new inventions, new competitors, new business models and new expectations from customers. In such a context, it is understandable that boards want to explore the possibilities associated with powerful emerging technologies such as artificial intelligence (AI), robotic process automation (RPA) and virtual reality. In fact, almost half (46 per cent) of the global executives who responded to EY’s 18th Global Capital Confidence Barometer1 said that they were already using AI and RPA. Transformation is important, but boards also have a host of other priorities competing for their attention in what is an increasingly volatile economic, political and social environment. So how can they achieve sufficient competency in digitalisation to seize the opportunities associated with digital transformation while managing the risks and asking the right questions of management at board meetings? In 2017–18, EY in cooperation with Brainloop, Philipps University of Marburg and the Center for Corporate Governance at HHL Leipzig Graduate School of Management surveyed board members and executives from around 2,800 organisations across seven countries in Europe to find out. Below is a summary of some of the most important findings from the study, entitled Insights on how boards approach digitalisation.

Principal research findings

Boards are on a quest for innovation Our research found that the most pressing topics on the board’s digitalisation agenda, from an operational perspective, are the development of new products and innovations (58 per cent) and securing access to digital skills (53 per cent). Organisations understand that that they need to keep innovating if they are to retain and grow market share and stay ahead of the agile new competitors that are challenging their hegemony. Digital specialists on the board play a key role here by supporting the development of new products and services, enabling fi rms to face the disruptiveness of established business models successfully. As

72 Ethical Boardroom | Autumn 2018

What does digital transformation mean for boardrooms? Daniela Mattheus

EMEIA Center for Board Matters & Corporate Governance Board Services Leader at EY a result, boards see the existence of a skilled and competitive labour market as crucial to effecting a successful digital transformation. Overall, two-thirds (67 per cent) of organisations believe that creating their own solutions and investing in research and development are the most promising corporate strategies for extending their digital know-how. Almost the same number (63 per cent) are attracted to the idea of outsourcing innovation to external service providers, although digital skills are considered a key asset for companies. A minority believes that undertaking joint ventures (40 per cent) or acquisitions (23 per cent) could at least be partially relevant to addressing the digital transformation challenge. oversee how cyber risks 2 Boards and data protection are managed

The World Economic Forum rates a large-scale breach of cybersecurity as one of the most serious risks facing the world today.2 It is clear from our research that boards appreciate the significance of the threats posed by cyber risks and data leaks, since the majority (55 per cent) are already frequently handling these kinds of risks. The pressure on boards to manage cyber risks effectively will only increase further as the pace of digital transformation intensifies and more legislation on cyber and data protection-related issues is passed. For example, the European General Data

Every board should have an executive director who takes personal responsibility for digitalisation. If the director delegates that responsibility to someone else, he or she exposes the organisation to significant strategic risks

Protection Regulation, which came into effect on 25 May 2018, will force boards to pay closer attention to the procedures and technologies that their organisations are using to collect, store and process data. need to close their 3 Boards digital knowledge gap

Significantly, given the business-critical nature of digital transformation, our research highlighted that there is a notable gap between the importance of digitalisation on the board agenda and the chair’s skills in this area. The chair’s level of experience of digitalisation was ranked 15 per cent lower than the importance of digitalisation on the board agenda overall. The chair’s digital expertise is not the only knowledge gap that boards need to breach. Just 24 per cent of boards have a non-executive director specifically dedicated to digitalisation, while at least 38 per cent have an executive director who specialises in the area. Notably, when digitalisation is assigned to C-level executives, it’s mostly (56 per cent) within the responsibility of the CEO.

PERCENTAGE OF FIRMS WITH DIRECTORS SPECIFICALLY DEDICATED TO DIGITALISATION 24% Nonexecutive directors

38%

Executive directors

Meanwhile, only 10 per cent of boards have set up their own committees specifically dedicated to digitalisation. The majority still choose to address selected aspects of digitalisation within other committees. For example, the audit committee might discuss cyber risk, while strategic threats and opportunities related to digitalisation tend to be discussed in the plenary board meetings. A separate survey undertaken by EY revealed that 58 per cent of CFOs and financial controllers believe that audit committee members need to build their understanding of the role of analytics in risk management.3

Recommendations

The research highlights some key actions that boards can take if they want to play a more prominent role in driving and supporting the digital transformations of their organisations:

www.ethicalboardroom.com

Digitalisation | Technology

Draw on digitalisation skills to ask the right questions Non-executive directors should act as sparring partners to the executive management team. To do this effectively, they need to be able to question management on digitalisation, which clearly requires them to have relevant skills.

Appoint a C-level executive to execute digital strategy Every board should have an executive director who takes personal responsibility for digitalisation. If the director delegates that responsibility to someone else, he or she exposes the organisation to significant strategic risks. These include being overtaken by a competitor that has an executive director who is leading on digitalisation from the front. the composition of the board 3 Review Organisations are navigating a host

of digital-related issues, from identifying new markets and developing new products, through to managing cyber risks and security issues, and responding to the evolving regulatory environment. As such, the board should ask itself whether its composition is still fit for purpose. If not,

www.ethicalboardroom.com

Questions for boards to consider: how can it be improved? Should it appoint a non-executive director who is specifically dedicated to digitalisation, for example? optimum use of technology 4 Make in board meetings and beyond

While technology is already widely used to facilitate the board’s communication and information processes, there is scope to apply it more widely – for example, by making use of electronic voting and video conferencing. digitalisation 5 Approach as a holistic issue

Differences between organisations and sectors mean that there can be no one-size-fits-all approach to digitalisation. So boards should take a holistic and integrated approach instead. Th is could include reviewing the structure of the board and making changes to the competency profi le of its members, as well as challenging management to make the necessary investments that will support the organisation to thrive in the digital age.

■ What does digital transformation mean for the organisation and how will the board direct the organisation to exploit the opportunities and manage the challenges that may result? ■ Which new technologies are emerging and how will these impact both the organisation and its competitors? ■ Does the composition of the board include individuals with expertise in digitalisation? If not, how is it planning to recruit new members who do have these skills? ■ Is a C-level executive taking personal responsibility for digitalisation from a strategic perspective? If not, should the board consider appointing a leader? ■ Does the board need to set up a committee that is specifically dedicated to digitalisation?

“Global M&A appetite remains healthy despite geopolitical uncertainty,” EY press release, http://www. ey.com/gl/en/newsroom/news-releases/news-ey-globalm-and-a-appetite-remains-healthy-despite-geopoliticaluncertainty, 16 April 2018. 2“The Global Risks Report 2018”, World Economic Forum website, http://www3. weforum.org/docs/WEF_GRR18_Report.pdf, January 2018. 3“Can innovative corporate reporting build trust in a volatile world?” EY press release, https://www.ey.com/ gl/en/services/assurance/ey-can-innovative-corporatereporting-build-trust-in-a-volatile-world, 16 April 2018. 1

Autumn 2018 | Ethical Boardroom 73

Technology | Corporate Governance

Governance for the

MODERN ERA Strong corporate governance is the hallmark of responsible corporate citizenship and lies at the heart of successful, ethically responsible and sustainable business. Setting and maintaining a culture of sound governance is among the primary responsibilities of the company board.

Essential to effective corporate governance is ensuring that the right information is raised to the right leaders, board members and shareholders so that the right questions can be asked, appropriate challenges addressed, and the organisation steered in the best possible direction for success. Of course, that’s easy to say, but in today’s complex business environment, it’s increasingly difficult to do. It’s the reason why organisations seek to appoint the best board directors to govern their businesses – the ones with extensive experience, a track record of success and a visible commitment to the future success of the organisation. But those directors can only be as good as the information and systems with which they are working. Today’s business environment calls for an approach that wraps around and unifies governance activities; one that empowers boards with the systems and knowledge they need to direct complex, multifaceted organisations. At Diligent, we call this ‘enterprise governance management’ and we define it as the application of technical tools and resources to support the full range of governance needs. The aim of enterprise governance management is to empower boards and company secretaries to carry out their duties in a way that best fits the pressures, technologies and time frames in which modern businesses operate. To see why the time is right for this approach, let’s take a look at how corporate governance has evolved and the central role it plays in businesses today.

Lessons from history: scandals spark scrutiny

Perhaps surprisingly, the concept of corporate governance is relatively recent. 74 Ethical Boardroom | Autumn 2018

Best practices for enterprise governance management and evaluating performance Anderson Dy, PhD

Vice President of Sales for Northern/Eastern Europe and Africa, Diligent Corporation It wasn’t until the mid-19th century that British legislation on joint stock incorporation and limited liability granted companies autonomous legal personhood and created the entity of a corporation as we know it today.1 However, academics suggest that the term ‘corporate governance’ didn’t really surface until 1981 and was slow to gain traction. Although the genesis of the UK’s corporate governance code arose from the Cadbury Report into high-profi le corporate governance failures in 1992, it was the increasing deregulation of businesses in the early 21st century that sparked a spike in public interest around the regulation and control of corporate activities. That’s when we saw the fi rst hints of corporate governance as we know it today and the real era of publicly scrutinised corporate governance began. It often feels as though the development of corporate governance is shaped by scandal. The collapse of Enron, the fall of Northern Rock, the banking crisis and, most recently, the disintegration of the construction company Carillion, have kept the topic of corporate integrity and governance in the forefront of public and political awareness. And with good reason. It need hardly be reiterated that corporations have the potential to wield enormous power – and the larger they are, the more inﬂuence they have. Employees depend on them for their livelihood and customers trust them

with critical personal and financial information. Their commercial decisions can have profound effects on society, the environment and the economy. It is essential that entities with such wide-ranging scope and impact are governed with integrity, transparency and – in order to deliver the best value for shareholders – efficiency.

Codes and compliance: avoiding a box-ticking approach to governance

As the business environment has evolved, we’ve seen national governance codes evolve alongside them, with the aim of ensuring best practice and preventing repeats of the failures of the past. The UK’s Corporate Governance Code, overseen by the Financial Reporting Council (FRC), has now been in place for a quarter of a century and is recognised as a world-leading example of best practice.

MEETING THE DEMANDS OF THE BOARDROOM Good governance should be viewed holistically to lead an organisation forward www.ethicalboardroom.com

Corporate Governance | Technology Over recent years, however, the FRC has sensed that organisations have come to view governance as a box-ticking exercise based on compliance with provisions, rather than as a principles-driven approach that should be continuously applied to the organisation. Correcting that issue is the purpose behind the latest revisions to the code, which come into effect on 1 January 2019. The new code is ‘shorter and sharper’ and is based on demonstrating evidence of the application of its principles, rather than purely compliance with its provisions. The FRC believes this shift will refocus organisations on the ultimate purpose and objectives of governance, rather than simply ‘ticking boxes’ through rote compliance with rules. This new ethos is designed to encourage businesses to engage proactively and in-depth with the code, questioning which approaches are right for their organisation and providing robust and considered explanations where it has been determined that the business will deviate from the code’s principles. Beyond the shift in ethos, there are other key areas that will change the way that boards approach their duties, and I believe that these will also have implications for how enterprises manage governance. The new code places strong emphasis on workforce engagement, as well as ensuring that the board understands the views of

www.ethicalboardroom.com

shareholders and wider stakeholders. Linked with this is a focus on the role of the board in setting the right organisational culture and establishing appropriate channels to assess how well it is embedded within the organisation. It also prioritises ensuring that policies around remuneration for senior executives and the general workforce are aligned. There are new provisions around board tenure, effectiveness, succession planning and evaluations.

More data, more analysis, less time

The effect of the revised UK Corporate Governance Code will undoubtedly be to increase the board’s requirements for company-wide data, reports and analysis. This will allow directors to gain greater exposure to the views of the workforce, shareholders and wider stakeholders. Added to this, the sheer volume of data generated by organisations today and the speed at which businesses are required to respond to changing market conditions means that boards need to be entirely confident that they have the latest, most accurate information for board and committee meetings. The level of scrutiny of public companies is arguably at an all-time high, and responsibility for their reputations, revenues and results lies at the door of the boardroom. In short, it has never been more important that the right

information gets to the right leaders in a timely way and in a format that enables them to make the best, most fully informed decisions.

A growing challenge for the company secretary

The responsibility for making sure that this happens falls squarely on the shoulders of the company secretary and his/her team – and it’s a team that’s under pressure. The increasingly complex regulatory environment and the growing profile of the company secretary role mean that providing comprehensive board support is becoming a bigger challenge. Company secretaries are aware of the need to address this issue. Forty-eight per cent of respondents to a recent survey of company secretaries by executive search consultancy Leathwaites indicated that the quality of board information needed to improve.2 Linked to this, 32 per cent of respondents rated digitisation and automation as challenges that must be addressed. When asked which areas most needed improvement to meet the demands of the role, 57 per cent said that better use of technology and data was essential, while 43 per cent felt they needed to enhance efficiency. Clearly, improving the processes and systems of governance is a priority among company secretaries and they feel that better use of technology is the way to do it. On that principle, there are several themes that they can explore to implement best practice enterprise governance management.

Autumn 2018 | Ethical Boardroom 75

Technology | Corporate Governance

Cracking the communication challenge

Effective and open communication between directors, the company secretary and the executive team is a cornerstone of successful board operations, yet achieving this positive ﬂow of ideas and knowledge-sharing can be easier said than done. A culture of regular, relevant communication must be set by the chair and supported by the company secretary, encouraging directors to ask questions, share insight and spark debate. The new principles of the Corporate Governance Code are likely to provoke greater levels of debate about the approach a business should take to implementing them, and it’s reasonable to believe that not all these conversations will happen within meetings. Of course, the confidential nature of board communications means that it is prudent for director interactions to be subject to the appropriate levels of security. This is particularly relevant to non-executive

from the humble spreadsheet to industry-specific, tailor-made software. Each generates a wealth of data and reports on their regulatory environment. The challenge is bringing together all of the distributed information and making sense of it at the board level. In a complex, data-intensive landscape, it’s impossible to have a holistic view of governance, risk and compliance without seeking support from technology and automation and, fortunately, there are some excellent solutions out there that can deliver the insight required. We strongly recommend that organisations investigate the potential of governance, risk and compliance software that enables companies to integrate compliance data from all of the relevant business units into a single framework and management interface. This avoids data becoming trapped in silos, with the associated risk of duplicated effort and wasted resources. Once governance, risk and compliance can be viewed on a holistic level, it is easier to

with the coming emphasis on greater engagement with stakeholders, shareholders and employees, the amount of information directors are expected to absorb prior to board meetings is only likely to increase. By digitising board packs and making them securely accessible online, directors can access them anytime, anywhere. This approach has the added bonus that information can always be updated as new intelligence arrives, meaning that directors always have the latest data in board meetings. Plus, for the pressured secretariat team, the days (and days) spent photocopying and collating confidential documents before consigning them to couriers become a thing of the past. As organisations commit to the new principles and ethos of the UK Corporate Governance Code, this is also an excellent opportunity to examine the tools and technologies that they have in place to support the processes of governance. Strong enterprise governance management that includes technical tools and resources to

INTEGRATING COMPLEX DATA It is essential to adopt technology that aids company decision-making

directors, who may be using personal email accounts or those of their employer company to receive sensitive information. Greater security is afforded if directors are furnished with secure communications channels. This eliminates the risk of confidential information being intercepted and provides directors with a trusted and convenient platform on which to share information and ideas.

Tackling the issue of organisational visibility

To deliver better board information, it’s essential that directors have clear visibility across entities, territories and business units. As organisations grow larger and more complex, keeping track of the different entities, local legislation and compliance issues naturally becomes more difficult. Most companies use point solutions to manage risk and compliance in different departments. These range in sophistication 76 Ethical Boardroom | Autumn 2018

When the board has comprehensive visibility of what today’s picture looks like, it is far better positioned to help senior management visualise goals for tomorrow

measure and set targets for improvement. When the board has comprehensive visibility of what today’s picture looks like, it is far better positioned to help senior management visualise goals for tomorrow.

Making the most of directors’ time and talents

When you have a strong board composed of talented individuals, you want to make the most of their skills and get them working together for the benefit of the organisation. Given that many directors sit on multiple boards and have other high-level commitments, it’s important that they can be efficient in discharging their duties. The age-old tradition of the board pack is a key area where companies can bring technology to bear to save time and make life easier for both directors and the hard-pressed staff in the secretariat. Board packs never seem to get any smaller – and

improve communication, visibility and accessibility will alleviate some of the pressure on the company secretariat, enabling it to provide the high-quality board information that competent decision-making requires. Th is will support corporate governance at the highest level and help boards to deliver success and sustainability as responsible corporate citizens. http://eprints.lse.ac.uk/21895/1/Post-traditional_ corporate_governance.pdf 2https://www.leathwaite.com/ wp-content/uploads/Company-Secretary-Global-SurveyResults-Paper-2018.pdf

www.ethicalboardroom.com

The Board Portal of Choice

Simple. Flexible. Competitive. Improving governance by enabling board members to access documents and board packs online and offline from any device.

perivantechnology.co.uk hello@perivantechnology.co.uk twitter.com/perivanVBR + 44 (0) 20 7562 2200

Technology | Electronic Discovery

Things your outsourced eDiscovery provider should be telling you

Jon Chan

Director of Technical Services, Anexsys

Finding the right electronic discovery provider can lead to transparent and sustainable relationships If your organisation sometimes still finds itself in future shock at the explosion of data volumes, you are not alone. Data has taken on new importance in markets around the globe as a force for transparency, growth and change. It is a potent tool for acquiring business intelligence and steering a safe course, but growing demands for more access and analysis will only bring more worries about storage, management and safety. We can examine these worries in any data analysis discipline, but they are paramount when we look at electronic discovery, an increasingly important facet of corporate and legal business in the UK and abroad. Electronic discovery (eDiscovery or eDisclosure) is the process by which sensitive electronic information is procured, secured and analysed for use in civil and criminal proceedings. It’s an industry that touches governments and corporations alike, all around the world, and though a UK practitioner might follow different rules than counterparts in North America or Asia, the only way to win the day is to have the best team possible organising and acting on data. 78 Ethical Boardroom | Autumn 2018

Growing markets mean more choice in deciding how to conduct eDiscovery operations. Some organisations have the inclination or resources to bring an eDiscovery operation in-house, but those who do not are not out of the game, thanks to a thriving industry of dedicated, outsourced eDiscovery and legal technology service providers. These service providers exist to help you carry the technology expertise and infrastructure loads. Finding the right provider can lead to an incredibly productive relationship. When business is good, it is good together and when challenges arise you will meet those together as well. Service providers are agile and things often move at a breakneck pace. The consultants drawn to this work tend to seek challenges, ask questions and advocate loudly for their skills. Here are some of the most important things to listen for the next time your organisation considers a partner.

We know the technology end to end, inside and out

When you seek an outside fi rm to manage eDiscovery or other technical service, step one is fi nding experts who best understand leading technology in the industry and just what it is capable of. Service providers might advocate for different tools, but if they present a comprehensive, technical account of what they have achieved with their preferred platform you can be sure they are working to build a foundation on good faith and real results. Every industry has unique technology challenges, and this one more than most. Conducting eDiscovery is neither about having deep knowledge of an insular area of law, nor about holding ‘ninja status’ in any one aspect of technology but rather it’s about having an understanding of the breadth of the process from end to end. The savvy practitioner must respond to strange www.ethicalboardroom.com

Electronic Discovery | Technology only bring fresh technology ideas, but to apply their process-thinking and push back, always with love, on ‘the way it has always been done’. There are always new ways to leverage data analytics for early case assessment or apply machine learning techniques to review, and your outside provider understands better than anyone how the solutions used will impact and elevate each other as the process continues. Of course, sometimes outside providers cannot solve a problem with the snap of a finger. There are cases, rare though they may be, where the software just cannot do what needs to be done. There are also cases where software solves the problem, but the task is repetitive and still requires much human intervention, and therefore risk. The most technology-forward providers understand this and will come to you recommending an open platform – Anexsys might suggest Relativity, for example – which allows them to build new applications to meet your unique needs. There is a roaring trade of ideas in the eDiscovery ecosystem and service providers have been invaluable to software developers in extending functionality of their offerings. The fi rm you choose should be excited to build and enthusiastic about how the work they do with you might one day advance the entire industry.

We manage the services, you run the business UNDERSTANDING TECHNOLOGY Find an expert that knows your industry and what services you will need

collections from sources both legacy and modern, where tomorrow’s challenges are complicated by yesterday’s applications and storage devices. Once collected, they must process an ever-growing range of fi le types and handle demanding lawyers and deadlines in review. One of the reasons technology-fi rst service providers succeed so well in this is that the eDiscovery workflow reflects the very same process- or systems-oriented thinking that underpins technology innovation, or simply taking a project from code to completion. Your relationship with a provider can be as transactional or familial as you like, but there will always be some distance between organisations. As it turns out, that is not a bad thing. By bringing outside technology providers into the fold, your organisation gains a bird’s eye view of the organisation and opportunities it might not see for itself. Th is puts them in an ideal position to not www.ethicalboardroom.com

Business success is a game of resource management. Will we be able to achieve these three goals in the next fiscal year? Should we expand our team or invest more in the people we have? How should we calculate returns on investments for special projects? That’s enough to worry about for any leadership team without controlling a complex, state-of-the-art infrastructure for eDiscovery or other specialised, technology-based projects. The greatest peace of mind a provider can give you is taking those day-to-day responsibilities out of your hands and keeping them ticking like a clock. Managing eDiscovery services requires much more than simply contracting reviewers when a case arises. The service provider gives you capabilities from the ground up to help run your infrastructure and provides licences and full support at any required level. They fi ne-tune an environment of services that depend upon and complement the things your in-house teams do best. They offer subscription-based services to assist you with your costs and allow access to data-processing and project management services when required. If you don’t have all that in-house, it is a lot to build. You’ll need a network architect, a

storage engineer, security consultants and database administrators, all of whom operate comfortably (hint: they don’t) with you not being able to predict tomorrow’s infrastructure requirements. Your provider’s entire business is to have all of that built, tested and optimised. It might be outsourced, but it is still a big job. Providers always have their hands full (and wouldn’t have it another way), but just as your team stays intently focussed on growing your business, the provider team will stay focussed on supporting that growth with their expertise.

We can take you to the Cloud and here’s why we you should go Since your ideal technology fi rm spends its days dreaming of the most innovative tools and streamlined deployments, you should expect that they will be fierce Cloud computing advocates. Cloud eDiscovery is still in its adolescence and providers will not force you to make a switch as a prerequisite of doing business, but your technical consultants cannot help but look eagerly ahead, into the entirely new era of information technology.

Conducting eDiscovery is neither about having deep knowledge of an insular area of law, nor about holding ‘ninja status’ in any one aspect of technology, but rather having an understanding of the breadth of the process from end to end Outside service providers work with a wide variety of clients. They understand that every industry moves at its own pace and for many larger corporations, law firms or government departments moving to the cloud is a paradigm shift. They would be negligent, however, if they did not build a serious business case and roadmap for a Cloud transformation, based on close attention to the joint successes of your partnership. After all, it’s happening. As it stands in 2018, 86 per cent of large companies globally and 53 per cent of European businesses, including in the UK, had adopted some amount of Cloud services. Furthermore, 60 per cent globally are deploying, or preparing to deploy, their most critical business systems in the Cloud. The European Cloud market has grown this year – despite what we’ve heard about complications from Brexit or the General Data Protection Regulation (GDPR) – thanks in part to expansions of Amazon Web Services, Google and Microsoft into the market. Autumn 2018 | Ethical Boardroom 79

Technology | Electronic Discovery The legal industry has traditionally been BUILDING NEW slow to adopt new technology, but the service TECHNOLOGIES providers are not. While there is grappling Good eDiscovery partners will be agile to be done with how a Cloud-based model of and prepared to bring business can be most effective for clients, the in new solutions providers are working hard to understand the technical requirements of the Cloud and they pay keen attention to new developments in that market. Deploying services in the Cloud might eventually be a great advantage since the unpredictable nature of eDiscovery projects is an ideal candidate for an elastic Cloud workload. Your organisation might well be ready for embracing the Cloud, or it might need more time to evaluate the opportunity and the market. There are many who can help, but just as the transition from physical to virtual wasn’t a case of simply putting an application designed for The choice a physical infrastructure into a virtual environment, to conduct moving to the Cloud requires eDiscovery infrastructure teams to think to keep the doors locked in-house or differently, and the provider and the wolves at bay. Threats who has already embraced do exist – even as your with an outside this might help you avoid the provider innovates clever provider is one new eDiscovery apps, the bad mistakes that they’ve previously made along the way. actors are innovating new of the most ways to get in. Compliance important We live and is the start, making security breathe security the core is the heart and ones you Partnering with any outside keeping your eyes open is can make firm requires incredible due the way to make it work. diligence and a certain measure Should you find a provider that of trust. Nowhere is that more apparent will excel at keeping your data safe, but has than the realm of security. After all, the studying to do on eDiscovery, consider giving safety of your data is core to the health them the time to do so. You can’t organise of your business. The words ‘data breach’ and act on your data if the wolves have send chills down the spine of leaders and already made off with it. UK service providers engineers alike. and technology consultants have proven to Your service provider, if they know their be fast students of issues relating to data stuff, has spent many long days and sleepless security and privacy; when the GDPR arrived nights considering security, evaluating the earlier this year providers had already been worst that could happen if their systems aligning with it in the previous two years to were breached. Data analysis and technology ensure their responses would be rigorous and innovation might be things they do, but, appropriate for the new privacy landscape. for the best firms, security is what they Where is your business going and are: a vault holding your most precious and how can we help get you there? fragile resource that only you have the right You decided to find an outside service or ability to access and act on. provider for eDiscovery, taken meetings, Seek out the provider or consultant that read proposals and heard every one of the wears its certifications proudly. It’s very themes above. After all that, which provider likely that your own internal teams will is the one that will help you grow your hold or strive for the same ones, but if you business? That’s a simple thing to discover: are unsure of what is meant by ISO27001, it’s the one who asks you what’s next. Tier 3 datacentres, or Cyber Essentials Plus, Good providers want to build new your provider should leap at the opportunity technology, help you transition to the Cloud to explain them with evangelical zeal. and find new ways to streamline eDiscovery Certifications can tell you a lot, but and other services. Great providers hit they’re the baseline, the minimum. True the ground running with all of that and cybersecurity preparedness begins when are ready to start looking for answers to security is put at the core of everything questions they haven’t been asked. a provider does. Providers need to focus Beware the provider who is incurious heavily on choosing safe platforms, about your vision. To maximise the benefits implementing the digital and physical of your partnership, they should be great practices and hiring the smartest people 80 Ethical Boardroom | Autumn 2018

supporters of your work. When a provider fails to ask about a roadmap, they are not looking at your partnership as an opportunity for mutual growth, but one where each query is simply another transaction under contract. Likewise, if your organisation hesitates in bringing big ideas to the table or throwing complex problems their way, a huge part of the value of working with an agile firm can be lost. Any change comes with a learning curve. The big ideas might not be achievable in the near term, but when you light the fire in a technology-forward provider or consultant, it is hardwired in them to hold on and work the problem until it is done. The great partner will always want to hear from you what skills should be honed. Not only will they work tirelessly to meet your needs, but you commonly find that you have worked together to pioneer something that impacts the entire industry. There will always be traditions and norms in your organisation and for many, change can be slow and difficult. But for outside technology providers, agility, innovation and rapid response to change are the orders of every day. They can assess your organisation from above with their bird’s eye view, but they can also search its future, if you point them in the right direction. The choice to conduct eDiscovery in-house or with an outside provider is one of the most important ones you can make. It must be said that every organisation will find pros and cons to either structure, but should it be time to investigate outsourced solutions, the conversations above will guide the way. Sources: https://blogs.wsj.com/cio/2018/07/13/corporate-itspending-plans-dip-but-remain-strong/?mod=djemCIO_h https://go.forrester.com/blogs/predictions-2018-enterprisecloud-computing-accelerates-transformation-everywhere/ https://go.forrester.com/blogs/public-cloud-europe-brexit/

www.ethicalboardroom.com

relativityone.com

Your Complete Platform for e-Disclosure

RelativityOneâ&#x20AC;&#x2122;s secure cloud platform can help you rethink the cumbersome task of e-disclosure, giving you flexible tools to tackle your unique challenges through every phase of a project. Want to learn more about RelativityOne? +44 (0) 203 651 5879 | sales@relativity.com

Risk Management | Cyber Risk

Raising cyber risk to the enterprise level Cyberattacks are strategic business threats that can impact the ﬁnancial, reputational and operational viability of an organisation Board members and C-suite executives, although not typically experts in technology, must take ownership of cyber risk, working in concert with critical organisational stakeholders, such as ﬁnance, legal, human resources, risk and information technology/security managers.

Th is article offers guidance to help top executives and directors understand the escalating nature of cyber risk, their role in overseeing it at the enterprise level, and key questions that pertain to effective cyber risk management.

Elisabeth Case

MD and Head of Client Advisory, Marsh US Cyber Practice

A fast-evolving cyber risk landscape

Cyber threats today have evolved beyond data breach to highly sophisticated schemes designed to disrupt businesses and supply chains, costing organisations billions of dollars. Last year’s WannaCry and NotPetya malware attacks were the latest wake-up calls, especially for fi rms in industries not traditionally targeted by cyber hackers, such as manufacturing, logistics and transportation, among others.

The attacks paralysed global companies for days and infl icted significant economic damage. Supply chain and operational disruption from NotPetya alone caused more than $3billion in economic losses and revenue disruption, spotlighting the economic toll cyberattacks can have on any industry and the interconnectivity of cyber vulnerabilities worldwide (see Figure 1, below).1 Even as hackers become more inventive, changes in technology, geopolitics and regulation are increasing cyber exposures and creating new susceptibilities: the accelerating use of the Internet of Th ings, artificial intelligence and machine learning in business operations; the rise of

FIG 1: MAJOR CYBERATTACKS, 2013-2018 Impact: Financial losses and expenses (estimated)

Data breach Financial Services

Media

● 76M customer accounts ● 7M small business accounts

● 1.5B customer accounts ● 350M M&A revaluation ● Impact: $115M, 2 events

Retailer

● 110M customers accounts ● Impact: $250M

Retailer

● 56M card numbers ● Impact: $260M

2013 Manufacturing

2015

● Power distribution control seized, backup disabled ● Impact: National blackout

Source: Marsh Analysis

82 Ethical Boardroom | Autumn 2018

Credit Reporting

● Terabytes of data stolen, erased, released ● Impact: $40M

Electric Grid

Business interruption

● 80M customer records ● Impact: $375M

Media

2014

● Prevented furnace shutdown ● Impact: Massive damage to system

Healthcare

● 145M consumers ● Impact: $439M

2016 Ransomware: 150 countries, 300,000 computers

2017

● Customer domain service/access stopped ● Impact: >7% customers lost

● Erased and reloaded 60 computers ● 11 days to restore

2018 Petrochemicals

● Locked manufacturing, payment, ordering, medical machines and systems ● Impact: $500M

Technology

US Municipality

● Destroyed hard drives, erased data ● Attempted sabotage explosion

Wiper Malware: Global Firms — Transport, Logistics, Manufacturing, Pharma, Telecom, Consumer, Materials

● Disabled production, shipping, invoicing, operations, customer service systems ● Impact: $2.5B-$3B

www.ethicalboardroom.com

Cyber Risk | Risk Management

FIG 2: MOST ORGANISATIONS NOW RANK CYBERSECURITY AMONG THEIR HIGHEST RISK MANAGEMENT PRIORITIES Among my organisation’s risk management priorities, cyber risk is: 5%

29%

Regarding cyber risk, for each of the following, please indicate your confidence in your organisation’s ability ■ Highly ■ Fairly ■ Not at all confident confident confident

■ A top five risk ■ The top risk ■ A risk, but not in the top five ■ Low priority ■ Don’t know

FIG 3: EXECUTIVES ARE MORE CONFIDENT OF ORGANISATIONS’ ABILITY TO UNDERSTAND AND ASSESS CYBER RISK THAN OF MITIGATING OR RESPONDING TO IT

Identify and assess cyber risk 56%

Source: Marsh Microsoft Global Cyber Risk Perception Survey, 2018

nation-state sponsored cyberattacks; and the rise of more stringent privacy regulation all have implications for directors and C-suite officers in terms of enterprise protection and stewardship. Particularly on the regulatory front, requirements for stronger cyber security, breach notification and data stewardship are being adopted in numerous jurisdictions around the world. The EU’s General Data Protection Regulation (GDPR), enacted in May, contains wide-reaching provisions that are revolutionising the global data protection landscape, obliging subject companies to review and enhance their privacy and data protection practices or face significant fines and penalties – as high as €20million or four per cent of global revenue, whichever is higher. China’s Cyber Security Law and Australia’s Privacy Amendment are other examples of recently enacted sovereign regulations around data security and protections. In the US, the

28% Mitigate and prevent 19% Respond and recover 19%

60% 9% 66%

11%

61%

14%

Source: Marsh Microsoft Global Cyber Risk Perception Survey, 2018

Securities and Exchange Commission recently issued interpretive guidance for public company disclosure of cyber security risks and incidents. And in California, new data privacy legislation established ground-breaking privacy protections for consumers – the first instance of what may be a tide of new state-based consumer privacy legislation. In this environment, the cyber threat is well recognised: most organisations rank cyber risk among their highest risk management priorities, according to a recent Marsh Microsoft Global Cyber Risk Perception Survey (see Figure 2, above). However, the same survey reveals a disconnect between the magnitude of concern and the certitude that practices and resources being deployed to manage cyber risk are on target: only 19 per cent of corporate executives say they are highly confident in their company’s ability to prevent and respond successfully to a cyber event (see Figure 3, above). Another notable conclusion from the survey is that high quality information about

FIG 4: BOARD MEMBERS NEED MORE INFORMATION REGARDING CYBER RISK MANAGEMENT There is a disconnect between the information board members say they receive versus what others say they share with them

45%

of risk and technology executives said they send information on cyber investment initiatives to board members ...yet only...

18%

of directors said they receive such information

how an organisation is assessing and managing its cyber risk, which is necessary for effective cyber risk management, is generally lacking at the executive level. That gap exists both in the flow of information – the volume and distribution of data to the board level – as well as in the form that information takes – the language used to express and measure cyber risk exposure. Too often, data about a firm’s cyber risk and mitigation efforts is communicated across the organisation in technical terminology that can be challenging for non-technical experts. Instead, cyber risk measurement should be framed in economic terms – the lingua franca of business (see Figure 4, above).

A best practices approach: strategic, quantified and resilient Directors and officers have a duty to manage cyber risk as they do other material risks to the organisation, given its potential economic, operational and regulatory risk for the firm. Best practice for cyber risk management is a comprehensive strategy built upon the three core pillars of strategic governance, risk quantification and resilience planning.

GETTING A HANDLE ON CYBER RISK Board members need to take ownership of cybersecurity www.ethicalboardroom.com

Autumn 2018 | Ethical Boardroom 83

Risk Management | Cyber Risk As a strategic risk, cyberthreats should be managed at the enterprise level, not delegated to IT or other functional departments. Likewise, cyber risk should be measured and expressed quantitatively to provide an objective assessment of the value at risk and allow for measurement of the return on the firm’s cyber investment – and for comprehension by key stakeholders. And, because cyberattacks are an unfortunate but inevitable occurrence for any organisation today that employs technology, response planning and resiliency preparation are critical to minimise business impact, mitigate damage and loss and strengthen organisational recovery.

Strategic, enterprise -level governance

Good corporate governance in the age of cyberattacks means that cyber risk belongs on the boardroom agenda on a regular, if not continual, basis. Cyber risk management falls firmly within directors’ and officers’ duty to oversee and protect the financial health of the firm. To bridge the knowledge or experience gaps that directors may face with cyber risk, many boards are recruiting professionals with technical cyber expertise as permanent members of the board or as advisors. Others are integrating cyber risk into the board’s risk committee, where it is addressed alongside other enterprise risks, such as compliance, legal, operational and reputational risk, and incorporated into the firm’s overall risk management framework (see Figure 5, right). Each organisation will adopt the governance model that best suits its business, risk profile and technology exposures, but all should embrace the fact that cyber risk merits board-level ownership and integration into the roster of critical issues addressed at the highest level of the organisation.

Cyber risk quantification

Too often, organisations assess their cyber risk exposure qualitatively, using ‘traffic light’ dashboards, general descriptors, or relative rankings. But qualitative cyber risk assessments don’t yield meaningful insight into the potential financial cost of cyber events or guidance for decisions about cyber risk investments. In the 2018 Marsh Microsoft Global Cyber Risk Survey, a third of respondents said they had no method for measuring or expressing cyber risk and only 11 per cent use economic quantification. This leaves considerable room for improvement – one that directors should press for. Equally important for directors, regulators in many jurisdictions are now requiring risk-based assessments that compel organisations to evaluate the financial size of cyber exposures as they do other enterprise threats (see Figure 6, right). Economic quantification enables cyber 84 Ethical Boardroom | Autumn 2018

risk to be measured, expressed and understood in the common language of business and boardrooms. It shifts boardroom conversation of cyber risk from a technical discussion of threat vectors and system vulnerabilities to a data-driven analysis focussed on optimising a firm’s cyber capital allocation and reducing its total cost of risk. A quantified measurement of cyber risk also helps inform decisionmaking around cyber risk investments – technical mitigation and risk transfer – and allows for evaluation of the risk reduction return on investment. With hard numbers in hand, corporate leaders can consider how much to invest in cybersecurity, how much risk to transfer via insurance and how much risk the firm is willing to retain. Cyber insurance and cybersecurity are complementary, covering two different sides of the risk curve: whereas technical mitigation (cybersecurity) is useful to prevent and reduce the frequency of cyberattacks, risk transfer (cyber insurance) serves to both lessen the severity of cyber losses and bolster recovery and organisational resilience. And, just as cyber risk should not be wholly delegated to the IT department, decisions about cyber insurance purchasing should be coupled with cybersecurity investment decisions, within the firm’s overall risk management considerations. While directors may not need or want to master every detail of their firm’s insurance policies, board members should feel comfortable with the company’s overall programme coverages and limits as they apply to its unique cyber risk profile. Cyber insurance continues to evolve, both in terms of risk coverage and market capacity, and most organisations, regardless of industry, will be able to obtain comprehensive coverage that dovetails with their other policies as well as policy wording that is adapted to the firm’s specific cyber and technology risks. Most cyber insurers now offer both first- and third-party coverage that protect a firm from a broad array of cyber exposures. Third-party coverage protects a firm from liabilities that arise to third parties from the organisation’s use of technology or the third-party data it collects, maintains and uses. First-party cyber coverage has evolved rapidly in response to market demand to now commonly include business interruption, contingent business interruption and extra expense coverage, as well as the more traditional breach response costs such as notification or cyber extortion (see Figure 7, right). Cyber insurance offers two important ancillary benefits that should also be of interest to corporate directors. One, it opens the door to a full view of the potential economic cost of a cyber event. The process of applying for cyber insurance requires companies to identify assets at risk, threats

FIGURE 5: LARGE CYBERATTACKS ARE RISK OF MOST CONCERN TO BUSINESS LEADERS The risk community ranked cyber as the risk most likely to intensify in 20181

$1.5-4 TN $8 TN Economic losses from cyberattacks in 2017

Economic cost of cyber crime to business over the next five years

Source: 1Global Risk Report 2018, World Economic Forum Executive Opinion Survey, with Marsh & McLennan Companies

and vulnerabilities, evaluate cybersecurity controls, and apply modelling tools to calculate potential costs of cyber events. Second, once a policy is in place, the insured gains a partner in its insurer, who can provide access to experts to help with event recovery – forensic accountants, consumer notification services, public relations firms and legal counsel – all critical assets in a firm’s cyber event response strategy.

Resilience & recovery planning

Cyberattacks today are ‘when,’ not ‘if’, events. Cyber risk cannot be fully eliminated by technology or entirely transferred off the balance sheet – a critical point for directors to recognise in their overall discussions of risk management and the firm’s level of risk acceptance. Given that, every organisation should invest in preparation and planning to build the resilience necessary to recover and rebound quickly from a cyber event. The quality and speed of a firm’s response can be the most important indicator of success in recovering from a cyberattack. Preparation and response planning should involve a number of key organisational stakeholders, including directors and C-suite officers, all of whom have roles to play in cyber event response. The steps involved in preparing to manage and respond to cyberattacks are similar to those used in other crisis or business continuity planning: education, awareness, training, testing, evaluation and performance improvement. From a director’s perspective, this may mean staying abreast of major developments in cyber risk, especially as they pertain to firms in the same industry. This can take the form of executive briefings and seminars which not only provide an overview of current cyber threats, but also help directors understand their responsibilities in helping the firm prepare for, mitigate and respond to a cyber event. It can also mean engaging in table top scenarios, crisis management drills and incident response rehearsals. As with all crisis management preparation, an important part of cyber incident response planning is the assignment and documentation of roles www.ethicalboardroom.com

Cyber Risk | Risk Management and responsibilities. In the event of a cyberattack, leaders will need to understand the organisation’s obligations to key stakeholders, such as regulators, shareholders and consumers, have confidence that all actors understand and embrace their roles in the response plan, and be sure that the company has ready access to the resources and outside expertise that it will need to respond and recover effectively.

directors get their heads and hands around cyber risk. Sometimes, however, the most valuable guidance is not providing hard and fast answers, but counsel as to the right questions to ask. Operating on that premise, we offer below a list of key questions that directors and C-suite officers can use to gain insight into cyber risk assessment and measurement, identify factors driving cyber risk investment decisions, and consider how best to oversee and guide the organisation’s cyber risk management efforts. Questions to help assess and analyse cyber risk: ■ Do we know the real cost of a cyber event on our firm? ■ What risks beyond data breach have we assessed? ■ Have we calculated the full value of assets – intangible as well as tangible – at risk? ■ Have we quantified our business interruption or supply chain disruption cyber risk? ■ What process is used internally to identify likely cyber events? ■ Which stakeholders are involved in cyber risk assessment and planning?

Helping directors ask the right questions

While every organisation should formulate its own plan for managing and responding to cyber risk, there are common factors and considerations that should help shape every firm’s cyber risk management strategy. Likewise, there are universal responsibilities and roles expected of directors in all types and sizes of company: board members should lend their support and sponsorship to the development of the cyber risk management strategy and hold stakeholders accountable for fulfilling their parts in its maintenance and execution. Numerous resources are available to help

FIG 6: MOST ORGANISATIONS THAT HAVE A MEANS TO EXPRESS THEIR CYBER RISK DO SO QUALITATIVELY How does your organisation measure or express its cyber risk exposure? We have no method to measure or express cyber risk 34% Quantitatively Economic quantification, based on estimated financial losses within a timeframe, such as value-at-risk modelling

100%

11% Numerical scores or rankings within a fixed framework

100%

9% Qualitatively Using categories, such as ‘high/medium/low’ or capability models, such as ‘maturity levels’ to benchmark against other organisations

Source: Marsh Microsoft Global Cyber Risk Perception Survey, 2018

100%

26% Descriptively, without using categories, numbers or rankings

100%

14% Implementation tiers within the NIST cybersecurity framework

100%

6% Don’t know

100%

18%

100%

INCREASING COMPLEXITY

FIG 7: INSURANCE OPTIONS AND COVERAGE CAN BE BASIC TO COMPLEX COVERAGE SPECTRUM

RISKS

Basic cyber policy

■ ■ ■ ■ ■ ■ ■

Event management Data privacy breaches Network security liability Privacy regulatory investigations Cyber extortion IT network business interruption Restoration of data and cyber assets

Tailored cyber policy

■ ■ ■ ■ ■

System failure business interruption OT system business interruption and security IOT and product security risk Network security regulatory investigations Dependent network interruption

Property & casualty, cyber excess DIC or cyber gap exclusion buyback

■ 1st party property damage ■ Bodily injury/3rd party property damage ■ Intellectual property risks

www.ethicalboardroom.com

Source: Marsh

■ What scenario modelling is used to assess potential impacts of cyberattacks? Questions to guide optimal investment decisions to secure and insure against cyber risk: ■ How are we optimising our cyber risk investment? ■ How robust is our insurance programme, considering the spectrum of potential cyber events (e.g. business interruption, intellectual property theft, revenue loss, privacy liability, reputational damage, or regulatory actions)? ■ How do we assess and monitor third-party/vendor cyber risk? ■ Do we understand our risk tolerance threshold? ■ Knowing that no cybersecurity measures will reduce our risk to zero, how do we strike the right balance between risk mitigation and risk transfer? ■ How do we measure risk reduction effectiveness of our cyber risk investment? Questions to ensure the firm is strengthening its cyber resilience: ■ How frequently do we test and update our cyber risk management plan? ■ What kind of cyber risk training and education does management engage in? ■ What programmes do we have to educate and train employees about cyber risk? ■ Have we identified external experts and resources to help us manage and respond to a cyberattack? Have we proactively engaged any of them before an event happens? ■ Are we planning for evolving regulations around data protection? Corporate directors must embrace their oversight responsibilities for cyber risk management as they would for every other critical risk the organisation faces and should call upon key stakeholders, resources and organisational assets as needed to help them fulfil those duties. Cyber threats are a fact of life for every organisation today, but they need not be viewed as exotic, insurmountable challenges. By asking probing questions, tapping specialised expertise and positioning cyber risk as an enterprise issue requiring broad organisational accountability, directors can play a critical role in managing cyber risk with confidence. This article is based in part on a webcast, ‘Cyber Risk: A Corporate Directors’ Briefing,’ co-presented by the Marsh & McLennan Companies and WomenCorporateDirectors. Special thanks to Catherine Allen, Director, Synovus Financial Corporation, El Paso Electric Company and Analytics Pros; and Chairman and CEO, TSFG; and Kevin Richards, Global Head, Cyber Risk Consulting, Marsh, for insights provided on the webcast. 1 https://www.jbs.cam.ac.uk/faculty-research/centres/risk/ publications/space-and-technology/cyber-risk-outlook-2018/

Autumn 2018 | Ethical Boardroom 85

Risk Management | Advertorial

THIRD-PARTY RELATIONSHIPS What you don’t know about your busness partners can hurt you

Identifying third-party risk Ethical Boardroom talks to KPMG on how companies must examine their business relationships in order to assess risk ETHICAL BOARDROOM: Third party risk is a hot topic right now. Can you explain why it is such an important issue? GREG MATTHEWS: The global business environment has resulted in the development of ecosystems where a number of parties interact to deliver goods and services. Organisations are continuing to use third parties at a greater rate and the manner in which services are delivered is increasingly complicated in light of digitisation, the Cloud and the global nature of businesses. Understanding how third parties deliver their services and support the organisation’s business is critical, especially given a number of high-profi le failures by third parties. To assess their third party’s ability to manage the organisation’s risks and reputation in line with their expectations, third-party risk 86 Ethical Boardroom | Autumn 2018

Greg Matthews

Partner in KPMG’s Financial Services Risk Consulting Practice management (TPRM) programmes are being established. These programmes assess the third party’s ability to adequately manage the risk in line with its policies and expectations both pre- and post-contract. This results in increased assessments and a corresponding head count increase. Coordinating across each risk discipline (e.g. privacy, information security and compliance function) to understand how the third party is going to manage certain aspects of the organisation’s risk, based on the service provided, creates bureaucracy and risks slowing down the business need. Balancing risk and performance is at the centre of the challenge.

EB: Boardrooms are taking notice and getting more involved in TPRM. How do they gain a better understanding of their third-party relationships and the associated risks? GM: Boards of organisations need to understand how the risks to their strategy and business are managed through the use of third parties. It is imperative that, at least on an annual basis, the board understands the TPRM programme through a report from the programme lead. It should be provided with information on; the programme design and operating effectiveness, performance of critical and high-risk rated services; volumes and risk profi le of the full third-party portfolio; and any significant operational loss events that have occurred. As a result, it should understand the company’s exposure to third parties failing to deliver. www.ethicalboardroom.com

Advertorial | Risk Management In addition, as each of the different risk officers present to the board during the course of the year, they should include a qualitative and quantitative aspect to their reporting for the board in terms of how their risk is managed by third parties and how they gain comfort with the third party’s ability to meet policy and expectations. The board should also approve significant or critical outsourcing arrangements, understanding the business drivers and the risk mitigation components of the arrangement. When there is a failure by a third party, the board should be informed, as appropriate and in accordance with the organisation’s escalation protocol, and understand the established contingency plan. EB: What steps can executives take to develop effective strategies that will transform TPRM programmes? GM: Over the past five years, global organisations have undertaken three broad phases of work to enhance their third-party risk management programmes. Phase one was a design assessment to set the tone from the top, clarify governance over the programme, make clear roles and responsibilities in accordance with the three lines of defence principle, ensure risk subject matter experts are engaged both pre- and post-contracting and increase the ongoing monitoring of third parties through a risk-based programme. The second phase was the implementation of the programme designed in phase one, which resulted in two outputs, the first being increased assessment and ongoing monitoring activities across the organisation and lines of defence. The second was, increased headcount associated with the delivery of these risk management activities. The third phase centres on streamlining the programme from a risk-based perspective and leveraging advanced technology to automate the programme and activities. There are a number of options available to an organisation to achieve streamlining objectives, including: reducing the number of third parties through a preferred provider programme, enhancing risk assessment questionnaires and gathering of information from third parties, and leverage specialised third-party providers and emerging industry utilities to conduct oversight activities, such as desktop and onsite reviews. At the end of these three phases, it is important that the elements of the programme come together to form a sustainable TPRM programme, which aligns to risk appetite and tolerance of the organisation’s Enterprise-wide Risk Management programme. EB: The EU General Data Protection Regulation (GDPR) came into effect in May; to what extent is it going to affect third-party risk management programmes? www.ethicalboardroom.com

GM: Privacy is a well-established risk and one that third parties often manage on behalf of the organisation. A change in regulatory requirements will impact the inherent risk and control environment assessments. They need to be enhanced to help the organisation determine whether applicable data subject to GDPR requirements are being shared and whether the third party is able to manage the requirements of GDPR. Organisations should be proactive in reviewing their existing inventory of third parties and re-performing due diligence as applicable. Many contracts may not cover the GDPR requirements and existing contract clauses may need to be amended. These should be identified and, depending on the service and third party, negotiated into the contract, in a timely manner, where possible. The search through contracts for existing clauses and coverage can be a significant body of work. In many cases, we are also seeing organisations undertake a more thorough data lineage assessment. It is no longer sufficient to simply know that there is personally identifiable information being shared with a third party, for example. Now the organisation needs to understand which data elements are being shared with the third party and its subcontractors so that the organisation can manage the risk and comply with requirements such as GDPR effectively.

To assess their third party’s ability to manage the organisation’s risks and reputation in line with their expectations, third-party risk management (TPRM) programmes are being established EB: Do you have any advice for companies who want to proactively manage third-party risk? GM: There are few imperatives to managing third-party risk proactively. The first is ensuring that you have a clear understanding of what risk is associated with a particular third-party service and a clear alignment of roles and responsibilities around management of that risk. Second, allowing those responsible and accountable for the management of risk to drive the mitigation activities pre- and post-contract to allow for the appropriate management of the third party. Depending on the criticality of the service, an exit strategy should be prepared in the event the relationship ends. Third, the activities undertaken should be risk based. To help form a view of where risk lies, data should be gathered to generate insights as to where to focus efforts. These

could be due to contract provisions not being in place to mitigate risk, restriction of onsite assessment activities, key controls or products linked to the third-party service and failure of the third party to deliver in line with agreed upon service level agreements. Finally, use of technology to automate the collection and management of information pertaining to a specific contract or risk. Being able to share information and help different parties build a comprehensive understanding of the interactions between the third party and the organisation is advantageous to driving better risk management. EB: Can you tell us a little about KPMG’s services? GM: KPMG has a full range of services to support the development and running of a TPRM programme. We have teams that: ■■ Drive the design and transformation of the programme ■■ Focus on the various risk components (cyber, privacy, compliance, etc.) and help execute those assessments through managed services ■■ Integrate the TPRM components into the procurement and sourcing components ■■ Optimise the procurement and sourcing components ■■ Monitor contract compliance ■■ Automate the various aspects of the TPRM programme and its assessments KPMG believes a holistic approach to the design and operation of the TPRM programme is of utmost importance because of the programme’s complexity, cutting across business lines, risk oversight lines, regions, products etc. Bringing those organisational components together through the programme to manage third parties is key and this transformation is one of a company’s biggest risks. KPMG understands the need to balance risk management with business performance and our teams have practical industry, regulatory and risk experience, not just domestically but also internationally, to assist our clients in running their programmes. We have served many of our clients across multiple industries and geographies with these services.

KPMG LLP

345 Park Avenue New York, NY 10145 212 954 7784 gmatthews1@kpmg.com www.kpmg.com

Autumn 2018 | Ethical Boardroom 87

Risk Management | Advertorial

Building a global crisis readiness programme: 13 Pitfalls Bill Udell & Aaron Schwirian

Bill is a Senior Partner and Aaron an Associate Director at specialist risk consultancy Control Risks

For decades at Control Risks, we have assisted our clients in building crisis readiness programmes (crisis management, business continuity and resilience), rolling those programmes out across their global enterprise and assisting them in responding and recovering when disruptions occur.

We have seen things go extremely well and we have seen them go off the rails. Regardless of the sector, size or the geographic location, there are a number of common mistakes that we see as organisations establish global 88 Ethical Boardroom | Autumn 2018

Learn where it can go wrong when building a global crisis readiness programme readiness programmes. Getting these wrong will likely lead to a plan that sits unused on a shelf when disruptions occur. Getting them right will help ensure the global adoption of a sustainable, flexible and practical programme that will facilitate effective monitoring, appropriate escalation, limitation of impact, rapid response, business-centric recovery and, ultimately, protection of organisational growth, profit and reputation.

The 13 common mistakesâ&#x20AC;Ś

Missing opportunities to avoid locally driven crises and disruptions A logical but often overlooked part of any organisational readiness strategy is to avoid the disruption in the first place. Companies that have risk management functions that are informed by global threat intelligence and monitoring either through a global security operations center (GSOC), third-party information feed or other integrated analytical capabilities are better at seeing disruptive events early and avoiding them altogether or containing incidents before they become full-blown crises. In the event of incidents and crises, leveraging contextual information from sources at the coal face helps crisis management teams to build local www.ethicalboardroom.com

Advertorial | Risk Management context-driven scenario analyses. Th is ensures that they have an accurate picture of the situation, worst-case and most-likely scenarios and are able to make critical impact-limiting decisions with the most perfect information possible. securing global response 2 Not assets ahead of time

In building a readiness programme, organisations often consider retained assistance from outside counsel or public relations fi rms as part of the strategy. However, they often forget the ‘boots on the ground’ that are required in response to many types of disruption around the world – from a terrorism or security event in the Philippines to a compliance and regulatory investigation in Brazil. How will the organisation actually execute the response activities? In some cases, there is an assumption that the local business will dedicate or locate the resources, but this is often poorly communicated and not based on actual capability. In other cases, while most organisations have master services agreements with response providers that cover them in some geographies and for some hazards, few have done a deep dive to match their responsive capabilities (both internal and external) against their most critical assets, high-threat geographies and risky activities. While of course it remains possible for teams to establish retainer-based relationships across geographies and technical specialties, many find this time-consuming and ineﬃcient. Insurance can play a role here. Hiscox for one is helping organisations fi ll this gap with the creation of the Security Incident Response policy, which provides 24/7 access to control risks experts across the world and across subject matters to execute an incident response against 38 separate hazards on an insured basis. It guarantees that the assets will be in place where they are needed and with the right technical know-how and local contextual understanding to mitigate the impact of disruptions and help ensure business recovery. to capitalise on local 3 Failure knowledge and business units

There is no better way to understand what doesn’t work in a disruption than by assessing past response performance. The combined institutional knowledge of staﬀ who have worked through incidents and crises in the past is a trove of lessons learned that must be harnessed before any readiness programme is implemented at scale. While building a global programme, leaders should conduct local interviews, look through past history and integrate findings into the programme. This will also help achieve local buy-in and a sense of local and business unit ownership. www.ethicalboardroom.com

of executive sponsorship 4 Lack While executive sponsorship is

important for any organisation-wide programme, buy-in and active advocacy from the top is particularly critical for the roll-out of a global crisis management programme or readiness programme. The chances are that independent business units and regional management have a way of doing things that they think works just fine and has become hard coded into their local cultural DNA – and possibly even proven eﬀective in responses to significant disruptions. While working-level, grass-roots buy-in would be ideal, it helps if there is a perception that someone with a C in their title is mandating an enterprise approach. the sights too narrow 5 Setting Organisations too frequently design

programmes in a way that reeks of tunnel vision. Crisis management is perceived as a security or a public relations or a legal issue. Considering it from one viewpoint and focussing solely on the impacts related to that viewpoint is a guarantee that a programme will become irrelevant. Successful global roll-outs create programmes focussed on roles and responsibilities and not on individuals and personalities. Meanwhile, multi-disciplinary workshops help demonstrate the extent to which diﬀerent functions rely upon others. Additionally, tying the programme to the enterprise risk management (ERM) matrix helps ensure it is fit for purpose.

The corporate ‘mother ship’ may often have a different definition of what constitutes a crisis from the regional or business unit leaders. That is natural and to be expected the sights too wide 6 Setting Teams charged with rolling out a

global programme often set about trying to ‘boil the ocean’. In the pressure to meet personal objectives or programme KPIs, they push to check the enterprise-wide box as quickly as possible at the expense of true adoption and sustainability. Depending on the organisation’s structure, culture, risk landscape and other contextual circumstances it is often a better idea to roll the programme out with a methodical, step-by-step approach, prioritising business units or regions based on the order of crisis, risk or quick-win potential. Consider showing success and gathering critical early lessons in the first phases of this approach before tackling the entire enterprise. Additionally, some organisations overweight the size and

complexity of the corporate team, causing gears to grind to a halt during a response. A good corporate-led programme does not necessarily require a huge core team. to leverage technology 7 Failure Coordinating across languages and

geographies – particularly during intense moments of a disruption or crisis – remains a challenge for any organisation. But technology is making it easier every day. Too often, organisational crisis management structures still rely on paper- or email-based plans and structures that impede real-time coordination. Technology platforms in the crisis management space, including Crisis Resilience Online now integrate mass notifications, work ﬂow, plan hosting and real-time meeting coordination on a seamless global web-based platform. a crisis, 8 Under-escalating over-escalating an incident

The corporate ‘mother ship’ may often have a diﬀerent definition of what constitutes a crisis from the regional or business unit leaders. That is natural and to be expected. Local and business unit leaders often do not have the full enterprise picture and can’t independently judge when the impact of a disruption has crossed the line from local incident to enterprise crisis. In other cases, for reasons of pride or protectionism, they may decide to continue to try to solve problems locally that should have been escalated to the corporate crisis management team (CMT) long ago. In other cases, individual managers may routinely escalate even minor incidents as a means of protecting themselves or because of a perceived corporate hunger for information. A well-structured readiness programme and global roll-out informed by substantive input from across the organisation will include agreed and established escalation criteria and definitions. approach 9 Atosingle-region a global enterprise

Th is pitfall occurs when organisations have an established readiness programme at the corporate level or in a single region and try to simply copy it and change the addresses to match diﬀerent business units and geographies. They do not take into account local and business-unit context or unique operating environments when building the enterprise-wide programme. For most organisations that take this approach, there are significant parts of the business that feel left out of the process and stuck with plans that do not work for the realities of their business. As a result, in a real crisis, these plans remain on the shelf and the regions/ units revert to an ad hoc or independent approach that works for them. Autumn 2018 | Ethical Boardroom 89

Risk Management | Advertorial

SAFE PASSAGE Crisis readiness programmes can keep you safe if disruptions occur

more mature programmes, CMT exercises should incorporate real-time call-ins and escalations from regional or unit teams or stakeholders. While these ‘semi-live’ exercises require more planning and coordination support, they are invaluable in reinforcing an enterprise approach to readiness. the practical issues 13 Forgetting Expanding a readiness programme

assumptions don’t reflect 10 Risk enterprise-wide concerns

Readiness programmes should be tied to and informed by the organisation’s ERM register. Leaders responsible for global crisis management roll-out need to understand the risks that have been agreed by the executives to be the most critical for the organisation. They need to understand their businesses and where they are going. If there is no ERM programme in place, they should engage local and business unit management to ensure that all risk concerns are heard and prioritised. Too often, headquarters-driven programme setups miss large revenue drivers and risk sets that sit outside of the immediate corporate view. Risk workshops that include representation from across the enterprise will inform the creation of the risk-based programme as well as drive buy-in and a sense of ownership across the organisation. of cultural nuances 11 Lack In establishing a global programme,

headquarters-based leaders often fail to account for local cultural, contextual or practical nuances or don’t assign them an appropriate level of importance. For example, in parts of the world where it is dangerous for women to take public transportation, business continuity and incident management plans must account for 90 Ethical Boardroom | Autumn 2018

from a centralised corporate capability to a global capability with established teams, stakeholders and interdependencies carry a wide variety of intensely practical challenges that fall into the miscellaneous category, but in aggregate are critically important, particularly in a real-life disruption. Time zones, local holidays and customs, connectivity issues and available materials must all be considered early rather than assuming that a real incident will follow a course that is convenient for the corporate entity. Risk workshops As an example, a company that wants to centrally manage that include media monitoring resources representation in North America during a crisis will either go dark at from across critical times or require the enterprise arrangements for shift work, if that crisis is emanating from inform the Australia. To mitigate this risk, creation of companies might pre-arrange a follow-the-sun model. In many risk-based alternative transportation cases, tighter coordination programmes arrangements. Meanwhile, in between the crisis management other parts of the world, it would as well as organisation and the capabilities seem inappropriate to put such of the GSOC – bringing GSOC drive buy-in gender-specific considerations owners in to programme and a sense in a corporate document. While development – helps drive there is no easy answer for some of ownership efficiencies, facilitate global of these nuances, they must coverage and ensure a more across the be considered and discussed rapid response. during roll-out to achieve local When creating a global organisation adoption, relevance and trust. crisis readiness programme, avoiding these pitfalls can be the difference Global crisis exercises fail to between a programme that enables the include regions or business units business by increasing resilience and Scenario-based exercises are the cornerstone operational cooperation across the of the maintenance and continuous enterprise and a plan that sits on a shelf improvement strategy for any readiness during a crisis. There is so much to consider programme. They not only validate the when going through the programme plan, but also help ensure that the CMT can development process and you don’t have to achieve the levels of stability and perspective do it alone. Control Risks’ approach leverages that are needed to navigate real-life lessons learned from the successes and disruptive events when they occur. While failures of thousands of clients across most owners of global programmes have multiple sectors and geographies. a regular exercise schedule, too few include regional or business unit incident Control Risks Head Office management teams (IMTs) or stakeholders Cottons Centre, Cottons Lane, in those exercises. While it is important to London, SE1 2QG, United Kingdom roll out the exercise programme across the enquiries@controlrisks.com +44 20 7970 2100 enterprise – ensuring that individual IMTs www.controlrisks.com run scenario-based sessions to an agreed standard – it is also critical that parts of the business feel included in corporate scenarios as they would in real life. Particularly for

www.ethicalboardroom.com

Risk Management | Occupational Health SCREENING FOR RISKS Safety rules need to be incorporated into any organisation’s agenda

Putting the spotlight on health and safety

There is a welcome trend towards fewer workplace-related accidents, but there’s a high risk from being associated with companies where they do occur More than 2.7 million workers around the world die each year as a result of work-related accidents or diseases, according to the latest ﬁgures from the International Labour Organisation (ILO). That’s more than 7,800 men and women every day. The ILO tracks the incidence of occupational health and safety (OHS) incidents causing illness, injury and death, and updates its estimates at regular intervals. This charting indicates that, globally, the incidence rate of workplace injuries and fatalities has been decreasing. However, the overall impact in terms of human cost and lost productivity remains sobering. At first blush, one may think that these incidents are primarily occurring in a frontier or emerging market nation. However, the data captured, analysed and curated by RepRisk since the beginning of January 2018 reveals that such an impression would be only half right. In fact, the majority of environmental, social and governance (ESG)-related OHS incidents identified by RepRisk occur in North America and Western European countries. When ranked by the number of OHS incidents, four of the top eight countries were developed nations – including Canada, Italy, the UK and the US. Collectively, they accounted for more than 60 per cent of the total number of ESG-related OHS incidents among the top eight nations. Somewhat surprisingly, the US ranked first on the list with 406 out of the 92 Ethical Boardroom | Autumn 2018

Alexandra Mihailescu Cichon Executive Vice President, RepRisk

1,057 total incidents. Russia (144) and China (110) were placed second and third respectively in the rankings.

A look at the trends

The evidence that is provided by the ILO is every bit as consistent as it is clear – the number of workplace accidents resulting in injury and/or death has been gradually falling over the course of the past 15 years. While this trend has been almost universal, especially among developed nations, concerns linger as the ILO suspects that under-reporting continues to impact its estimates for some countries – particularly within the Russian Federation and adjoining countries. Additionally, statistics are occasionally spotty from some nations, while virtually non-existent for others, notably China. In addition to the almost three million workplace-related deaths annually, there are some 374 million non-fatal, work-related injuries and illnesses, many of which result in extended absences from work. A global ESG data science company, RepRisk specialises in ESG and business conduct risk management and compliance solutions. RepRisk leverages artificial intelligence and human analysis to translate big data into actionable research and business intelligence. The RepRisk Platform, the largest database of its kind, covers more than 110,000 public and private companies and more than 25,000 projects in every sector and market.

RepRisk applies a systematic, rules-based methodology to synthesise timely data to help ﬂag and monitor material ESG risks and violations of international standards. Clients around the world rely on the RepRisk Platform as their primary due diligence service to prevent and mitigate business conduct risks related to their operations, business relationships and investments. By means of its ESG Risk Platform, RepRisk has identified the top five sectors associated with OHS-related ESG risk incidents. These include, in order: construction and materials (323 incidents), support services for industrial goods and services (159), mining (150), travel and leisure (134) and chemicals (129). Approximately one-third of these stemmed from the construction and materials sector alone. In the US, the Occupational Safety and Health Administration (OSHA) has cited several companies for occupational hazards. El Paso Underground Construction, a pipe-laying and construction services company, was fined $190,642 and placed under the Severe Violator Enforcement Program after it was alleged that it wilfully failed to protect employees from trench collapse hazards. In 2017, El Paso was cited four times for similar reasons. Meanwhile, car dealer Carl Cannon Chevrolet Cadillac Inc. has agreed to pay $114,074 to settle with the OHSA regarding an ignited oil bin that killed three people and injured two. The company was cited for improper storage of ﬂammable liquids, among other violations. www.ethicalboardroom.com

Occupational Health | Risk Management Lodige, a BMW contractor, has also been cited for four safety violations in the March 2018 death of an employee at the Spartanburg County BMW plant. The employee was struck by a 4,883-pound counterweight, according to a report by the South Carolina Department of Labor, Licensing and Regulation. Lodige could face up to $6,975 in fines. The reputation of the construction and materials sector in the US was further damaged on 9 May 2018, when Associated Scaffolding, an equipment dealer, agreed with the North Carolina Labor Department to pay a $70,000 fine for safety violations that led to the death of three of its workers in March 2015. In addition to the fine, the company will also conduct safety enhancements to avoid similar incidents. The US Department of Labor also fined Janna Wall and Juba Aluminum Products $4,200 each in relation to the case. The construction sector in Canada has also seen government regulators take action. The Ontario Ministry of Labor charged Rainbow Concrete Industries, its owner and two supervisors with 12 counts of criminal negligence following the death of a worker. According to local authorities, the worker died after getting trapped when a concrete slab fell on a truck he was operating. The picture does not look much brighter elsewhere. In India, 45 workers were reportedly injured after a large-scale fire at Bharat Petroleum’s Mumbai refinery caused an explosion on 8 August 2018. The event has led to an appeal for a probe to identify if the plant adhered to safety protocols. No exact reason for the blast has yet been determined but reports have been made that a gas leak could be one of the causes. In China, Country Garden Holdings (Biguiyuan), a property development company, has been criticised for its involvement in repeated construction accidents following the collapse of building that housed temporary workers at the construction site of City of Light, in Lu’an city, Anhui Province. The accident, which killed six contractors and injured 10 others, is believed to have happened because the workers were under pressure to complete the project, leading to potential quality issues and oversights. The project’s contractor and supervisor have been identified as Anhui Hubin Construction Group and Lu’an Jiangong Construction Supervision, respectively. According to critics, between April and July 2018, Biguiyuan’s development projects were allegedly involved in at least five other accidents, including fatal collapses at Chongzuo Country Garden Phase Two and a residential complex in Fengxian District of Shanghai. Authorities continue to investigate. In Noumea, Australia, a worker died in an accident at a nickel smelter operated by Société Le Nickel, a subsidiary of French conglomerate Eramet SA. According to a company statement, the 35-year-old father of five slipped and fell 10 www.ethicalboardroom.com

meters at the Doniambo Smelter and his colleagues’ efforts to revive him failed.

level down to the local. Its research process focuses exclusively on risks and is based solely on external sources – which balances and Cost to companies substantiates a company’s own self-reporting The costs associated with the failure to and disclosures and is crucial in making a maintain a safe workplace environment are comprehensive assessment of a company. many and frequently they are much greater RepRisk conducts this screening in 20 than had initially been thought. From a human languages in order to identify potential capital perspective, the effects are felt through risks as early as possible. loss of productivity due to loss of workers, When screening the sources, RepRisk looks injury recovery time, sick days, absenteeism, for risks related to one of the 28 ESG issues poor performance and low employee morale. that form its research scope – issues such In a 2015 report on global trends on as human rights abuses, child labour, fraud occupational accidents and diseases, the and corruption. These issues were selected International Labour Organization claimed and defined in accordance with the key that almost two million deaths occurred international standards and norms on ESG each year due to fatal work-related diseases and business conduct, including the UN Global and estimated that a further 160 million Compact Principles, the UN Principles for cases of non-fatal work-related diseases Responsible Investment and the Organisation occurred annually. The report also drew for Economic Co-operation and Development attention to the fact that fatal illnesses Guidelines. In addition to issues, RepRisk also caused by workplace conditions represent the has a concept called Topic Tags, which are main cause of death at work, killing almost specific and thematic ‘hot topics’, such as six times more workers than occupational migrant labour, protected areas and tobacco. accidents. The ILO has estimated that the The materiality of ESG issues and costs of failing to invest in OHS amount to responsible business conduct is driven by approximately four per cent of global GDP an increasing global awareness from a each year – equivalent to roughly $2.8trillion. broad range of stakeholders – including Ultimately, of course, these negative effects investors, civil society and regulators. This carry with them severe financial consequences is further amplified by the transparency and for a company, which can include increased interconnectedness of the global economy insurance premiums, spiking and society, as well as the litigation costs and the very availability of big data that The costs real possibility of penalties enables a speed, volume and associated ranging from fines and other breadth of information with the failure sanctions, to court-awarded previously unimaginable. punitive damages if negligence to maintain a More recently, there has been is proven. In the most an evolution from soft law to safe workplace egregious of cases, criminal hard law on ESG and charges may be laid. responsible business conduct, environment Aside from the human, which is further changing are many and financial and legal the business landscape. ramifications of a failure The long-standing axiom frequently they to responsibly avoid and remains true: that prevention are much greater is indeed better than the cure. mitigate OHS-related risks, than had initially Executive boards should damage to reputation must also be considered. The ensure that their companies been thought consequences in this regard provide ongoing and sufficient tend to be lingering and are difficult to training in workplace safety procedures and quantify. Losing the goodwill of its clients access to first aid for all employees, as many and/or its workforce would be a crippling accidents occur when experienced employees blow to any company. Executive decisionbegin to let their guard down. Personal safety makers should remain cognisant of the fact equipment for all staff should be provided and that reputational risk can cross boundaries. available at all times, particularly in factories Having even a tangential relationship with and industrial plants where the risk of injury suppliers or other business partners who are or damage to health is substantial. Adherence exposed to reputational risk can significantly to safety rules needs to be codified and impact a company’s own risk exposure. incorporated into the rules and regulations of daily operations. Additionally, employers Shifting the information should ensure that they have adequate barrier for the board insurance coverage in place to cover medical But how do executives and boards know what costs incurred by sick and injured workers. goes on in their subsidiaries abroad, within Investment in a robust occupational health complex supply chains and on the premises and safety programme results in a unique of their business partners? RepRisk screens ‘win-win’ scenario whereby both businesses more than 80,000 sources and stakeholders on and their employees gain an increased a daily basis, ranging from the international measure of protection. Autumn 2018 | Ethical Boardroom 93

Global News Latin America

Mexico must step up anti-corruption reforms

Julius Baer scraps Latin American units Swiss private bank Julius Baer Group is shutting its Panama and Peru operations as part of a strategic review of its Latin American business. The Panamanian arm of the bank came under scrutiny after the arrest and conviction of a former employee for participating in a billion-dollar scheme to launder money from Venezuela’s state oil company Petróleos de Venezuela. Banker Matthias Krull pleaded guilty to a conspiracy that prosecutors say involved money managers and brokerages, as well as banks and real estate firms. According to Bloomberg, following a review by former Goldman Sachs Group banker Beatriz Sanchez, Julius Baer’s bankers and support staff in Peru and Panama will be relocated to the Bahamas, Chile or Switzerland.

Corfo and Albermarle in disputed contract Lithium maker Albemarle has insisted it maintains the highest standards of corporate governance amid reports that Chile’s government is seeking international arbitration over a ‘failed’ contract. Chile’s state development agency Corfo, which leases mining rights to Albemarle in the lithium-rich Salar de Atacama, said the miner had violated the terms of its contracts. Under the contract, US-based Albemarle has to provide a quarter of its annual production at a discount to companies seeking to produce battery metals within Chile. Corfo has referred the dispute to the Paris-based International Chamber of Commerce. Eric Norris, head of Albemarle’s lithium operations, told Reuters: “Our company maintains the highest standards of corporate governance, so we will face this new scenario with the utmost seriousness and with the same good faith that has guided all of our actions in Chile for almost 40 years.”

Mexico needs to give more priority to foreign bribery enforcement, according to the Organisation for Economic Cooperation and Development (OECD). An OECD working group that focusses on bribery has completed a peer evaluation of Mexico’s implementation of its anti-bribery convention and found Mexico lacking on enforcement. It found that Mexico hasn’t prosecuted a case in the 19 years since the country’s foreign-bribery criminal offence came into force. Organisations representing Mexican businesses claim that eight to 10 per cent of the annual gross domestic product is lost to corruption each year. The report suggests Mexico enacts whistleblower protections for public and private sector employees that report in good faith and on reasonable grounds suspected acts of foreign bribery to the competent authorities.

Gol Linhas Aéreas unveils corporate shake-up Brazilian airline Gol Linhas Aéreas Inteligentes (Gol) has unveiled plans to migrate to the Novo Mercado, a listing on Brazil’s stock market that complies with higher corporate governance standards. The restructure also includes a proposed takeover of the airline’s loyalty programme unit Smiles Fidelidade SA through a share and cash deal.

94 Ethical Boardroom | Autumn 2018

Gol said the aim was to cut costs, improve corporate governance and ‘remove the pressure of unrealistic analyst forecasts from the loyalty programme’. However, according to Reuters, parties close to the transaction say the restructure would force Smiles’ minority holders to receive Gol shares with weakened voting rights. Brazilian securities regulator CVM has opened a formal analysis of Gol’s proposals.

www.ethicalboardroom.com

is your company’s board of directors

Creating Value—or Destroying It? A fundamental shift in leadership is taking place inside the boardrooms of today’s publicly-traded companies. Boards that Lead: Corporate Governance that Builds Value, a powerful program from Wharton Executive Education, examines the changing role and increasing responsibility for key stewards of corporate value. Taught by co-authors and corporate governance experts Michael Useem, Ram Charan, and Dennis Carey, Boards that Lead will show board members how to become more active and effective leaders within the corporation.

Boards that Lead: Corporate Governance that Builds Value feb. 11–12, 2019 • philadelphia, pa The program is designed for seniorlevel executives who want to gain an understanding of how directors move beyond monitoring and help lead a publicly-traded company. SESSION TOPICS INCLUDE:

learn more:

execed.wharton.upenn.edu/boards

• • •

The New Role of the Board CEO and Director Selection How to Succeed in the Boardroom

Regulatory & Compliance | Data Management

Voice compliance:

The changing landscape Communications should not just be secure and MiFID II compliant but also relevant to an organisation’s needs Compliance continues to be one of the most critical ongoing concerns for ﬁnancial institutions, especially for those that scale across continents. Financial institutions sit among the most highly regulated and compliance is at the root of their daily operations and interactions. They must also implement policy that protects them as much as the clients they serve.

According to a 2016 report issued by global management consulting fi rm McKinsey, not only has the market seen regulatory fees drastically increased compared to operating income and credit-impairment costs, the number of regulatory topics has also expanded. Yet, none saw the rise of compliance as a business-critical key focus as they did in the aftermath of the 2008 global financial crisis. The second Markets in Financial Instruments Directive (MiFID II), introduced at the beginning of this year, aims to ensure a more transparent and secure (NB: not secured) marketplace while at the same time removing barriers for cross-border financial services in the EU. But along with that came greater scrutiny of voice compliance.

Paul Willson

Head of Voice Strategy & Partnerships, Trusted Data Solutions

Consolidating voice

Financial institutions, such as firms providing services linked to financial instruments (e.g. shares, bonds and derivatives), must record each communication – inclusive of voice – that is intended to lead to a transaction. By requiring this level of complete transparency, the primary goal of MiFID II is to ensure orderly trading behaviours. For most financial institutions, this means a comprehensive review of their current voice operations and, more importantly, the implementation of a defensible and compliant voice strategy. The General Data Protection Regulation (GDPR) layers on to the regulations trend, and institutions can only expect more of such regulation in the foreseeable future. Under this new era of compliance challenges, it will not be enough to simply implement a new system from the biggest, loudest provider. Once seen as just an enforcement arm within the larger legal function, a passive framework with

compliance playing an advisory role is no longer enough. Organisations will have to reimagine their voice infrastructure and practice, as well as who they select to partner with to implement it. The partner they choose must understand data outside of voice, the technologies and their integration; its knowledge must also be rooted in regulatory compliance. eDiscovery is instrumental in achieving a successful and reimagined compliant voice practice.

A compliant voice strategy — the fundamentals in a compliance journey

Data: The digitisation of financial institutions There’s no doubt that the world is in the process of a digital revolution. With a multi-purpose device in everyone’s pocket, we can talk, trade and transact with anyone, at any time, no matter the location. With increased digitisation comes data and automation – and with that comes

IMPLEMENTING AN END-TO-END STRATEGY To ensure compliance,companies need to adopt technology specific to their industry

96 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Data Management | Regulatory & Compliance regulation. While voice itself has been a form of data for more than a decade, it is still a relatively new type of data to fall into the scopes of compliance. Just a few years ago, a Tier 1 bank was fined £2.5billion for Libor manipulation. Th is was one of the fi rst times that voice communication was arbitrated and later highlighted as a high-risk area, with a specific callout about locating legacy records. As more institutions look to migrate their current voice systems or implement new ones due to a need for a more regulatory compliant infrastructure, cost effectiveness or other reasonings, it is important to be conscious of the overall total cost of ownership that extends to litigation factoring instead of just the acquisition and management costs. Any technology change should be aligned with a best practice and an expert service integrator to avoid the extensive costs of implementation, lifecycle management and the potential need for voice restoration or migration. Resources: more effective change management As the saying goes, change is the only constant. In a highly regulated industry, such as the financial sector, change can come with a high price if not managed correctly. According to an in-depth survey of more than 100 senior banking officials across Europe and the US by SAS, most banks do not feel confident they have the right skills or resources to manage the compliance changes across the institution. In addition to quoting a more than 30 per cent increase in regulatory and compliance related hires, the study also revealed that 47 per cent feel the need for external consulting and improved IT infrastructure. As opposed to the traditional compliance model of control testing, organisations are realising that technology is a persistent

www.ethicalboardroom.com

factor in compliance as a gateway to breach but also a vehicle for managing compliance and security. Institutions must invest in innovative solutions for a more modern risk-based approach that aims to understand business operations and the underlying risk exposures with actual risk identification and management, as well as the outsourcing of the expert teams to properly manage the process. Weighing risk is as critical as the factors you implement to manage them. The reality is that there is no silver bullet for compliance. Each institution is faced with different challenges. The ones that can effectively translate regulatory requirements into management actions are ones that rise above as the leaders of the pack and will reap the competitive advantage as a result.

A passive framework with compliance playing an advisory role is no longer enough. Organisations have to reimagine their voice infrastructure and practice, as well as who they select to partner with to implement it For almost three decades at Trusted Data Solutions, we have assisted companies knee deep in litigation that need access to legacy data forms of all types, inclusive of voice. We have also worked with those that want a driver in ensuring that a proper end-to-end compliance voice strategy is written, implemented and managed. Th is has included some of the largest data management deployments and obtuse data restoration projects that enabled the Tier 1 offender to win.

Fresh new perspective As a transformation company with a technology and experience of restoring audio data dating back more than a decade – tape data even longer – we know it is important to understand a financial institution’s problem from both a data type and technology point of view. Our Technology Journey of Optimisation approaches risk mitigation from a technology standpoint, instead of looking at it from a compliance perspective – we work with the client to deliver industry specific, technology best practices to ensure their compliance. Agnostic, agile approach The regulation landscape calls for a new compliance framework. It is important to deliver services based on a consultative view of providing what the customer needs rather than industry standards. Needing to quickly address problems sometimes means industry standard tools are no longer enough. Standard tools may be a starting point; however, it is important to optimise the existing infrastructure and build the fundamentals of a coherent compliance strategy around that. Solving the problem securely, defensibly and with trust is the number one concern for our customers. Selecting the right service integrator can be a critical piece to the compliance puzzle, especially when it comes to specialised expertise, such as voice. For organisations looking for a partner in voice technology migration, implementation, and end-to-end system support, we ask that they consider the voice reform, the dependency on technology and compliance in practice. We ask them to consider who they partner with, their expertise and their true scalability. A global bank needs a global partner that scales beyond remote employees, but sits in country, within a facility. We ask them not to take their role in this lightly but remember that the technology you chose is as critical as the partner who implements it and then manages it. It’s time to reimagine your voice compliance strategy.

Autumn 2018 | Ethical Boardroom 97

Regulatory & Compliance | Advertorial SCREENING NEW BUSINESS PARTNERS EU members must hold beneficial ownership records

Ownership data: Protect your reputation & integrity Complying with legislation is challenging but access to data can help companies make better, faster decisions Louise Green

Chief Marketing Officer, Bureau van Dijk, a Moody’s Analytics company

Since 9 July 2018, member states of the European Union are legally required to hold beneﬁcial ownership records and to provide these to EU citizens, without them having to demonstrate ‘legitimate interest’. These measures were introduced under the fourth anti-money laundering directive (AML4) in 2015 and its update (AML5) in July 2018.

These directives aim to make information relating to account holders and assets (including corporate vehicles) public and to include the ability to identify account holders. AML5 also includes the public release of a functional list of politically exposed persons (PEPs) at an EU-wide level, focussing on individuals with prominent public functions. AML5 pushes for a unified database of ultimate beneficial owner (UBO) information, one that has unrestricted, public access across member states. In addition, AML5 requires enhanced due-diligence measures when 98 Ethical Boardroom | Autumn 2018

dealing with a list of high-risk third countries that have low transparency for beneficial ownership information. These include nations such as Iraq and Syria, but also Tunisia, Sri Lanka and Ethiopia.

Will member states meet the deadline for beneficial ownership registries?

Central registries are being created in all 28 EU member states. Denmark and the UK were the fi rst to launch publicly accessible UBO registries and have since been followed by Estonia, Finland, Latvia, Slovakia and Slovenia. Meanwhile, Belgium, Lithuania, Poland and Portugal have passed legislation to make their UBO registries public once they are implemented. As of September 2018, Romania, Cyprus and the Netherlands are the final few that haven’t yet transposed AML4 requirements into national law. Figure 1 (opposite) shows the status of all 28 EU member states as at 19 September 2018. The deadline for member states to comply with AML5 is 10 January 2020 – but this seems unlikely to be achieved. Problems include whether the registries will ever be linked, reconciliation of different languages and methods and lack of depth. The information about beneficial owners to be made public may be limited, because AML5 only requires the following:

■ ■ ■ ■

Month and year of birth Country of residence Nationality The extent of beneficial ownership or interest

Not having a centralised database for UBO information could impede the process of making the information public and presents another roadblock in the creation of an EU-wide registry. For reasons of privacy, many countries that have complied with AML4 have also made efforts to limit the amount of information collected from beneficial owners and persons with significant control (PSC) or restricted access to the records. For example, Sweden has made the registry available only to Swedish nationals.

AML in the US

Money laundering in the US is estimated to account for around half of the money laundered globally per year. Since 2001, all financial institutions have been required to have AML programmes under the Patriot Act, which amended the Bank Secrecy Act. If there is a large or suspicious transaction, they must send a suspicious activity report (SAR) to the Financial Crimes Enforcement Network (FinCEN). US non-financial businesses are not legally required to have an AML programme, nor to file SARs. However, they must still report: www.ethicalboardroom.com

Advertorial | Regulatory & Compliance FIGURE 1

■ Cash payments of more than $10,000 received in a trade or business ■ Foreign bank and financial accountants (FBARs) ■ International transportation of currency or monetary instruments They are also subject to the Office of Foreign Assets Control’s (OFAC’s) sanctions requirements, including the 50 per cent rule. Under OFAC’s 50 per cent rule, a company is sanctioned by extension if owned by a sanctioned company or individual through a chain of ownership of 50 per cent or more. Orbis is the world’s most powerful comparable data resource with information on 300 million companies in all countries, including information on: Corporate ownership structures and beneficial ownership information PEPs, sanctions and adverse news Directors, managers and shareholders Standardised, detailed financial reports and projected financials that make it easy to compare companies globally Financial strength metrics, even for companies without detailed information M&A deals and rumours Foreign direct investment, intellectual property and patents www.ethicalboardroom.com

★ Countries that will or have already published fully public registries ■ EU Countries that have implemented UBO registers: UK, Austria, Czech Republic, Denmark, Estonia, Finland, France, Germany, Latvia, Malta, Slovakia, Slovenia, Spain and Sweden ■ Countries that have passed national legislation to implement UBO registers: Belgium, Bulgaria, Croatia, Greece, Hungary, Italy, Ireland, Lithuania, Luxembourg, Poland and Portugal ■ Countries whose legislation progress on implementing the UBO register provision is stalled or unknown: Cyprus, the Netherlands and Romania

Companies that are sanctioned by extension do not necessarily appear on any sanctions list, but businesses must avoid doing business with them and can be fined if they do. Businesses will need access to corporate ownership data to find out whether other companies are sanctioned by extension or not.

How effective is your sanctions screening?

Figure 2, using ownership data from Orbis, shows how a US-registered company is connected to a sanctioned individual in Russia. All companies within this chain are sanctioned by extension. FIND THIS CONTENT AND REGISTER FOR A FREE TRIAL AT BVDINFO.COM How effective is your sanctions screening? A short video showing how a US company is linked to a sanctioned individual in Russia through nine companies — all are sanctioned by extension in this real example. Creating clarity around ownership structures poster A great tool to help navigate the complex world of corporate ownership and identify risk around sanctions. A-Z of ownership and compliance A handy A-Z reference guide for the important terminology, laws and industry bodies within compliance, risk and corporate ownership.

In April 2018, OFAC added 12 Russian nationals to its Specially Designated Nationals (SDN) sanctions list for allegedly interfering with the 2016 US election. Orbis identified 1,300 companies that became sanctioned by extension that day, and 90 per cent were registered outside of the US.

The importance of corporate ownership data

While there is no certainty about the final form the various EU registries will take and whether they will ever be formally linked, company information, including information around corporate ownership structures, can help businesses to ensure they are compliant with legislation around know your customer (KYC), AML and sanctions. For example, using databases – such as our global company database Orbis – you can check your existing network for sanctioned and sanctioned-by-extension entities that you should not be trading with. You can also set up alerts to warn you of ownership changes that might make you non-compliant. And, most importantly, it can help you to protect your reputation and integrity.

FIGURE 2 SDN in Russia 100% Trust in the Cayman Islands 100% Company in the British Virgin Islands 100% Company in the Bahamas 100% Company in the Bahamas 100% Financial institution in the Bahamas 100% Company in Cyprus 100% Financial institution in the Bahamas 100% Financial institution in Luxembourg 68.5% Company in Italy 100% Company in Italy 100% Company in the US

Bureau van Dijk

1 Canada Square, London E14 5AH, United Kingdom +44 207 549 5000 bvd@bvdinfo.com

Autumn 2018 | Ethical Boardroom 99

Regulatory & Compliance | Advertorial

COMPLIANCE POSSIBLE? Since its founding, Hollywood has used real-life events to produce blockbusters. Action movies, in particular, do have a great popularity. The reality is more manifold and sometimes more blatant than the later stories: bribery, corruption, billions of US dollars, dictators, kleptocrats, nasty lawyers, beautiful women and men, the heroes of law enforcement, prison sentences, huge ﬁnes, ruin, destroyed trust, etc. 100 Ethical Boardroom | Autumn 2018

If only it could be as easy as the movies to operate at the cutting-edge of IT while managing regulatory developments Thomas Schulz

Sales Manager, Compliance Solutions The heroes of these stories work alone or in groups, always focussed on fulﬁ lling the mission and capturing or killing the bad guys. They are supported by a team of secret agencies or they have to ﬁght their

way to the finish line alone. Realistically, our heroes always have the critical information at hand at the decisive moment in time to be able to take out the opponent in the final showdown and ride into the sunset. High Noon here we come! Many compliance officers worldwide know this feeling and live this scenario every day. Joking aside, companies today are faced with the challenge of reacting to new legal requirements on an almost daily basis. If they also operate internationally, chaos is pre-programmed and the available resources are quickly exhausted. In addition, the bad guys are also developing their methods and business models.

www.ethicalboardroom.com

Advertorial | Regulatory & Compliance The financial sector, for example, has always been subject to increased compliance requirements. The need to know one’s business partners better and to check financial transactions has been practised here for a long time. Also, in other industries word has gotten around that – due to constantly new regulations – a deeper knowledge about the business partners and their background is required. First of all, guidelines and processes have to be developed that will establish the framework for the company and its employees. Parameters and information requirements are defined so that one is enabled to make decisions in line with processes and data. If the data produced adds up to a green light, then the ‘right’ decisions can be made. The vast amount of information to be checked, the consideration of laws and internal guidelines, the following of processes and the resource restrictions require that a realisation of these requirements must be IT-supported. However, the challenges for many companies today are that in a lot of cases the responsible persons are not IT-affine, the MS Office possibilities already represent the highest of emotions and a software-side mapping of the compliance processes does sound more like a solution from a science fiction, but not an action movie. What does this mean for companies that need to bring their organisation to a higher compliance level? Generally, don’t try to work on your own IT solution. I have seen a lot of these projects come to nothing. There are specialists who have put all their knowledge into standard software. When choosing a provider, though, there are some key things to bear in mind: ■■ Ideally, the ability of a solution to address your needs does reflect the provider’s knowledge from the customer projects implemented and the external requirements ■■ Make sure that the solution can be configured very flexibly to your requirements and without great effort. Nothing is worse than an IT project that lasts for a long time and does not deliver what was expected in the end ■■ Never adapt your processes to the solution, always adapt the solution to your processes ■■ Use a web-based solution – access and compatibility problems are reduced to a minimum and worldwide use is guaranteed ■■ Place the user in the centre of your project ■■ Look for a solution that grows with your requirements over time. The maturity level of your organisation increases with the assistance of a software solution So, what should such a solution look like? It is important in the selection process www.ethicalboardroom.com

that the desired use cases can be mapped. Topics, such as KYC (know your customer), corruption, AML (anti-money laundering), whistleblowing, risk management, monitoring, audit-proof documentation, integrated reporting, etc., can become relevant for your company in addition to the currently desired solution, so keep this in mind. For this reason, the use of a modular database-driven compliance platform – in contrast to stand-alone solutions – has established itself as the best possible option: a highly advanced and powerful IT compliance platform to efficiently support and automate compliance tasks and processes globally. The platform approach ensures that all generated information is centrally available for all application modules. System breaks are thus avoided. No emails, documents, tables and so on, which contain the required information somewhere, but which is not available for compliance purposes when needed.

The vast amount of information to be checked, the consideration of laws and internal guidelines, the following of processes and the resource restrictions require that a realisation of these requirements must be IT-supported In case of a business partner check, for example, it may be necessary to include different areas of your company in the process of information retrieval about the business partner. Sales, as it maintains contact with the business partner, data management, as business transactions may already have been carried out with this business partner in a branch abroad, as well as the business partner himself. The information requested within the framework of the established processes is used to assess the business partner. Using a single or multi-stage, risk-based approach, critical and non-critical cases can be separated in the simplest possible way. Information provided by the business partner via a fully integrated questionnaire complements the information basis. After this you should be able to only investigate the ‘real bad felons’. The information can be verified (even in the age of Google) also against risk databases, which preselect and structure the risk information and massively reduce the due diligence effort. The user must be supported both in the onboarding process of the new business partner and in the continuous assessment of the risk

potential in day-to-day business (permanent monitoring). In addition to the collection of information, the further processing and evaluation of the information should also take place in the process. Depending on the individual case, the processes should take the further course of the assessment into account: ■■ Does a further investigation have to be started? ■■ Should an individual assessment be made? ■■ Should a risk category be assigned (automatically or based on the available information)? ■■ What should an approval process look like and where should it take place? ■■ The question of a review by compliance and if corresponding quality controls should also be incorporated The processes should be individually configurable and the information should be able to be integrated into third-party systems. Whether the processes run step-by-step or automatically deep in the background depends on the special wishes and needs of the company. In this context, however, it is important that all information is centrally available, that the information (secured by authorisation) can be retrieved and – due to its completeness – that the company’s risk potential is mitigated as far as possible. The great advantage of such a solution is also, on one hand, the audit-proof storage of information – you are always up to date on every process, involved person and every decision – and, on the other hand, the real-time monitoring of your risk portfolio. Risk information is available immediately and does not have to be consolidated in reporting cycles lasting several weeks. Planning and control can be supported ad hoc with data. Real-time information delivered by business intelligence solutions can be evaluated and measures can be taken immediately. With the solution described above, our compliance heroes can always be sure that the right information is available to them at the right time, just like in the movies. So, is compliance possible? Yes, it is! So, next time take it easy when you hear the sentence: ‘Your mission, should you choose to accept it…’

Compliance Solutions

Königstr. 80, 70173 Stuttgart, Germany thomas.s@compliancesolutions.com +49 711 217 232 92 www.compliancesolutions.com

Autumn 2018 | Ethical Boardroom 101

Regulatory & Compliance | Bribery

Committing to the corruption fight Establishing a culture of openness and integrity is a complex undertaking for any organisation, whatever its size. For those wishing to protect themselves from the mounting risk of contravening international bribery rules, the question can therefore be, where to start? We believe the establishment of good operating procedures are a prerequisite for effective management of risks relating to bribery and corruption. Good process is not sufficient, but it is a necessary and tangible starting point to achieving any form of cultural change. A new certification from the International Organization for Standards, called ISO 37001, provides a globally recognised benchmark for establishing and developing a good practice process that can help protect organisations from unethical behaviour, both internally, and by third-parties. (Fact: more than 90 per cent of reported â&#x20AC;&#x2DC;foreign corrupt practiceâ&#x20AC;&#x2122; cases have involved third-party intermediaries acting on behalf of organisations).1 ISO 37001 was introduced to help organisations worldwide to measure, benchmark and continuously improve their efforts against bribery and corruption, both in the public and private sectors. The standard specifies a series of measures

102 Ethical Boardroom | Autumn 2018

Why ISO 37001 should be your first line of defence Zafar Anjum

Group Chief Executive Officer, CRI Group required by an organisation to prevent, detect and address bribery, and provides guidance relative to that implementation. Justice, they say, should not only be done but should be seen to be done. The same goes for developing an anti-bribery management system. And such visibility is the fi rst major advantage of undertaking ISO 37001 accreditation. It sends a clear message that your organisation is serious about tackling and safeguarding against activity that will bring it in to disrepute, expose it to heavy penalties and otherwise erode goodwill. But itâ&#x20AC;&#x2122;s not just about optics. Earlier this year, CRI Group was the first organisation in the world to achieve ISO 37001 accreditation status. We advise clients across the world on pragmatic approaches to anti-bribery measures and we consistently advocate meaningful, proportionate, and practical measures, over box-ticking exercises. We believe that this standard is a helpful way of codifying good practice, that allows for genuine introspection and the type of continuous improvement that is an essential ingredient of effective risk management, in an ever-changing regulatory and business world. Good practice in this regard is not rocket science, but it does

require a methodical application of process and expert guidance. The standard is not an instruction manual but a guide that must be implemented with thought, care and judgement. In addition, ISO 37001 represents a minimum standard of good practice. Not everything within the system is mandatory, but at the same time, it is not a question of getting the badge and forgetting about it. The ethos that sits behind the standard is one of ongoing improvement and vigilance. Specific good practice required by the standard includes an anti-bribery policy and programme, that is adequately communicated to any individuals that pose more than a low risk of bribery, with training where necessary. Organisations should appoint a compliance manager to oversee the programme. Organisations should also take reasonable and proportionate steps to ensure that outside organisations and third-party business associates have implemented appropriate antibribery controls.

www.ethicalboardroom.com

Bribery | Regulatory & Compliance In many areas, the standards requirements also reflect common sense and good business practice, such as implementing appropriate financial, procurement and other commercial controls so as to help prevent the risk of bribery, implementing effective whistle-blowing procedures and investigating and dealing appropriately with any actual or suspected bribery occurrence. In a nutshell, ISO 37001 takes into account a compendium of international best practices, which enables global organisations to apply and implement uniform anti-bribery measures, irrespective of the various countries in which they operate.

Achieving compliance: The benefits of ISO 37001 certification

ISO 37001 certification adds a distinct level of credibility to an organisation’s management systems and must be completed by a qualified, independent third party specifically versed in ISO 37001:2016 certification. Certification of compliance with the standard is based on an impartial, independent third-party review, assessment and audit of the organisation’s anti-bribery management system and the versatility, effectiveness and proactive nature of the system. Proper certification to the standard requires a substantial amount of preparation and self-assessment beforehand; a highly involved review, interview and audit process (often involving a sampling of affi liated or regional offices); and an evaluation and monitoring phase, which is conducted annually over a three-year certification cycle. Surveillance audits verify the organisation’s continued adherence to the standard, evaluate any prescribed corrective action plans and review what the organisation is doing to improve its anti-bribery management systems. Post-audit, our team would convene an oversight board comprised of anti-bribery experts to review the audit reports and to

make recommendations to both the organisation and the certification committee. Certification in ISO 37001 symbolises an organisation’s unrelenting commitment to fight corruption and pursue best practices in an ongoing quest for compliance to the widely accepted anti-bribery standards. And the in-depth process involved in achieving certification to the standard – together with the counsel, risk assessment, and

ISO 37001 was introduced to help organisations worldwide to measure, benchmark and continuously improve their efforts against bribery and corruption, both in the public and private sectors

improvement recommendations that result from the audit – can make the certification process well worth the investment.

The mark of assurance

Becoming certified in ISO 37001 enables an organisation to demonstrate that it has adequate procedures in place to detect and prevent bribery on a multinational level. Additionally, such certification: ■ Ensures an organisation is implementing a viable anti-bribery management programme using widely accepted controls and systems ■ Provides assurance to management, investors, business associates, personnel and other stakeholders that the organisation is actively pursuing internationally recognised and accepted processes to prevent bribery and corruption ■ Protects the organisation, its assets, shareholders and directors from the effects of bribery ■ Provides acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption Because this standard provides a guide rather than a rule-book, it can (and must) be implemented in a way that makes sense for every individual organisation. That means it is applicable not just to major multinationals but also to small and medium sized business across the world that wish to make a clear declaration to both internal and external stakeholders, of their commitment to sustainable and ethical business practices. For those more motivated by stick rather than carrot, the attractions of ISO 37001 are just as clear: the world’s governing bodies are gravitating towards ever more stringent standards and punitive actions regarding corruption, bribery and other unethical business practices. Now that there is a clear defence against such risks, the only remaining question is, why wouldn’t you use it? EY, 2013

SENDING OUT A CLEAR MESSAGE Getting ISO certification demonstrates a commitment to ethical business practices

www.ethicalboardroom.com

Autumn 2018 | Ethical Boardroom 103

Global News Asia Singapore boards must be more independent The Singapore Exchange (SGX) is to amend its listing rules in January 2022 to limit the tenure for independent directors to nine years through a two-tier shareholders’ vote. More than one-third (37 per cent) of independent directors have been on the boards of companies listed in Singapore for more than nine years. The average tenure of independent directors is 7.3 years, according to an analysis of 2,356

independent directorships by the Singapore Institute of Directors (SID). The 2018 Singapore Directorship Report looks at the state of directorship and corporate governance of 737 SGX-listed companies, business trusts and real estate investment trusts.

Chanda Kochhar quits as ICICI CEO Chanda Kochhar, managing director and CEO of India’s second-biggest private sector lender, ICICI Bank, has resigned from the company amid allegations of conflict of interest. Kochhar led ICICI Bank since 2009 and her third term was due to end in March 2019. Sandeep Bakhshi, who was appointed the bank’s chief operating officer in June, will succeed Kochhar. In June, Kochhar went on indefinite leave, pending an external enquiry against her on allegations of conflict of interest and quid pro quo charges relating to a loan given to Videocon. In a filing to stock exchanges, ICICI Bank said that its board accepted the request of Kochhar to ‘seek early retirement’.

Chinese internet

Institute of Corporate chief pleads Directors launched guilty to bribery to support Malaysia

Japan and China lack board diversity One-tenth of the 500 largest companies worldwide didn’t have a single woman on the board at the end of their most recent fiscal year – of these, 15 were based in Japan and 13 in China. According to the Equilar Gender Diversity Index, Japanese companies without any female directors included telecom operator Nintendo, Uniqlo-parent Fast Retailing Co and 7-Eleven owner Seven & I Holdings. Chinese companies with no women on their boards include Tencent Holdings Ltd, SAIC Motor Corp and Kweichow Moutai. Marleen Dieleman, an associate professor of strategy and policy at the National University of Singapore, told The Japan Times: “Asia is still behind on best practices regarding board diversity. Most boards in Asia do recognise the value of diversity. Yet, board chairs do not necessarily feel the urgency to change.”

104 Ethical Boardroom | Autumn 2018

The Securities Commission (SC) Malaysia has launched the Institute of Corporate Directors Malaysia (ICDM) to ‘enhance the professionalism and effectiveness of corporate directors’ in the country. ICDM’s main objectives are to promote excellence, integrity and the highest levels of skills and professional competence among corporate directors in Malaysia and advocate the adoption and application of corporate governance practices. Tan Sri Ranjit Ajit Singh, chairman of the SC, said: “Recognising that better boards will create better values, the establishment of ICDM will add to the already rich and diverse corporate governance ecosystem to enhance director effectiveness and board leadership in Malaysia.” ICDM will focus on building a sustainable pipeline of directors through education programmes that equip directors with essential skills to serve on listed boards and maintain a directors’ registry to provide director-sourcing services to companies so that succession planning is competency-based.

Lu Wei, a former internet regulator who once led President Xi Jinping’s campaign to turn China into a cyberpower, has pleaded guilty to corruption charges. Lu admitted taking bribes of 32 million yuan ($4.6million) and ‘expressed repentance’, according to provincial court authorities. At the height of his influence, Lu was listed by Time magazine in 2015 as one of the world’s 100 most influential people. He orchestrated China’s strictest internet censorship during his time as the director of the Cyberspace Administration of China (CAC) from 2014 to 2016. Lu stepped down from his post in 2016 and in 2017 became the target of a far-ranging anti-corruption probe ordered by President Xi Jinping. www.ethicalboardroom.com

CMY

Minority Shareholders Watch Group (MSWG) was set up in the year 2000 as a Government initiative to be part of a broader Capital Market framework to bring about awareness primarily on minority shareholders interest and corporate governance matters through shareholders activism and engagement with stakeholders. MSWG is a professional body licensed under the Capital Market & Services Act 2007. It is self-governing and non-profit body, funded predominantly by the Capital Market Development Fund (CMDF). It is an important channel of market discipline, encouraging good governance with the objective of creating sustainable value. Since incorporation, MSWG has evolved into a respected and independent corporate governance research and monitoring organization in the capital market. It highlights and provides independent views and guidance to investors.

Asia | Gender Diversity

Board diversity

in Southeast Asia Why promoting women is a key ingredient for building thriving ASEAN economies J. Chris Razook

Corporate Governance Lead for East Asia Pacific, IFC

The business case for board diversity is becoming increasingly evident. US Fortune 500 companies with the highest percentages of women board directors reported, on average, 53 per cent higher return on equity than those with the least, according to research ďŹ rm Catalyst. Similarly, a 2018 McKinsey study of 1,000 fi rms in 12 emerging markets found that companies in the top quartile for gender diversity on executive teams were 21 per cent more likely to outperform on profitability and 27 per cent more likely to have superior value creation. A 2017 World Economic Forum report also showed that countries that are able to make even small inroads in closing the global gender gap could increase their gross domestic product by $5.3trillion in the next seven years. The economic rationale is even more profound for Southeast Asia, home to some of the fastest-growing economies in the world. The region is estimated to grow at 5.3 per cent in the next two years, according to the Organisation for Economic Co-operation and Development. To cope with such rapid economic growth, companies in the Association of Southeast Asian Nations (ASEAN) economies must tap into female talent. A recent International Labour Organisation report has already warned that business growth in Asia could become severely stunted if companies do not recruit and promote more women. Yet, substantive change inside ASEAN boardrooms can be difficult to achieve, given the male-dominated societal culture in the region. To produce region-specific research to back up the business case for board diversity, the International Finance Corporation (IFC) and the Economist 106 Ethical Boardroom | Autumn 2018

Intelligence Unit (EIU) conducted a new study using 2017 data to examine how female representation impacted the performances of more than 2,300 listed companies across China and six ASEAN countries, namely Indonesia, Malaysia, the Philippines, Singapore, Thailand and Vietnam. The research is unique not only in its breadth of country coverage but also in its effort to examine whether more women in different roles such as independent directors, audit committee members, and senior management are linked to better company performance. It also disaggregated fi rms by industry, size, and even shareholding structure to see if other specific correlations emerged. The research, which combined statistical analysis with insights gained from interviews with business leaders, is scheduled to be released later this year. The research is funded by the Umbrella Facility for Gender Equality, a multi-donor trust fund dedicated to investing in priority areas critical to advancing gender equality by equipping policymakers and development experts with data, knowledge, and evidence. The fund, launched in 2012, currently supports more than 150 activities in more than 80 countries. Preliminary findings show that a greater proportion of women in the boardroom and senior management boosts fi rm performance. More specifically, there was positive correlation between performance and diversity among board directors, senior management, independent directors and audit committee members. Financial fi rms with higher diversity among independent directors and senior management performed better. Interestingly, even small fi rms with more women on their boards and senior management teams did better than their male-dominated counterparts.

Gender Diversity | Asia TACKLING BOARDROOM BEHAVIOUR Studies show that women are more risk-averse and stricter on governance standards

Autumn 2018 | Ethical Boardroom 107

Asia | Gender Diversity Such correlations are positive proof for embracing board diversity. Many of the firms participating in the study reported that female board members often enhance a company’s strategy and decision-making by bringing a fresh perspective to complex challenges. They provide unique insights on how a company is perceived and can facilitate more open discussion between board members and improve relations between board members and employees. Other studies point to the duty of care, showing that female directors have better attendance records than male directors (interestingly, male directors’ attendance records improve when the board is more gender-diverse).1 A Chinese study also found that female board members were not only stricter with corporate governance but were also more risk averse.

Gender quotas

With such significant benefits, companies should make increasing female representation on boards and in senior management ranks a priority. At the moment, the ratio averages only 15.7 per cent across the ASEAN company samples in the IFC study. Th is ranges from 11.9 per cent in Singapore to 20.4 per cent in Thailand. For independent directors specifically, the average is 14.4 per cent female. At the senior management level, the ASEAN average is 26 per cent, ranging from 18.4 per cent in Indonesia to 32.8 per cent in the Philippines. China averages about 12.7 per cent female board representation and 13.5 per cent in senior management. One encouraging result shows that 88 per cent of the Thai companies surveyed have at least one female director, compared to 64 per cent among Philippine companies and 63 per cent among Malaysian companies. These numbers are on par with and, in some cases, a bit higher than global averages of about 15 per cent of women board directors and 25 per cent female senior managers, according to an MSCI study. Yet, it is still a long way from achieving an average of 30 per cent female representation in the boardroom, a goal that leading international investors and advocacy groups have been pushing for as the tipping point for women to optimise their influence and impact on boards and company performance. In fact, MSCI estimates that it will take until 2027 before the 30 per cent target is met. Moving the needle in the ASEAN region will continue to be a struggle, requiring shifts of entrenched attitudes and mindsets. Respondents to the IFC research said females in Asia were historically perceived as subordinates rather than leaders; this cultural norm is still prevalent in the region today. Part of the challenge is self-infl icted, suggested one respondent, as some women instinctively resign themselves to more supportive roles or drop out of the workforce 108 Ethical Boardroom | Autumn 2018

altogether. Others raised factors such as pay inequality as significant inhibitors. One important factor in trying to turn the tide in the gender diversity battle is how to capitalise on the predominance of family companies in the ASEAN region (80-90 per cent of large companies in the ASEAN region are family owned, according to McKinsey).2 Although first-generation family companies are usually founded and run by patriarchs who prefer a centralised decision-making model, they also have the ability to evolve quickly once the second and third generations come into the business. This often opens the doors to more female family members and the possibility of ushering in more modern mindsets and business practices. Our recent research findings back this up, showing that both younger companies and those with family owners tend to have higher diversity ratios than other companies. Such research and empirical evidence go a long way to help convey the business case, but action on the ground requires a multi-pronged approach, including efforts by regulators and market stakeholders to constantly encourage, if not mandate, change.

Moving the needle in the ASEAN region will continue to be a struggle, requiring shifts of entrenched attitudes and mindsets. Respondents to the IFC research said females in Asia were historically perceived as subordinates rather than leaders; this cultural norm is still prevalent in the region today

In the ASEAN region, changes have been happening, albeit slowly, on the regulatory front. Regulators and practitioners are debating if a hard mandate – already adopted by Belgium, France, Germany, India, Italy, and Norway – is the right approach for their given markets. Within ASEAN economies, only Malaysia has imposed a requirement on large listed companies to achieve 30 per cent board diversity by 2020; Securities Commission Malaysia figures showed that the board diversity of the 100 largest Malaysian companies stood at 19.2 per cent as of December 2017, up from 16.6 per cent a year ago. The Malaysian Code on Corporate Governance also requires all companies to disclose their diversity policy, targets and results. Other countries, such as Singapore, have taken a softer legal approach by encouraging companies to consider diversity when appointing board directors and disclosing their relevant policies. Besides the regulatory push, various institutes, associations and networks have

been leading gender diversity activities around the region. For example, Malaysian business leaders have started a 30 per cent club aimed at advancing women in directorships and leadership positions, following the lead of similar chapters in the UK, the US, Hong Kong and elsewhere. The WomenCorporateDirectors (WCD) Foundation has also launched chapters around Asia, including Indonesia, Malaysia, Myanmar, the Philippines, Singapore, and Vietnam. Over the years, IFC has been spearheading efforts to promote board diversity in selected Asian markets, such as partnering with stock exchanges around the world to host the annual Ring the Bell for Gender Equality events; we are also working with local director institutes, training organisations, as well as other associations and networks, including WCD, to promote opportunities for women. In Myanmar, which currently has only five listed companies and is therefore not included in the IFC study, efforts are underway to promote the benefits of board diversity and build a pipeline of female directors to serve on Myanmar company boards. IFC has partnered with the newly launched Myanmar Institute of Directors to organise a series of seminars and workshops based on IFC’s new Women on Boards and in Business Leadership toolkit. The toolkit, which is being rolled out in other countries, positions gender diversity as a strategic tool to leverage talent, stimulate innovation and spur business growth. It prepares participants in dealing with technical issues while serving as different types of company directors, and also in establishing and implementing strategies to grow the pipeline of female talent in companies. In addition, the toolkit covers the behavioural dynamics participants may encounter inside the boardroom or in senior ranks, such as unconscious bias and stereotypes, as well as ways to leverage effective leadership skills. Despite these market-level efforts, the ultimate decision-makers are the individual companies. Shareholders can therefore play a catalytic role by encouraging their boards to: commit to voluntary diversity targets for both directors and senior managers over a period of time; create mentorship programmes for younger female executives to connect with more senior leaders, including male managers, within and outside the company; offer targeted training workshops for future female leaders, preparing them to sit on boards and take up senior manager positions; and ask the company to disclose its diversity policies and measures not just for accountability but also for signalling its commitment to this important matter. Adams, R.B. and Ferreira, D. (2009), “Women in the boardroom and their impact on governance and performance, Journal of Financial Economics, Vol. 94 No. 2, pp. 291–309. 2https://www.mckinsey.com/ featured-insights/winning-in-emerging-markets/ the-family-business-factor-in-emerging-markets 1

www.ethicalboardroom.com

KEEPING IT ABOVE BOARD

PLACE YOUR ADVERT HERE It’s the best way to

reach your audience that is spread over

60 countries to know the latest in

Board Leadership • Board Governance Technology • Activism & Engagement Regulatory & Compliance • Risk Management “Essential reading for boards who want to stay ahead of the governance curve”

Contact: Guy Miller email: guy@ethicalboard.com twitter.com/EthicalBoard

www.linkedin.com/company/ethical-board-group

Asia | Governance Reform FRONT LINE REGULATORS Stock exchanges in Asia ensure the market is transparent

Corporate governance within Asia

110 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Governance Reform | Asia

Winds of change are blowing through Asian stock exchanges, bringing new challenges and improving standards Fianna Jurdant

Senior Policy Analyst, OECD (The Organisation for Economic Co-operation and Development)

Global trends of structural reforms in the last decades induced changes in the ownership structure and business models of stock exchanges, giving rise to new challenges with the potential for conflict of interests in relation to their role in corporate governance.

Asian stock exchanges, in which 47 per cent of all public equity capital in the world is raised through initial and secondary public offerings (IPOs and SPOs), experienced similar developments.1 Th is article highlights key messages from the OECD report (hereafter referred to as the Report) published in 2018, The Evolving Role of Stock Exchanges in Asia: Standard-Setting, Supervision and Enforcement of Disclosure Obligations and Corporate Governance Rules. Th is follows the G20/OECD Principles of Corporate Governance that emphasise, ‘regardless of the particular structure of the stock market, policy makers and regulators should assess the proper role of stock exchanges and trading venues in terms of standard setting, supervision and enforcement of corporate governance rules’.2

Asian stock exchanges: how have they evolved?

Stock exchanges in Asia have also gone through their own transformation, affecting their ownership structures and business models. Their different legal status and source of revenues affect their role in standard setting, supervision and enforcement of corporate governance frameworks.

Ownership changes and the privatisation trend Stock exchanges in Asia have generally followed the global trend towards demutualisation and self-listing. While stock exchanges used to be member-owned organisations or government institutions, many stock exchanges in OECD countries moved from www.ethicalboardroom.com

a non-profit, mutually owned organisation into a for-profit, investor-owned corporation. Some exchanges went even further by listing their own stock on the exchange. Out of the 18 stock exchanges in the 13 Asian jurisdictions surveyed in the report, half are demutualised, five are self-listed and 15 are self-funded (as of August 2017). 3 See the charts, below. Funding sources of stock exchanges in Asia can also affect their ability to operate independently, be that market participants, the state or third parties, among others. Also, the changing status of exchanges in Asia is accompanied by the evolution of their revenue structure. Data services, accounting for 19 per cent of total revenue of listed stock exchanges worldwide, only represent eight per cent of Asian stock exchanges displaying this information. Around three-fi fths of total revenues are generated by trading services, while other services (e.g. membership fees) increased from 18.. (missing end of sentence: ask client when sending through). Following de-mutualisation and self-listing, many stock exchanges are now also profit-making companies with an emphasis on promoting trading, this presents potential conflicts of interest that can affect their role in supporting sound corporate governance practices. This is particular the case when an exchange also has a regulatory function or when a significant number of stock exchange board members are themselves investors in listed companies. Further, in some cases when the state owns shares in an exchange, there is a potential for indirect influence of governments. Owning shares of listed companies through state investments funds might discourage them to take action against government-owned or government-linked listed companies. 18% 8%

2010

11%

63%

■ Trading services ■ Listing & issuer services ■ Data services ■ Others 21% 8% 10%

2016 61%

The evolving role of stock exchanges

A key responsibility of stock exchanges in ensuring sound corporate governance involves issuing listing rules, disclosure standards and monitoring compliance with these standards. Despite the challenges arising from reform measures and a different balance of responsibilities with regulators in Asia, stock exchanges remain key actors in improving the quality of corporate governance practices. Standard setting: from a direct role to a supporting role The Principles have been widely used across Asia as a benchmark for developing securities regulation and listing rules. There is a range of models in Asia in terms of the roles in exchanges in standard setting of corporate governance standards. One model is where the securities regulator provides the general direction for standard setting on corporate governance while the stock exchange issues listing rules. The listing rules of the Korea Exchange (KRX), for instance, incorporate corporate governance rules, such as the number of independent directors and the establishment and requirement of audit committees. Another model is when the exchange takes a lead in developing a corporate governance code. Th is is the case for the not-for-profit government entity in Chinese Taipei. In Vietnam, the CG Code is developed in a collaborative manner by the regulator – the State Securities Commission – and the two stock exchanges. A third approach is when the securities regulator has a dominant role by issuing listing rules while the exchange is responsible for implementing and monitoring them. Th is is the case in Bangladesh, where the stock exchange monitors and supervises the status of listed companies. Supervision – paving the way to improve disclosure Stock exchanges are responsible for supervising disclosure requirements and for improving the quality of disclosure. The majority of Asian stock exchanges play a role as front-line regulators in ensuring that the market is fair, orderly and transparent. There are generally three categories of disclosure requirements: periodic disclosures, continuous disclosure of material information and disclosure of corporate governance statements. Stock exchanges participate in the enhancement of corporate governance through the following: ■ Monitoring disclosure Stock exchanges are responsible for monitoring compliance with the disclosure requirements defined in the listing rules. Th is applies to periodic disclosure (e.g. interim statements, financial statements and annual reports) Autumn 2018 | Ethical Boardroom 111

Asia | Governance Reform ■ Issuance of guidance Even when companies comply with disclosure requirements, the quality of disclosure is still not meeting expectations in many Asian markets. Thus, stock exchanges have issued practical guidance with the aim of helping listed companies better understand and comply with disclosure obligation. This is the case in China, Taipei, Malaysia and Thailand, for instance ■ The disclosure of corporate governance standards Some exchanges require listed companies to disclose compliance in annual reports on a ‘comply-or-explain’ basis ■ Evaluation systems and benchmarks Reviewing companies’ corporate governance practices allows some exchanges to establish corporate governance evaluation systems. Th is helps to identify best performers as benchmarks and encourages the adoption of corporate governance initiatives While the securities regulator remains the main custodian of codes and principles of corporate governance in most Asian economies, stock exchanges often play a supportive role in the supervision and promotion of sound corporate governance practices. To promote compliance with corporate governance codes and listing rules, Asian stock exchanges are leading a set of additional actions including: ■ Issuing guides Th is goes beyond guidance for disclosure requirements and aims at helping listed companies understand and comply with the corporate governance code and listing rules. (Bursa Malaysia p.28) ■ Sample reporting templates Singapore provides a template to help companies in their disclosure practices and make the regulator’s supervision easier. In addition, Bursa Malaysia monitors companies’ compliance not only with listing rules but also with the corporate governance code. Further, it engages with listed issuers to address any disclosure gaps noted ■ Assessment of corporate governance reports Some stock exchanges monitor compliance and assess the quality of disclosures through corporate governance reports in order to track improvements over time. The Singapore Exchange Limited (SGX) and the Stock Exchange of Hong Kong Limited (SEHK) take this approach ■ Training and workshops Some Asian stock exchanges lead training programmes and workshops for directors and issuers. Such initiatives, as in Chinese Taipei and Hong Kong (China), cover different topics, including listing rules requirements and corporate governance in general 112 Ethical Boardroom | Autumn 2018

Enforcement: The relative powers of stock exchanges

The most challenging role for exchanges is enforcement, given the impact it has on its reputation and credibility. First, the powers of stock exchanges are mainly limited to enforcing breaches of listing rules. Further, limited access to information and insufficient resources restrict the enforcement powers of stock exchanges. In these cases, the assistance of relevant authorities is necessary to achieve results. In order to guarantee shareholders’ rights, enforcement actions need to happen quickly; this raises the issue of whether stock exchanges should take pre-emptive actions, such as injunctions, freezing of assets or suspensions. According to the report, sanctioning powers of stock exchanges vary widely. Clearly defining the responsibilities of stock exchanges contributes significantly to their implementation of effective enforcement actions. The sanctioning powers available to stock exchanges include imposing sanctions, suspensions and/or de-listing.

In most Asian economies, stock exchanges often play a supportive role in the supervision and promotion of sound corporate governance practices Most stock exchanges have the power to de-list a listed company. However, this enforcement action remains rare for various reasons. First, it might not be an appropriate response, given the adverse effects it incurs on shareholders. Second, the exchanges have a disincentive to de-list companies that contribute to their revenues (e.g. trading revenues, or others) or represent an important market actor. Among the Asian economies surveyed, four confer comprehensive enforcement powers to their stock exchanges, which actively pursue enforcement actions for breaches of the listing rules. The jurisdictions are Singapore, Malaysia, Chinese Taipei and Hong Kong (China). Specific committees (i.e. disciplinary, regulatory and/or appeals committees) are set up by exchanges to deal with breaches of listing rules, as in Singapore Exchange and Malaysia. Bursa Malaysia has a wide array of enforcement actions at its disposal. This ranges from warnings and/or public reprimands targeting listed issuers and some of their representatives (e.g. directors, brokers and dealers) to the imposition of fines, or even the suspension of trading or de-listing of a listed issuer – depending on the severity of the breach. The Hong Kong Stock Exchange has comparable powers.

However, in other jurisdictions, stock exchanges do not have all of these sanctioning powers, which usually remain with the securities regulator. The stock exchange in Vietnam can take enforcement actions such as reminders, warnings, suspension or de-listing following the violation of corporate governance rules, however only the State Securities Commission can impose fines. Whereas in India, for example, the vast majority of enforcement powers is conferred on the securities regulator. In their quest for a stronger culture of corporate governance, stock exchanges also benefit from initiative taken by various stakeholders, including institutes of directors, corporate governance centres, institutional investors and minority shareholders organisations, auditors and corporate secretary organisations, promoting good corporate governance practices and regulations. In addition, some stock exchanges pursue training programmes, studies and reports in collaboration with these stakeholders.

Managing conflicts of interest in Asian stock exchanges

As mentioned earlier, the demutualisation of stock exchanges generated a potential for confl icts of interest between their regulatory role, which serves the public interest, and their commercial role as a profit-making company. Th is situation led to different arrangements introduced by some Asian exchanges with the aim of avoiding possible confl icts of interest. For example, the Singapore Exchange (SGX) – responsible for the development and enforcement of rules and regulations in the Singaporean securities markets – set up specific safeguards to address the issue of conflicts of interest. It implemented conflict of interest guidelines for self-regulatory organisations and delegated its regulatory power to a subsidiary. The latter’s chief executive is the exchange’s chief regulatory officer who reports to the subsidiary’s board, composed mainly of independent directors and chair. A different setting prevails in Hong Kong, China where the Listing Rules of the exchange and a memorandum of understanding between the exchange and the Securities & Futures Commission (SFC) address conflicts of interest. The Stock Exchange of Hong Kong Limited (HKEx), as a self-listed company, has to comply with its own listing rules regarding the issuance of its securities. Thus, the SFC is in charge of the supervision and the regulation of HKEx and following the terms of the memorandum of understanding, it fulfils the same functions for other issuers in the event of a conflict of interest. OECD(2017), OECD Equity Markets Review: Asia 2017. OECD (2015), G20/OECD Principles of Corporate Governance. p.16. 3OECD (2018), The Evolving Role of Stock Exchanges in Asia: Standard-Setting, Supervision and Enforcement of Disclosure Obligations and Corporate Governance Rules. p. 7 1

www.ethicalboardroom.com

THE FINTECH POWER 50 THE ANNUAL GUIDE TO THE MOST INFLUENTIAL, I N N O VAT I V E C O M PA N I E S A N D P O W E R F U L FIGURES WITHIN THE FINTECH INDUSTRY

O F F I C I A L

S U P P O R T I N G

P A R T N E R S

E V E N T

w w w.thepower50.com

P A R T N E R S

thepower_50

Asia | Shareholders

Japan’s ‘Shareholder In 2001 I wrote an article in the Wall Street Journal, under the headline of Japan’s Coming Shareholder Revolution. The timeline I had in mind in 2001 was five or 10 years, not 17 years. But neither did I correctly predict the rapid acceleration in the pace of reform over the past four years, in which I myself have played a role. Here is a status report.

Regulators, the GPIF and the TSE are maintaining momentum Unlike in 2013, when I fi rst proposed it, Japan now has a Corporate Governance Code (CGC) and it has already been revised once. The new revisions require companies to either have a majority of independent directors, or at least have an ‘independent’ nominations or compensation committee with a majority of outside directors. The revised CGC also has more stringent principles about ‘allegiant shareholders’ (so-called cross-shareholdings) and requires companies to disclose their policy for reducing them. Furthermore, as the outcome of an advocacy drive I started several years ago, the CGC now includes an entirely new principle, effectively asking companies to direct their own pension funds (some of the largest asset 114 Ethical Boardroom | Autumn 2018

Corporate governance has a long way to go but investors can finally make the difference Nicholas Benes

Representative director of The Board Director Training Institute of Japan owners) to sign the Stewardship Code (SC). Th is is a very symbolic change. That Stewardship Code, also has been revised and now contains something I proposed to absolutely deaf ears in 2010: the disclosure of per-agenda-item votes at AGMs. This is having a big impact. Japan’s huge national pension fund, the GPIF, is pushing its asset managers hard on environmental, social and governance (ESG) integration and now publicly refers to ‘corporate governance codes’ in its policies for stewardship and proxy voting – something it did not do when the CGC was first put in place. The GPIF’s push for ESG-based investment has made those three capital letters almost a household word, a big change from just a few years ago. The Japan Exchange Group (JPX/TSE) now requires something I was told would be met with the most extreme resistance in 2014: disclosure about ex-CEOs who hold ‘advisory’ positions that carry no legal liability but

enable them to meddle in strategy to protect their legacies and obsolete preferences. As a result of a myriad of regulatory and framework changes like these, more than one-half of TSE1 companies now have three or more outside directors, something that was unthinkable just a few years back – as was the mere mention in the CGC of the words ‘a majority of outside directors’. Relative to where we were in 2013, these and other reforms amount to massive progress. But one day, regulatory fatigue will inevitably set in. The FSA will increasingly point out that ‘at this point, improvement of governance and returns is mostly up to investors’. And, the JPX/TSE takes its cues from the FSA.

Both foreign and domestic investors are finding their voices Luckily, investors are now stepping into the fray. More investors are making demands (or polite suggestions) to companies as part of the government’s policy to promote ‘constructive engagement’ and are serving up ‘against’ votes on AGM resolutions that send a clear message – such as director appointments and takeover defence plans. Consider the following recent trends:

There were more shareholder proposals in 2018 then ever before (a total of 42 according to the Nikkei Newspaper, or well over 50, depending on how one counts). Two www.ethicalboardroom.com

Shareholders | Asia

STARTING TO BLOOM Policy change can take time in Japan but reform is under way

Revolution’ - at last of them were approved this year – and more if one includes cases where the company complied partly or wholly before or after the AGM (see Figure 1, right). The increase is largely made up of shareholder proposals that focus on governance-related issues, ranging from director and corporate auditor appointments, to cumulative voting, to separating the CEO and chairman positions, to establishing nominations and compensation committees, to changing the legal form of governance used by the company, to mandating the reduction of cross-shareholdings or requiring responsible voting of such shares, to schemes that would better align executive compensation with ROE or shareholder returns and others. Increasingly, activists are drawing from – or directly referring to – key principles in the Corporate Governance Code (or ‘best practices’ abroad) when crafting their proposals, thereby positioning them as ‘reasonable’ and making it harder for companies or asset managers to oppose them. In response, more and more institutional investors are voting in favour of shareholder proposals. Consider that only 2.9 per cent of shareholder proposals were supported by the GPIF’s equity fund managers in FY2014, but this zoomed up to 11 per cent in FY2017. Very significantly, this trend is especially conspicuous among domestic investors (see Figure 2, right).

www.ethicalboardroom.com

FIGURE 1: NUMBER OF SHAREHOLDER PROPOSALS (All listed companies)

45 40 35

Source: ICJ, Inc

First three columns (2000-2005, 2006-2010, 2011-2015) are yearly averages during those periods.

30 25 20 15 10

2000-2005

2006-2010

2011-2015

2016

2017

2018

FIGURE 2: SHAREHOLDER PROPOSALS, SUPPORT % (Institutions using the ICJ electronic platform)

12.00% 10.00%

9.20%

9.10%

8.00%

6.70%

10.20% 8.90%

6.20%

6.00%

5.10%

4.00% 2.00%

2.10%

2014 Source: ICJ, Inc

1.70%

1.80%

2015 2016 2017 ■ Domestic Institutions ■ Foreign Institutions

2018

Autumn 2018 | Ethical Boardroom 115

Asia | Shareholders shareholder support for 4 Automatic elections of director and corporate

auditors is a thing of the past. There are more than a few asset managers where the percentage of ‘against’ votes for director appointments now exceeds 30 per cent; at some it exceeds 50 per cent or even reaches 100 per cent. The ICJ’s average statistics show average ‘against’ voting levels of 10.3 per cent for domestic institutions and 8.8 per cent for foreign institutions. The level is now higher for domestic investors (see Figure 3, right)! As a result, the percentage of CEOs with 95 per cent or greater shareholder support has fallen to 50 per cent, down from 63 per cent two years ago. Message to corporate Japan: ‘ROE, strategic vision and managerial performance matter now. You can be kicked off the gravy train early’. For reasons like these, I think it is fair to say that a ‘shareholder revolution’ based on engagement and the use of voting as a crude ‘stick’ is finally under way in Japan. Further, because domestic institutions are now active, this sea change is no longer dependent on foreign institutions, which means that it is here to stay and will have greater impact.

Reforms and practices that are ‘working’

Compared to the pre-CGC days of 2014, a number of reforms or new practices continue to have a positive impact and/or reflect crucial attitudinal changes.

There is a now greater recognition that returns on investment need to increase. This is most often reflected to references to raising return on equity and widespread realisation that returns in the ‘investment chain’ directly affect the health of Japan’s economy and the welfare of its citizens. Executives now feel, and are reacting to, the expectations of society and the markets in this respect more keenly than before. Many more boards than before have two, three or more outside directors and are learning how to cope with reporting to them and the greater accountability that arises from their comments and advice (now recognised to be potentially helpful because of their greater objectivity) even if they may not be perfect choices as INEDs or are ‘over-boarded’. The practice of self-evaluation of the board (by the board) has had a surprisingly beneficial impact, more than I expected when I proposed the concept in 2014 at the suggestion of Frank Curtiss (then at RPMI Railpen). At many companies, Japanese directors are responding to internal surveys with direct, pithy comments and suggestions, which are clear feedback to CEOs and fodder for the secretariat staff to use in proposing practice changes. Directors finally have a forum to which they can submit their comments and complaints.

116 Ethical Boardroom | Autumn 2018

FIGURE 3: ‘AGAINST VOTES’: DIRECTOR ELECTIONS (Institutions using the ICJ electronic platform)

11.00%

10.30% 10.00% 9.10%

9.00% 8.00%

8.80%

8.70% 7.80% 7.80%

7.00%

7.90% 7.50%

7.70%

6.80%

6.00%

2014

Source: ICJ, Inc

2015 2016 2017 ■ Domestic institutions ■ Foreign institutions

is a widespread public recognition 4 Ththaterekeeping retired executives

(especially CEOs) on the dole as ‘advisors’ can make it difficult for their successors to change the strategy or exercise independent leadership. Companies are starting to react to this change in thinking among investors, the public and the media (see Figure 4, below). There is and increasing body of analysis that shows various kinds of correlation between modern governance practices and corporate performance. This can now be used by investors to show portfolio companies that governance does in fact make a difference. This includes excellent analysis by METI (now a governance proponent) showing that the existence of nominations or compensation committees correlates with out-performance; or analysis by my own organisation (BDTI) and METRICAL, Inc. showing that ‘outperformance’ correlates with having a majority of independent directors and/or a number of factors that are driven by governance, such as low cross shareholdings, a robust and clear growth strategy, stock buybacks combined with cancellations and incentive compensation. ESG has become so commonly mentioned and discussed that one sometimes fears it will de-prioritise simple governance and remain mainly a fad that asset managers use to raise AUM and companies use as grist for the IR mill. But relative to the past, the trend is an excellent one.

2018

Reforms and practices that are not working so well

Now we come to the most interesting topic: what is not working so well:

Efficient engagement Despite all the constant talk about ‘constructive engagement’ and the self-promotional confidence by asset managers that they are having a pronounced impact, to my knowledge not a single institutional investor has set forth detailed proxy voting guidelines that ask portfolio companies to adopt modern practices about the proportion of INEDs, director qualifications, committee structure (role, makeup and leadership), capital allocation, policies for training directors and executives and so forth, along the lines of the CPP’s proxy voting guidelines. I am talking about an appropriate level of detail and some examples. In contrast, many asset managers here appear to believe they are fulfilling their expected role if they merely meet with their largest portfolio companies, discuss the business, state a few concerns orally and get a gut feel for the quality of management. While it is excellent to have in-person meetings, in my view, relying on such meetings alone is a very inefficient way to ‘engage’ with portfolio companies in New Japan. Preceding such meetings with written suggested practice standards that will guide voting, noting that exceptions will, of course,

FIGURE 4: SURVEY BY METI – THE INTERNAL VIEW

Question: “What topics are not sufficiently debated by the board?” Monitoring of CEO + succession planning Medium/long-term strategy Dialogue with shareholders

30%

Development of new businesses

28%

Risk management

24%

Global management

19%

Monitoring of past decisions

18%

The business portfolio

16%

Other

■ 2016 ■ 2017

16%

Nothing in particular Source: METI Survey Report, Feb. 22, 2018, page 7.

51% 42%

2% 0%

10%

20%

30%

40%

50%

www.ethicalboardroom.com

Shareholders | Asia be made and giving ample advance ‘warning’, would be much more effective and efficient. Aside from past custom, there are several reasons for the tendency to not leave detail in writing. The first is simply that global ‘best practice’ has been scorned for so long (as in, ‘we are different here; there is no reason to considering doing that in Japan’), that fund managers themselves either still believe that rhetoric to some extent, or fear that it would be rude to suggest specific practices and/or simply do not understand those practices and how to apply them in Japan in an effective manner. In almost all cases, fund managers have never sat on boards themselves and need to study foreign practices more. A second reason is that the word for ‘engagement’ in Japanese suggests merely in-person dialogue and mutual exchange of views, rather than (also) clarity of ‘asks’ that, if not complied with, will result in ‘against’ votes. Or at least, it can be interpreted that way. The third reason is that certain Japanese IR consultants still circulate to their corporate clients secret ‘blacklists’ of investors who have become ‘very demanding’. Asset managers fear that if their names get on these lists, companies will refuse to meet with them (after all, that is the purpose of circulating the list) and they will be shut off from information flow from portfolio companies. Obviously, they would also be unable to tell their customers that they are doing ‘constructive engagement’ if they were not even allowed to meet with the company. These fears are largely ungrounded unless one is a true activist, but like a skittish thoroughbred, once a financial institution is ‘afraid of its own shadow’ it will not be convinced otherwise. If the FSA wants ‘constructive engagement’ to maximise its hoped-for benefits, it should be prohibiting the practice of informal blacklists.

Reduction of ‘allegiant shareholders’ We still have a problem in Japan that there are far too many shareholders which are not asset managers and whose real purpose in holding shares is not to seek investment returns but rather to obtain or keep business and/or help ‘defend’ the other company by always voting in support of it at the AGM, often receiving the same treatment in return. (In English these shares are often referred to by the term ‘cross-shareholdings’, but often the holdings are only ‘one-way’.) Most analysts calculate that the percentage of all shares that fall in this category is about 15 per cent of listed company shares, but when other allegiant holders such as banks, insurance companies and corporate-controlled trusts are lumped in, it is north of 30 per cent. My own organisation (BDTI) is now attempting to calculate the percentage of such holders for each listed company on a more precise basis. At any rate, it is easy to see that if the average is anything close to 30 per cent – there www.ethicalboardroom.com

will be many companies with levels like 40 per cent, which effectively insulates management from being voted out for anything except the most egregious scandals. Given that, on average, only 70-80 per cent of shareholders vote, even a 25 per cent ‘allegiant shareholder’ base provides a highly effective defence against the voting trends outlined at the start of this article. Hopefully, the new wording of the CGC encouraging the reduction of ‘allegiant’ holdings will have significant effect via the mechanism of engagement, which will become more ‘efficient’ in the meantime. Th is combination would be a game-changer.

I think it is fair to say that a ‘shareholder revolution’ based on engagement and the use of voting as a crude ‘stick’ is finally under way in Japan practices for nominations, 3 Modern succession planning and HR in general

Although they are growing in number (35 per cent of TSE1 firms now have them), most ‘advisory nominations committees’ are cosmetic in nature. More than half of such committees only meet once or twice a year; at only 42 per cent of them is an outside director the chair; and, on average, only 45 per cent of committee members are outside directors. Because choosing who to ‘promote’ to the board is the source of the CEO’s political power, he often sits on the committee and serves as its chair if possible. This eviscerates the committee’s independence and prevents it from evaluating his performance objectively or getting much input about alternative CEO candidates and up-and-coming executives from other sources. In some cases, the CEO’s performance is not even a valid subject of the committee’s consideration. (After all, he is right in the room.) The situation for ‘compensation committees’ is similar. To increase the number of firms with committees and to make them more effective, will require two things: (a) specific requests from investors to create committees and ensure their independent composition and leadership, enforced by a voting ‘stick’; and (b) outside directors and investors who insist

that companies put in place modern HR practices to evaluate managerial performance and aptitude, map talents and experiences and thereby better inform such committees so that subjective input from the CEO is not the main source of information. I believe that robust incentive compensation plans will only achieve their full desired effect once procedures and criteria for evaluations, promotions and nominations have been made more transparent and objective.1

4 governance skills Japan suffers

Investment in modern executive,

from chronic under-investment in modern management and governance skills through means other than OJT and which would lead to common skill sets in strategic thinking, financial and project analysis and governance practice in the board room or reporting to it. Executives appointed to the board often come to it unprepared to be directors for the fi rst year. As a survey on director training by the Association of Corporate Legal Executives, concluded in February of 2016, ‘in the past, director training at Japanese listed companies did not emphasise increasing skills for this role [‘monitoring’]… It is necessary to add this aspect…It seems rare that directors have enough knowledge when first appointed…’ Other results from the survey were equally disheartening (see Figure 5, below). Here again, the specific voices, in writing of investors are needed. The questions, with respect to managers, executives and directors, should not be, ‘what is your general policy about executive and director training?’. Rather it should be ‘who exactly did you actually train last year, in what subjects, how and for how long?’2

The bottom line: It’s up to the investors

Going forward, if shareholders ask for specifics, more and more Japanese companies will heed their reasonable requests. The more numerous such investors are, the faster Japanese companies will improve both practices and returns. Now is the time to make sure your voice is heard, not the time to play free-rider. 1 Such incentive compensation plans should also include many of the less senior executives who are not yet on the board. 2 The two most common responses we receive in surveys after BDTI’s intensive director training courses are: ‘now I understand what my role as a director is!’ and ‘I learned how little I know about finance and reading financial statements.’

FIGURE 5: COMPANIES WHERE... Executive directors received any training at all Outside directors received any training at all The length of training was three hours or less Training covered: Internal control Compliance-related topics Risk and crisis management Corporate Governance Code Finance and accounting Corporate value and valuation

% OF RESPONDENTS 53.9% 28.9% 50% 42.4% 16.2% 25.3% 13.1% 21.2% 7.1% Autumn 2018 | Ethical Boardroom 117

Asia | Investor Stewardship in Japan INVESTOR ENGAGEMENT Stewardship is adding value to the market

Promoting growth in Japan 2018 marked the ﬁfth anniversary of Japan’s initiatives on investor stewardship and corporate governance reforms, following the ﬁrst council meeting to discuss its Stewardship Code in August 2013. Over the past five years, the Japanese government has implemented a series of measures and investors and Japanese corporations have responded. More than 230 institutional investors have signed up to the Stewardship Code while approximately 90 per cent of companies listed on the Tokyo Stock Exchange reported that they complied with more than 90 per cent of the Corporate Governance Code’s principles. The stage has been set for Japan Inc. to change. We start this article by overviewing the financial outcome of investor stewardship and corporate governance initiatives during the past five years. Next, we illustrate how the landscape of investor stewardship and corporate governance evolved in 2018, highlighting the initiatives by the government and those by investors and corporations. We lastly present our perspective of the future. The primary purpose of the reform initiatives has been to promote sustainable growth of Japanese companies and to increase corporate value. Th is is a unique aspect of the reforms in Japan as the corporate 118 Ethical Boardroom | Autumn 2018

How investor stewardship and corporate governance are evolving in Japan Yoshikazu Maeda

Head of Responsible Investment, Governance for Owners, Japan governance and stewardship reforms are often implemented against a background of corporate scandals. Consequently, we should use financial outcomes to evaluate the progress of reforms. As far as financial achievements are concerned, the reform initiatives have not yet brought about as financially significant changes as originally expected in these five years. We look at how corporates have changed and how the market has evaluated this outcome. If we look at the median of constituent companies of the TOPIX 1000 Index, return on equity (ROE) improved but only slightly, from 8.3 per cent to 9.4 per cent over the five-year time horizon. In deconstructing ROE, whereas the profit margin has improved, both asset turnover and asset to equity declined, offsetting a positive impact of profit margin improvement (see Table 1). The market index of Tokyo Stock Exchange rose 39 per cent in the five years to August 2018, which is equal to an annualised return of 6.8 per cent. The percentage of TOPIX 1000 companies that trade below

book value decreased to 30 per cent from 42 per cent during the same period. These figures are respectable and encouraging but might not be compelling. This is not just our view; the government appears to be on the same page. A council under the Financial Services Agency started the discussion with a view to the revision of the Corporate Governance Code in October 2017 and examined the progress of corporate governance reforms. The council had five meetings and eventually came up with five points that should be taken into account in the revision.1 Based on the proposals by the council, Financial Services Agency and Tokyo Stock Exchange, the Corporate Governance Code was revised in June 2018. In the document where the council proposed the revision, they made it clear that further progress had yet to be made in corporate governance reform. Among the five points taken into account in the revision of the Corporate Governance Code, four points are relevant here: ■ Management decisions in response to changes in the business environment ■ Investment strategy and financial management policy ■ CEO appointment/dismissal and responsibilities of the board ■ Cross-shareholdings Each of these points addresses challenges that are likely to be hindering Japanese www.ethicalboardroom.com

Investor Stewardship in Japan | Asia corporates in their efforts to improve financial performance. The council’s comments on each point are summarised (in bold) below.

Management decisions in response to changes in the business environment

“Many companies are not making management decisions decisively in response to changes in the business environment... The reviewing of business portfolios is not necessarily sufficient at Japanese companies, because management still does not adequately recognise a company’s cost of capital.” According to a survey by the Life Insurance Association of Japan, to which 581 companies and 116 institutional investors responded, 73.3 per cent of investor respondents expect companies to concentrate on their core competence, i.e. to re-examine and restructure their business portfolio in order to increase capital efficiency.2 In contrast, only 36.5 per cent of company respondents consider concentration on core competence as an important strategic option to achieve higher capital efficiency.

Investment strategy and financial management policy

“Strategic and systematic investments in fi xed assets, R&D and human resources are important for companies to generate sustainable growth and increase corporate value over the mid to long term... It is also important to conduct appropriate financial management, which is consistent with investment strategies and recognises a company’s cost of capital.” The same survey by the Life Insurance Association of Japan shows that about 70 per cent of investors consider the level of cash on companies’ balance sheets as excessively high while 60 per cent of companies consider it appropriate. For TOPIX 1000 companies, cash and short-term investments on the balance sheet grew 60 per cent over the past five years.

CEO appointment/dismissal & responsibilities of the board “The board has the responsibility to support management, including the CEO, and it is necessary for the board to possess appropriate knowledge, experience and skills... It is important to ensure sufficient diversity, including gender and international experience, in order for the board to sufficiently fulfi l its responsibilities.”

Cross-shareholdings

“While cross-shareholdings have decreased recently, the decrease by non-financial corporations is modest... Cross-shareholdings are meaningful in www.ethicalboardroom.com

promoting strategic partnerships... However, “the presence of shareholders who are expected to support company management could lead to a lack of management discipline and that cross-shareholdings are risk assets on company balance sheets that are not proactively used and therefore inefficient in terms of capital management.” As an analysis by FSA, which is represented in Figure 1 (below), shows, there appears to be a modest correlation between cross-shareholdings as a percentage of net assets and ROE.

investors and corporations. The following three points are worth highlighting: higher diversity on the board, increase in shareholder proposals and impact of corporate scandals on investors’ voting. The most encouraging development in the 2018 AGM season was a notable increase in female and non-Japanese directors on the boards. Toyota Motor and Fujifi lm Holdings are among companies that appointed a fi rst-ever female director. Recruit Holdings and Panasonic are among those where shareholders appointed a fi rst non-Japanese director. Another interesting observation was The underlying problem the increasing number of Japanese companies of shareholder proposals In order for a highlighted by each of these and higher support board to be truly four points is cost of capital for them. For example, and poor business decision- effective, the a shareholder proposal making processes at board that asked for individual chairman needs to level at Japanese companies. disclosure of management nurture conditions remuneration received With these concerns in mind, the Financial Services that allow non39.1 per cent supporting Agency not only revised at Mitsubishi UFJ executive directors votes the Corporate Governance Financial Group and Code but also came up with 35.8 per cent at Mizuho and board Guidelines for Investor and Financial Group in 2018. committees to Company Engagement. 3 The same proposal gained function in a way These illustrate ‘agenda 37.7 per cent and 30.8 items for engagement per cent support respectively that promotes the on which institutional last year. Shareholder long-term interests proposals calling for a investors and companies are expected to focus’. separation of board chair of a company It may appear odd that a and CEO roles also government organisation received 33.1 per cent supporting votes sets discussion items for companies and (30.8 per cent in 2017) at MUFG and investors. But, this is indicative of how 29.6 per cent (25.3 per cent in 2017) seriously the Financial Services Agency takes at Mizuho. Given that sensible and this ‘cost of capital’ problem and considers well-explained shareholder proposals it as the key for Japan Inc. to revive. are more likely to be supported, more Next, we present our observations around shareholder proposal are expected to be the 2018 June AGM season so that readers used as a tool of investor stewardship can understand on-the-ground actions by in the future.

TABLE 1

2014 2015 2016 2017

ROE 8.3% 8.5% 8.6% 8.7% Net profit margin 4.4% 4.8% 4.9% 5.3% Asset turnover 0.92 0.89 0.88 0.85 Asset to equity 2.09 2.02 2.01 2.00 * Figures are for the median of TOPIX 1000 companies ** Calculation by Governance for Owners Japan

2018 9.4% 5.5% 0.86 1.96

CHANGE 14-18 1.0% 1.1% -0.06 -0.12

FIG 1: CROSS-SHAREHOLDINGS AS % OF NET ASSETS AND ROE 14%

10%

Source: Financial Services Agency

11.6%

12%

10.7%

9.9%

8.7%

9.6% 7.6%

8% 6%

4.9%

3.6%

2% 0%

~2%

2%-4%

4%-6%

6%-8%

8%-10% 10%-15% 15%-20%

20%~

Autumn 2018 | Ethical Boardroom 119

Asia | Investor Stewardship in Japan The caveat however is that none of those proposals was approved despite the fact that shareholders submitted 42 proposals – a record-high. Shareholder proposals can be an effective way to make the shareholders’ view known to companies and put pressure on them, although it might not be able to trigger radical corporate changes by itself. There have been a series of corporate scandals at Japanese companies in recent years, starting from Kobe Steel. At many of those companies that experienced corporate scandals, top management received less support for their re-election. For example, the chairman of Suruga Bank received about 20 per cent less support in 2018 after it was revealed that the bank was involved in a lending scandal (See Figure 2, right). Japanese stewardship and corporate governance initiatives are characterised as ‘offensive’, being framed in the context of promoting sustainable growth. This, however is a good reminder that the centrepiece of corporate governance is a defence to corporate scandals and is fundamentally defensive. The changes and developments in 2018, whether or not initiated by the government, investors or corporations, have not led to improved near-term financial performance. However, they are green shoots definitely setting a constructive grounds for better performance by companies and for more effective investor stewardship. Having said that, some investors may be frustrated by the slow progress at Japanese companies and many companies are also frustrated by the formality of investors. While it is understandable, it has only been five years since Japan started making a series of efforts to improve. We however remember that these five years compare to 30 years when the country was struggling with an economy yielding minimal growth and declining stock markets. We, Governance for Owners Japan, have been implementing investor stewardship for institutional investors for 11 years. There is no doubt that the environment of investor engagement has never been more favourable. Given our experience, we are confident that investor stewardship works in Japan and investor engagement is beneficial to both shareholders and companies. We have tracked our engagement portfolio since 2009 when we started engaging with companies on behalf of our clients. This portfolio returns more than 40 per cent alpha over the Tokyo Stock Exchange market index in eight years.4 Therefore, the benefit here is not formalistic corporate governance improvement, but sustainable value creation and stronger stock performance. Th is shows that investor stewardship works and adds value even in Japanese markets, although progress may take longer than elsewhere. At the beginning of this article, as symbolistic metrics, we presented ROE from 2014 to 2018 and its limited improvement. 120 Ethical Boardroom | Autumn 2018

FIG 2: CORPORATE SCANDAL EFFECT ON RE-ELECTION SUPPORT 100%

91.9%

80%

98.3%

91.7% 71.8%

97.8% 77.4%

76.0%

88.3% 90.5% 78.4%

60% 40% 20% 0%

Suruga Bank Mitsubishi Materials ■ Last election ■ 2018

Ube Industries

We present more encouraging statistics to end this article. In 2018, TOPIX 1000 companies returned more than 30 per cent of their operating cash flow to shareholders via dividends and share buybacks for the fi rst time in these five years. As a result, while the absolute amount of cash continues to increase, cash to total assets ratio declined for the fi rst time. Capital discipline seems to be emerging (see Figures 3 and 4). Th is would not have happened without investor stewardship and corporate governance reform initiatives. We believe that we are approaching a tipping point for

Subaru

Toray

Note: Approval ratio of the most senior director

Japan Inc. when the financial advances of these initiatives over the last five years will become obvious. 1 The whole discussions can be found at https://www.fsa. go.jp/en/refer/councils/follow-up/index.html. It is a standing council and the website shows every council meeting so far. However, the ones specifically relevant to the revision of the Corporate Governance Code are the eleventh to the fifteenth. 2The whole survey is available at http:// www.seiho.or.jp/info/news/2018/pdf/20180420_3.pdf, but only in Japanese. The summary is available in English and can be read at http://www.seiho.or.jp/info/news/2018/ pdf/20180420_2.pdf. 3https://www.fsa.go.jp/en/news/2018/ follow-up/20180330-1/03.pdf 4A chart on page 22 of https:// goinvestmentpartners.com/wp-content/uploads/2018/08/ Stewardship_Code_English.pdf shows the stats

FIG 3: CASH HOLDINGS AS PERCENTAGE OF NET ASSETS 18%

■ Cash to assets

16%

14.7%

10.7%

2014

2015

15.5%

15.8%

15.5%

2016

2017

2018

14% 12% 10% 8% 6% 4% 2% 0%

FIG 4: SHAREHOLDER PAYOUT: AMOUNT AND PERCENTAGE OF OPERATING CASH FLOW 21,000 18,000

35%

■ (Dividend + share buybacks)/operating cash flow – (Dividend + share buybacks) in JPY Billion

30% 14,992

15,000 11,742

15,466

13,865

25%

12,000 9,000 6,000

7,360

17.5%

27.0% 21.6%

31.3%

15%

19.7%

10%

3,000 0

20%

2014

2015

2016

2017

2018

www.ethicalboardroom.com

Direct to your Door! Email our team now at subscriptions@ethicalboard.com

Asia | Indian Corporate Governance

Marching towards CONVERGENCE Following the liberalisation drive in the Nineties, the role of India’s corporate sector has expanded signiﬁcantly.

Indicating a major break from the past, the private sector now wields considerably more prominence in the growth story of the country with data of the last few decades suggesting that India’s current growth trajectory is steady, stable, diversified and resilient – helping lay the groundwork for a sustained future growth of eight per cent. With robust macro-economic fundamentals in place, India is rated among the more favoured foreign direct investment destinations globally amid government initiatives and reforms for developing responsive and robust public systems that result in more robust business rankings. The initiatives towards improving the governance structures and economic reforms that create an ecosystem that is enabled for future growth, are poised to create integration and alignment with the global trends and opportunities. It will not only infuse the ecosystem with new energy but will also improve the

Successive reforms and robust monitoring have boosted Indian corporate governance Dr Niraj Gupta & Mathew John

Dr Niraj Gupta, Head & Mathew John, Senior Associate at the Indian Institute of Corporate Affairs (Corporate Governance & Public Policy) economic rankings of the country at the global level by offering promising assurances. It has been realised that sustainable business and economic growth is inevitable for the nation and business. One of the key indicators of sustainable economic growth is that of effective corporate governance mechanisms and their implementation. Corporate governance is critically important to a country’s economic growth and stability because it provides

the credibility and confidence that is fundamental to capital markets. Recent high profi le boardroom tussles and corporate governance scandals have attracted considerable attention from the regulators and all stakeholders, prompting a nationwide debate on sustainable governance and best practices. Government through its regulatory agencies play a crucial role in creating effective governance frameworks capable of addressing emerging challenges and filling existing gaps. However, it has also been realised that corporations should take the lead in revising the assurance framework in order to give investors greater trust. Corporations should seriously look to address the issues and challenges they face as a result of increasing integration of the global market systems, disruptive innovation and usage of technology and intellectual properties, turning them into opportunities. It is not just enough to look within the organisation for ensuring that the governance frameworks and structures are in place; rather they should look to future risks in order to effectively utilise the wealth of the shareholders and gain trust of the stakeholders by establishing effective commitment and reputational mechanisms. The institutions associated with the

CORPORATE GOVERNANCE India has adopted international best practices but their implementation has not been a smooth journey

122 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Indian Corporate Governance | Asia corporate governance process have weighty responsibilities. Regulators can facilitate reform and establish compliance frameworks, but the onus is on companies and shareholders to encourage ethical business practices and drive up standards. As part of recent structural and regulatory reforms, India has witnessed several initiatives. Notable ones include: the new Companies Act in 2013; the Securities Exchange Board of India’s (SEBI) amendments of Clause 49 by issuing listing obligations and disclosure requirements regulations in 2015; the Insolvency and Bankruptcy Code, reforming on enforcement mechanism and constitution of the National Company Law Tribunal (NCLAT); and National Company Law Appellate Tribunal (NCLAT), the formation of the National Financial Reporting Authority (NFRA) as an audit profession regulatory body; and the constitution of the Kotak Committee on Corporate Governance with implementation of a large set of recommendations to fine tune the governance frameworks in line with the global best practices. These initiatives have been taken to address issues raised by extensive research and stakeholder consultations to address key impediments to enabling greater convergence with global best practices and governance models. Needless to say, the aforementioned series of reforms indicate a strong political will to ensure greater convergence with the Anglo-American model, but it is also important to mention that success of these convergence initiatives is contingent on effective implementation and monitoring by corporations themselves. It is to be considered as an evolving process with contribution from both regulatory bodies and practice bodies. It is necessary to look at the various aspects of the governance principles that address the issue of agency when infusing the markets with the trust needed to make them agile and resilient in line with the growth plan. Governance practices need to be focused as much on spirit as on form. Corporate governance norms in India have been constantly evolving.

www.ethicalboardroom.com

What started as adoption of voluntary codes the existing regime, which weren’t of corporate governance quickly gave way particularly effective in preventing largeto a mandatory, regulator-driven approach scale frauds. The provisions relating to the after the introduction of the voluntary key institutions of corporate governance Desirable Corporate Governance: A Code have been revisited to make sure they provide in 1998, backed by the Confederation of a robust framework for effectiveness of Indian Industry (CII). Subsequently, transparency and disclosures. Strengthening recommendations advanced by the Birla the institution of independent directors, Committee, the Naresh revisiting provisions Chandra Committee, Corporate governance for appointment and the Narayan Murthy rotation of auditors, norms in India have Committee, Dr. J. J. Irani protecting the interests been constantly Committee and the of minority shareholders, recent Kotak Committee, evolving. What defining corporate among others, resulted in frauds, tightening started as adoption the current framework the provisions of that determines disclosure of related of voluntary codes of corporate governance transactions, corporate governance party norms in contemporary and provisions for India. The introduction initiating class action quickly gave way of the Companies Act, suits are a few key to a mandatory, 2013 and its subsequent milestones for ensuring regulator-driven amendments are also the framework’s part of this process of effectiveness. approach towards evolution of corporate SEBI defines corporate governance corporate governance governance norms dealing with the as the ‘acceptance by relationship between shareholders, the board management of the inalienable rights of of directors and the management. shareholders as the true owners of the Introducing the Companies Act 2013 was corporation and of their own role as trustees intended as a direct response on behalf of the shareholders. It is about to major events, such as the commitment to values, about ethical Satyam scandal, which business conduct and making exposed significant a distinction between personal vulnerabilities in and corporate funds in the management of a company’. However, even after two decades of dedicated reforms, the pattern of actual adoptions of recommended best practices among Indian firms reveals a mixed bag.

Autumn 2018 | Ethical Boardroom 123

Asia | Indian Corporate Governance While successive reforms in Indian corporate governance aimed to improve its convergence with the Anglo-American model, key differences between the Indian business environment and that of the UK or US, such as concentrated ownership structures, limited incidence of shareholder activism and the limited success in encouraging a voluntary compliance culture, necessitated the mandatory nature of corporate governance in India. It can be posited that while significant efforts have been made to encourage de facto convergence of Indian corporate governance norms with the Anglo-American model, there remain significant gaps between convergence in theory and convergence in practice. Outliers aside, increasing evidence suggests most fi rms are content paying lip service to corporate governance – characterised by inadequate disclosure standards, lack of professionalism on boards and passive minority stakeholders among others. There are several factors that deter effective enforcement of corporate governance norms and rules, ranging from corporate level constraints to institutional factors – which the Ministry of Corporate Affairs in India actively addresses through its interventions and network of regulators, professional bodies and think tanks.

amendments to the Companies Act were made with the objective of ensuring efficiency and ease of doing business by diluting some of the more onerous conditions. The corporate sector is a subset of the larger socio-economic ecosystem. Listed companies thrive on a vast pool of hope and trust of the large number of shareholders. All the shareholders need to be treated fairly and equally without any discrimination. Reforms in India over the last decade have been advanced with the understanding that the overarching objective for good corporate governance is to incentivise boards and management to pursue objectives that are in the interests of the company and its stakeholders under an effective monitoring mechanism. In India, there is an increasing recognition among policymakers for transparency and

towards the larger society and requires effective execution on the ground. Higher corporate governance standards need to be propelled by the larger ethical and environmental concerns as well. Going further from Section 135 dealing with CSR issues, the National Voluntary Guidelines issued by the Ministry in 2011 have been redrafted as national guidelines focussing on bringing economic, environmental and social concerns with the ambit of a voluntary self-governance framework for strengthening the reputation and stakeholder commitment mechanisms. India is on the rise and the corporate sector has an important role to play in catalysing its progress. Th is requires dynamic, innovative, credible, transparent, accountable, value- based and enlightened corporate governance practices. Given the size and the potential of the economy,

CREATING INCENTIVES FOR THE BOARD India needs to pursue objectives that are in the interests of the company and its shareholders

Shareholder relationships

While most listed firms and public sector enterprises in India have basic governance structures in place, only a handful look beyond mere tick-box approach to corporate Unlike the US governance. Unlike the US and UK, the core challenge and UK, the in Indian corporate core challenge is governance is not mitigating not mitigating agency problems between the management and agency problems accountability in all matters shareholders but that between between majority of governance, including shareholders and minority management and the need for corporate shareholders. This in turn, to be accorded shareholders but governance leads to attendant problems top priority for ensuring related to board functioning, between majority credibility and enhancing role of audit committees, the confidence of all the and minority tunnelling of funds among stakeholders, including the shareholders group companies, inadequate shareholders. This applies disclosure and expropriation more to the constitution of of minority shareholders among others. The boards of directors, performance evaluation regulators have viewed the issue seriously of directors, ensuring independence of and the enforcement mechanism has been directors, compensation for executives, tightened by the regulators within their succession planning, appointment and jurisdiction. The overlaps of the jurisdictions rotation of external auditors and putting have all been addressed instrumentally in place a whistle-blowing mechanism for improving the enforcement regime to – critical for effective corporate governance. disciplining corporate conduct in India. Ethical concerns It is a truism that the introduction of the Corporate social responsibility (CSR) is Companies Act 2013 and tightening of SEBI a laudable initiative that India proudly regulations increased the cost of compliance at shares with only a few other countries. This various levels within corporate entities, which underpins the responsibility of corporations was not lost on the legislators. Subsequent 124 Ethical Boardroom | Autumn 2018

there is no justification for India not to have a much wider corporate presence across the globe. While there is much work to be done on various issues, such as managing the cost of compliance and gaps in enforcement, successive reforms have resulted in a marked increase in India’s corporate governance performance. Robust monitoring mechanisms and a disproportionate cost of non-compliance act as a disincentive for companies to engage in illegal activities. Exemplary penalties on non-compliance are acting as strong reminders and can provide a strong behavioural nudge towards better governance. Having stated that, corporate governance, with all its underpinnings, is an ethical issue at its core. In spite of regulatory reforms, and their enforcement on the part of regulatory bodies, the results will only be realised with effective contribution from the institutions of corporate governance adopting a professional mindset and ethical conduct. www.ethicalboardroom.com

Comarch Omnichannel Robo-Advisor Investment recommendations: powered by big data, delivered via galaxy of devices

Find out more: finance.comarch.com

Corporate Governance Awards | Introduction

Improving corporate governance standards Asia & Australasia Winners Corporate governance is always a hot topic of discussion in corporate boardrooms, academic roundtables and for policymakers worldwide. Good governance involves balancing the interests of a company’s stakeholders – including shareholders, management, customers, suppliers, financiers, government and even the community. Not all companies follow the same model and there are different approaches in every country, but recent months have witnessed a slew of international efforts to improve and better harmonise corporate governance practices. In Malaysia, the Institute of Corporate Directors (ICDM) has been set up as a dedicated body to enhance the professionalism and effectiveness of corporate directors in the country. The main objective of the new institute is to promote excellence, integrity and the highest level of skills and professional competence among Malaysian corporate directors, according to the Securities Commission Malaysia. It also aims to promote the adoption and application of corporate governance practices, besides representing the interest of its members. In Singapore, a revised corporate governance code aims to encourage board renewal and strengthen director independence. The code is applicable to listed companies in Singapore on a comply-or-explain basis and requires companies to provide explanations for variations from its provisions or guidelines in their annual reports. Singapore Exchange RegCo has also recently announced a collaboration with the Securities Investors

126 Ethical Boardroom | Autumn 2018

Association and the Singapore Institute of Directors to produce a guide on how directors and investors should best conduct themselves during shareholder meetings, as well as understand the recent code changes. In Thailand, there has been an increased commitment of Thai listed fi rms to engage in a continuous development of corporate governance standards. According to the 2018 Corporate Governance Report of Thai Listed Companies, there are 79 listed companies with outstanding performance on environmental, social and governance aspects, an increase of 14 fi rms from 2017.

Good governance involves balancing the interests of a company’s stakeholders — including shareholders, management, customers, suppliers, financiers, government and even the community

In Japan, the government has worked hard on corporate governance reforms in recent years and most recently the Ministry of Economy, Trade and Industry revised its corporate governance guidelines. The changes require listed companies to take additional measures, including not only mere disclosure but also additional board involvement in assessment and decision-making. In Australia, the ASX Corporate Governance Council has proposed to transform key areas of corporate governance in the country. It believes the fourth edition of its Corporate Governance Principles and Recommendations will address emerging domestic and global issues in corporate governance, including corporate values and culture, whistleblower policies and anti-bribery/ corruption policies. The Ethical Boardroom Corporate Governance Awards recognise and reward outstanding companies who have exhibited exceptional leadership in the area of governance. The awards highlight the important role that corporate governance plays in dictating a company’s success and a board’s contribution to the creation of long-term value. Ethical Boardroom is proud to announce its Corporate Governance Awards Winners in Asia and Australasia.

www.ethicalboardroom.com

The Winners | Corporate Governance Awards

AWARDS 2018 ASIA & AUSTRALASIA WINNERS Insurance AIA Group Ltd Leisure & Hospitality The Indian Hotel Company Ltd (IHCL) (India)

Real Estate Developer Sun Hung Kai Properties Ltd (SHKP) (Hong Kong) Transportation BTS Group Holdings (Thailand)

Conglomerate SM Investments Corporation (SM)

Manufacturing Top Glove Corp. Berhad

Electric Power Transmission Aboitiz Power Corp. (Philippines)

Media Media Prima Berhad Oil & Gas Petronas Dagangan Berhad Telecoms Telekom Malaysia Berhad (Malaysia)

Conglomerate Westfarmers Ltd Construction Lendlease Group Food & Beverage Coca-Cola Amatil

Financial Services DBS Group Ltd Food & Beverage Del Monte Pacific Ltd Real Estate Investment Trust Fraser Logistics & Industrial Trust (Singapore)

www.ethicalboardroom.com

Insurance QBE Insurance Group Ltd Oil & Gas Santos Ltd Telecoms Telstra Corp. Ltd (Australia)

Real Estate Investment Trust Kiwi Property Group Transport & Logistics Freightways Ltd Utilities Meridian Energy Ltd (New Zealand)

Global News Australasia

Football body votes for governance reform Football Federation Australia (FFA) has endorsed sweeping governance reforms, ending a two-year power struggle that had threatened the country’s FIFA membership. At an extraordinary general meeting, FFA members voted in favour of a new model for an expanded congress after finally reaching a consensus on its make-up. FIFA had previously threatened to disband the FFA board and temporarily govern Australian football if reforms were not agreed. The reforms will strengthen oversight of Australian football with the formation of various standing committees to improve stakeholder engagement, corporate knowledge and strengthen governance. Financial reporting will be improved in accordance with International Financial Reporting Standards. FFA chairman Steven Lowy, who fiercely opposed the reforms and was highly critical of the proposed structure of the new congress, has said he will step down from the board at the end of the year.

Australian banks admit leadership failures Executives at Australia’s financial giants have admitted to failures of leadership after an investigation uncovered serious misconduct and greedy behaviour. The Australian Royal Commission interim inquiry revealed that Commonwealth Bank had charged dead clients for advice for a decade and the National Bank of Australia charged customers fees for financial advice that was never provided. At a public hearing, National Australia Bank chief executive Andrew Thorburn confirmed he was ‘ashamed’ at the lender’s behaviour and said that banking had ‘drifted’ from its core purpose. Matt Comyn, chief executive at Commonwealth Bank Australia, said: “As the Royal Commission has shown, there have unfortunately been failures of judgement, failures of process, failures of leadership and in some instances greed.” The Royal Commission will issue a final report in February 2019.

128 Ethical Boardroom | Autumn 2018

Michelle Guthrie sues ABC over dismissal

Sacked Australian Broadcasting Corporation (ABC) managing director Michelle Guthrie is suing the national broadcaster on the back of claims of unfair dismissal. Guthrie was sacked just two-and-a-half years into her five-year term. At the time of her departure, then ABC chairman Justin Milne said directors had resolved it was not in the best interests of the broadcaster for Guthrie to continue to lead the organisation. A spokesperson for Guthrie told ABC News she had lodged a claim with the Fair Work Commission, but did not confirm what damages were being sought. Guthrie’s argument is that the ABC board had no grounds to apply the termination clause in her $900,000 contract.

UNSW Law School appoints inaugural MinterEllison chair

Backlash over Transurban CEO’s $7million pay Proxy groups have slammed the ‘excessive’ $7million annual pay packet of Scott Charlton (below), chief executive of toll road company Transurban. Charlton’s total pay is more than triple the pay of other top executives in his team and his short-term bonus package is almost five times larger than that of other executives. According to the Australian Financial Review, proxy groups ISS and CGI Glass Lewis, along with the Australian Shareholders Association, had taken issue with Charlton’s pay. In a paper, ISS wrote that the CEO’s pay was ‘excessive and significantly increasing’ and that a lack of transparency around the company’s bonus disclosure was ‘a material shareholder concern for transparency’.

The University of New South Wales Law School has collaborated with law firm MinterEllison to establish a chair role to help organisations identify, understand and respond to known and unknown risks. Professor Dimity Kingsford Smith will be the inaugural MinterEllison chair in risk and regulation, responsible for studying risk governance, risk management and regulation. The aim will be to develop new ideas and means of regulation to improve industries, such as financial services, to the benefit of society and the economy. Professor Kingsford Smith said: “Risk and regulation along with community expectations are central to most decisions in commercial and corporate life, and to how the legal system responds. I am very excited about and grateful for the opportunity this generous support provides to spend time as a research professor on these questions of continuing importance to some of our most significant institutions.”

www.ethicalboardroom.com

BECAUSE THE WORLD CHANGED AGAIN TODAY.

In an ever-changing world, it pays to stay one step ahead at all times. To succeed, you need a trusted legal partner with hands-on industry experience, a comprehensive global network and a deep understanding of your unique business goals. We offer you in-depth industry experience, extensive international connections and innovative solutions to meet your businessâ&#x20AC;&#x2122; needs. Gowling WLG is an international law firm providing legal services around the world and helping you to succeed no matter how challenging the circumstances. For more information visit gowlingwlg.com Gowling WLG (UK) LLP is a member of Gowling WLG, an international law firm which consists of independent and autonomous entities providing services around the world. Our structure is explained in more detail at www.gowlingwlg.com/legal.

Australasia | Corporate Culture

ETHICAL LEADERS Cultivate organisational behaviour through role modelling, communication and enforcement 130 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Corporate Culture | Australasia

Bazley Report

A blueprint for change

How boards can test the culture in their workplace, create a speak up culture and whether we can expect legislation to change War stories or case studies outlining governance ‘failures’ to provide learnings from other people’s mistakes, are often the most requested sessions for The Institute of Directors in New Zealand’s (IoD) conference sessions. However, it can be challenging to find examples where people are prepared to speak about times when governance was challenging and where things didn’t go as intended. Like many other nations, New Zealand is not short of such incidences. For instance, in 2014, one of the country’s most high-profi le executives – the CEO of the Canterbury Earthquake Recovery Authority (CERA) – resigned, following an investigation into a complaint from a senior female staffer about serious misconduct. CERA was the government department coordinating the rebuild following the devastating 2011 earthquakes and fall-out from that resignation went right to the heart of government. Public concern over the handling of this situation ensured ongoing headlines. Fast-forward four years and several prominent New Zealand organisations are again dealing with sexual harassment allegations.

The Russell McVeagh scandal

What is different this time is that one of these organisations, leading law firm Russell McVeagh, opted to make public the report of the independent investigation into the allegations. The result for New Zealand’s governance community is a blueprint for widespread change, which cannot be ignored – the power of social media won’t let it. Russell McVeagh is one of New Zealand’s premier law fi rms. In February this year, a news organisation published allegations of a ‘pattern of sexually inappropriate behaviour’ by several senior male lawyers at the fi rm towards female university students who spent a summer clerking for the business in 2016. The article resulted in an outpouring of allegations regarding a widespread culture of harassment across the New Zealand legal industry. www.ethicalboardroom.com

Kirsten Patterson

and priority is to be maintained. Public release of the report was a brave move and has the opportunity to have significant impacts beyond Russell McVeagh’s Academic and public outrage escalated own transformational culture change. rapidly. Universities, the Woman’s Law Just as people behave within a company Journal and the NZ School Debating Council context, companies themselves also exist cut ties with Russell McVeagh; a blog within an industry context. providing an anonymous platform for reports We would be naïve to think issues are of sexual violence within the legal profession restricted to one organisation or even one resulted in 214 accounts of alleged rape, industry – and further examples continue to abuse and intimidation; hundreds of law surface in New Zealand and around the world. students staged a high-profile demonstration To name but a few, New Zealand’s Human outside Russell McVeagh’s Wellington office. Rights Commission came under fire this year The Wellington Women Lawyers Association, over its investigation of a sexual harassment Criminal Bar Association and the Law complaint made by a young intern. A Society ran surveys, revealing widespread ministerial review found the HRC had failed reports of bullying and harassment across in its handling of sexual harassment claims. the entire legal profession. A third of female Good governance demands of us that lawyers reported having been sexually we are scanning across industries for harassed during their working life. trends and messages that we should adopt, The Russell McVeagh review or that could impact our It is time was headed by one of New own organisations. It is time Zealand’s most prominent, now for those in positions of for those in retired, public servants Dame governance to reflect if positions of Margaret Bazley. The 89-page our actions and questions report, published in July, pulled governance to as directors are expressing no punches. Failings were the priority of culture change reﬂect if our found in the firm’s governance, that we all wish to see. structure, management, New Zealand Prime Minister actions and policies, standards and systems Jacinda Ardern has called questions as – including having no code of for the energy of the #MeToo conduct – which Dame Margaret directors are movement to translate into said contributed to poor action – with solutions needing expressing management of the incidents. to have both a cultural and the priority of a policy dimension. To quote The report speaks to independent review of culture change the Prime Minister: “What we governance structures, the need to do is then say, ‘OK, well tenure of board chair and board that we all what next?’ You don’t want a members, the role of the board movement, really, of women wish to see chair, the role of the board in continually feeling like they need driving transformational culture change, the to tell stories that then equate to nothing appointment of independent board members in real terms. And so that’s the question and the adequacy of board reports. It also that I’m interested in asking: what next?” recommends that board committees and But even Prime Minister Ardern’s own appointment processes be reviewed. Labour Party has found itself in the spotlight Dame Margaret noted that a culture for all the wrong reasons. The party launched change of the magnitude envisaged by this a review by an independent barrister, review takes a long time to come into acknowledging it failed in its duty of care effect. She estimates it will take 10 years over its handling of claims by four young and notes the essential role the board will supporters that they were sexually assaulted play in ensuring the culture is monitored, or harassed at its annual ‘summer school’ measured and reported on if momentum youth camps in early 2018.

CEO of Institute of Directors in New Zealand

Autumn 2018 | Ethical Boardroom 131

Australasia | Corporate Culture In August, Labour committed to implementing all recommendations of the resulting report. These include, among others, reviewing the Party’s code of conduct, policies around sexual harassment and assault, alcohol, events and host responsibility and complaint procedures. However, the decision not to release the report publicly was criticised in the media, social media and by at least one of the young people concerned. It may be that the Bazley report’s release has led to an expectation of greater public transparency and that is something boards would benefit from.

What next for boards? How do they begin to make those changes?

While most IoD NZ DirectorsBriefs are usually available exclusively to members, we released our brief on sexual harassment and the board’s role to the public to help create safer workplaces across New Zealand. The brief outlines clearly to directors that they are accountable for addressing sexual harassment in the organisations they govern. Boards are tasked with ultimate responsibility for organisational culture and performance. The many examples we are seeing highlight how important it is that boards know what is happening within their organisations and deal with issues consistently. How organisations talk about sexual harassment and assault in the workplace is rightfully changing and boards need to evaluate how their organisation addresses this misconduct. There needs to be a safe zero-tolerance culture that ensures harassment does not happen and if it does occur, that employees, volunteers and contractors feel they can raise the issue and that appropriate action will be taken. The board must set the tone for healthy organisational values, standards and culture, including safety, respect and conduct. This includes addressing unwanted comments or physical contact, persistent and unwelcome social invitations and less-than-professional conversations and behaviours, including smutty jokes and inappropriate material and language. Boards should hold management to account by requiring regular reports of complaints, investigations and outcomes. Our 2017 IoD Director Sentiment Survey found that only 40 per cent of boards received comprehensive reporting on ethical matters and the actions taken to address them. Boards need to understand their legal obligations and to ask a lot of probing questions. They should know: whether their organisation has a sexual harassment policy; how values and standards are communicated throughout the organisation; what ethical framework is in place and how regularly it is reviewed. They should be performing cultural health checks with external or independent advisors and looking at what reporting they receive on conduct and behaviour.

132 Ethical Boardroom | Autumn 2018

Does your board receive reporting on complaints and investigations? What process is in place for a sexual harassment complaint against senior executives? Do complaints about senior executives go to the board and does the board investigate? Do you ensure board-only time to discuss culture, complaints and employee feedback? Importantly, is sexual harassment treated consistently with other forms of misconduct, such as physical assault or verbal abuse? Much recent commentary in New Zealand has focussed on the importance, in effecting change, of developing a ‘speak up’ culture within your organisation – thus creating an early warning system for potential issues. Karin Lasthuizen, who currently holds the Brian Picot Chair in Ethical Management at Victoria University’s School of Management in Wellington, has posed the question: “Are New Zealanders too polite to speak up when they see ethically questionable behaviour at work?” ENCOURAGING A SPEAK OUT CULTURE Have you developed a strategy for supporting whistle-blowers?

Lasthuizen points out that ethical leadership is about cultivating organisational ethical behaviour through role modelling, communication and enforcement. She believes New Zealanders find the enforcement angle of this the most difficult. Contrasting Kiwi behaviour with the “quite critical, direct, open approach” in her native Netherlands, she observes: “Here in New Zealand the culture is very polite. So, people seem to find it more difficult to address others and say, ‘why are you doing this and why do I feel uncomfortable with it’?” This natural reticence makes it even more crucial that boards ensure safe and effective organisational systems are in place, that encourage and enable employees to speak up without fear of recrimination. An important first step is having a clear policy and procedure for reporting concerns and potential misconduct. The effectiveness of speak-up systems relies on:

■■ Robust and consistent response systems that build trust, with appropriate recording and follow-up activities ■■ The operational independence of those who receive and investigate employees’ concerns and the board’s willingness to safeguard that independence Then there is ‘whistle-blowing’. This differs from ‘speaking up’ in that it is usually an allegation that a wrongdoing has occurred and may be made outside the regular management channels to report suspected illegal or unethical activities or behaviour within the organisation. New Zealand’s protected Disclosures Act 2000 (currently under review) facilitates such disclosures of serious wrongdoing in and by organisations and protects those who make such disclosures. Peter Boshier, Chief Ombudsman for New Zealand, has expressed concerns that many directors and senior managers in the private sector are putting themselves at risk because they do not have policies and procedures in place to protect whistle-blowers. As Mr Boshier points out in one of our IoD DirectorsBriefs: “When this issue arises in the media, it is the action or inaction of people within government departments that tends to hit the headlines. But the Protected Disclosures Act doesn’t just apply to the public sector, it covers anyone in the workforce who wants to raise issues of serious wrongdoing.” Mr Boshier encourages directors to consider four key points: ■■ Have a policy, make it accessible and talk about it frequently. Make sure your staff know how to speak up and what will happen if they do ■■ Develop a strategy for supporting whistle-blowers. If someone does make a disclosure within your organisation, consider the risks they face from speaking out and take appropriate action. Keep them informed and make sure they are not mistreated in any way for making the disclosure ■■ Make sure whistle-blower confidentiality is maintained in accordance with the Act ■■ Recognise the value to your organisation of a culture that encourages speaking up In a statement following publication of the Bazley Report, Russell McVeagh chairman Malcolm Crotty noted: “We have apologised to the young women for the hurt and damage we caused. We recognise that they have shown great courage and applaud them for this. Their actions will result in meaningful change.” It is time for boards to be courageous, too, and act. The impact of the #MeToo movement and the winds of change these are driving, is not simply ‘a risk’, but is an unprecedented and powerful opportunity to change and strengthen your organisational culture to address all unethical behaviours. www.ethicalboardroom.com

Asia | Activism & Engagement

From polar bears to penguins

US Navy Admiral Harry Harris, until recently the commander of the United States Paciﬁc Command and now the US Ambassador to South Korea, has described the geographical expanse and cultural spread across Asia as ‘from Bollywood to Hollywood, from polar bears to penguins’.1 It’s an apt description for the region’s cultural, economic, linguistic and geopolitical diversity – and for the breadth of Asian financial markets, which are each differentiated by regulation, currency, investor base and valuation. Across Asia, minority shareholders have found a voice to engage management and each other. Activists, though tempted by

Activist investors are accelerating efforts to build influence across Asia Seth Fischer

Founder and Chief Investment Ofﬁcer, Oasis Management Company the low valuations and suboptimal balance sheets, have long avoided Asia due to poor corporate governance, insider boards, family- or group-controlled shareholder structures, frequent corporate scandals and a lack of transparency. Today, those same issues are now considered points of entry in engagements to increase shareholder value. Further, the welcome mat has been laid out for activists by regulatory bodies across Asia, which are clearly trying to harness shareholders to help

ASIA REGIONAL SNAPSHOT Country Index ROE P/E EV/EBITDA Growth Price to EBITDA Debt to tangible margin equity book ratio Japan TOPIX 8.8 15x 8.1 4.14 1.26 10.2 31 South Korea KOSPI2 7.5 13.2x 8.7 3.8 1.1 10.6 46 Hong Kong HSI 12.2 11.5x 10.6 10.15 1.27 28.1 35.9 Singapore STI 10 13.2x 11.72 1.9 1.38 23.5 42.8 China CSI300 12.68 15.9x 9.7 18.2 1.87 11.7 73.3 Taiwan TWSE 7.8 15x 10.9 3.5 1.26 9.5 35 Indonesia JCI 6.9 14.6x 9.35 7.5 12.6 14.5 37.5 Malaysia FBMKLCI 11.3 21.5x 12.8 4 2.2 26 52.9 India BSE SENSEX 6.9 22.9x 14.5 11.5 4.6 19.9 72.25 Australia ASX 11.9 20x 13.6 6.5 2.78 28.3 41.4 Source: Bloomberg, median values as of 9/7/2018

www.ethicalboardroom.com

drive more productivity at companies and on companies’ assets, which would drive growth for their economies as a whole. As a result, activism, long a successful US strategy, has now come to Asia in a meaningful way. Engagements have increased from a total of 10 back in 2011 and only 49 in 2014, to 106 last year.2 Activism in Asia is off to a strong start in 2018, with the number of campaigns launched during the first quarter in line with those initiated during the same time in 2017.3 But, as Admiral Harris understood, Asia is a big, diverse place, so it’s useful to break down the developments and opportunities, country by country. Interestingly, the level of activist activity across the region does not seem to be dictated by the comparative strength of a country’s general standard of corporate governance, per se, but rather by the net value that companies’ management teams are adding for shareholders (which might itself be the most important component of corporate governance). That value is frequently reflected in the multiples that investors have been prepared to invest in the various markets. Often where returns on equity, margins and growth are low, minority shareholders have felt the need to be more vocal in engaging with management to increase the company’s value. When growth and margins are high, often when the founder is running the company, there has been less interest (and need) by shareholders to engage publicly (see Asia Regional Snapshot, left). Autumn 2018 | Ethical Boardroom 133

Activism & Engagement | Asia

Japan: cheap for a reason TOPIX ROE: 8.8 Debt to equity: 31 Growth: 4.14 EBITDA margin: 10.2 P/E: 15x EV/EBITDA: 8.1 Price to tangible book: 1.26 It’s one of the cheapest of global equity markets with more than 39 per cent of companies in the Topix trading below tangible book value. But Japan is cheap for a reason. And that reason is a lack of corporate governance in the form of failure by management teams to increase ROEs and shareholder returns (among other metrics). With the welcoming of government, activists have dramatically increased their activity in an effort to unlock that value. Developments in corporate governance: One rule of thumb we have found as foreign investors in Japan is no conversation about activism can take place without mention of Steel Partners the last time activists engaged in Japan back in the mid-2000’s. So, let’s begin there. Steel Partners’ Warren Liechtenstein came to Japan with money and an attitude of pure, Western-style capitalism. He targeted numerous companies, the most famous of which was Bull-Dog Sauce. Bull-Dog is a listed company that sells a distinctive and much-beloved intense Worcestershire sauce in Japan (think Coleman’s mustard in the UK or Heinz ketchup in America). But for Warren, Bull-Dog’s more distinctive features were the price of its shares, which implied a negative equity value and management’s complacency regarding the share price. The problem was, he was prepared to tell anyone that. On a visit to meet Bull-Dog’s management in Tokyo, he said he planned to ‘educate’ and ‘enlighten’ Japanese managers about American-style capitalism.4 As a result, when the company enacted a poison pill, he was deemed by the court to be a hostile acquirer. (Relatedly, in 2007, national broadcaster NHK began running a drama series called Vulture about a Japanese fund manager who acquires indebted companies for a US investment firm. Its tagline: ‘Is that man the devil or a saviour?’) The fun (and profitable) part for Steel Partners and its investors is that while he did not manage to achieve a takeover at Bull-Dog, he cashed out of three-quarters of his shares at the same price of shares everyone else got equity at, so he did, presumably, make money. Nevertheless, he remains the paradigm of the ‘abusive acquirer’ and foreign vulture investor in Japan and the lower court ultimately ruled against Steel Partners (despite the language being toned

134 Ethical Boardroom | Autumn 2018

back by the Upper Court). It was seen as a sign by foreign investors that Japan was shut to activist shareholder engagement – until the advent of Prime Minister Shinzo Abe’s ‘Abenomics’ in 2012. Opportunities: Today, with Abenomics in its sixth year and Japan’s ROE revolution in its fourth year, along with the newly revised Corporate Governance Code (2018) and the revised Stewardship Code (2017), we are in very different times. Votes against management have been steadily increasing over the past four years and the opposition rate – defined as the number of proxy proposals on average voted against by all investors – is now at 3.4 per cent, up from 2.6 per cent in 2015 5 Engaging with companies successfully and, if necessary, staging a proxy vote requires engaging with the entire shareholder base. While the percentage ownership by shareholder type varies by company, shareholders in Japan can broadly be categorised as: ■■ Foreign shareholders ■■ Corporates subject to the Corporate Governance Code ■■ Domestic asset managers and pensions funds subject to the Stewardship Code ■■ Retail investors Three out of four of these shareholder types have begun voting more aggressively in their own economic interests. The exception is corporate holders. As an investor in Japan, we see an increasing number of domestic asset managers voting in line with their stewardship duties and against management. But corporate shareholders, subject to the newly revised Corporate Governance Code, should be voting in the best interest of the company’s underlying value. Instead, they continue to look for excuses and work-arounds so as to not abide by the spirit of the Code. We believe the problem of a lack of adherence to the spirit of the Code has solutions. The government continues to encourage the unwinding of crossshareholdings. Calling out these corporate holders that vote against proxies that are clearly in their economic interests and in line with the Code can make it more painful for them to act against their own duties of care and loyalty to their company instead of participating in a management mutual protection pact. As a result of the newly friendly environment for corporate engagement, shareholders of all

stripes have come to Japan to engage. These range from managers that specialise in friendly-only suggestivism (‘free consulting services’), to those, like us at Oasis, that span the spectrum from friendly to increasingly activist approaches, to those that are almost exclusively hostile to management. All of these approaches have had their share of successes recently. I believe the continued success of engagements in Japan in terms of shareholder-friendly company improvements and subsequent share price appreciation will beget further success. The flurry of poison pills that were adopted by Japanese companies in 2007 as a result of the Bull-Dog Sauce episode are gradually being unwound. For example, we received close to 90 per cent of minority support for a proxy we put forward this past year to cancel the poison pill in GMO Internet. Because we are in the early innings of engagement in Japan, I believe for the coming few years, engagement will create a virtuous cycle of foreign investment, more engagements, quicker results, better equity performance – and, eventually, the end of Japan being ‘cheap for a reason’.

South Korea: cheap for a different reason

KOSPI2 ROE: 7.5 Debt to equity: 46 Growth: 3.8 EBITDA margin: 10.6 P/E: 13.2x EV/EBITDA: 8.7 Price to tangible book: 1.1 Like Japan, company margins, ROE and, in particular, pay-out ratios are all very low in Korea. Companies are frequently run as if they are the controlling family’s personal capital holding vehicles – which, in fact, they often are. These large and great global businesses have not been great equity investments. They remain cheap for the reasons of family control, interrelated company networks and minority shareholder abuse. Developments in corporate governance: Korea is in the beginning the early throes of its own corporate governance revolution, with the government spearheading the movement. The current government swept into office after the Elliott Management/Samsung saga, where Elliott’s attempts to stop a merger that was abusive to minority shareholders within the Samsung group ultimately led the vice chairman of Samsung, Jae Yong Lee, to bribe Choi Soon-sil, a good friend of then-President Park Geun-hye, to influence the national pension to vote in Samsung’s favour. All of the people involved (the Samsung vice chairman, the President’s friend and the President) ended up in jail. The new

www.ethicalboardroom.com

Asia | Activism & Engagement president, Moon Jae-in, was elected on a mandate to eliminate cronyism, improve corporate governance and equity market valuations and stamp out the rampant minority shareholder abuse. The new president Moon appointed so-called ‘chaebol sniper’ Kim Sang-jo as chairman of the Fair Trade Commission. Kim was known back in 2004 as the only activist in Korea to be thrown out of a shareholder meeting. Korea published its Stewardship Code and revised its Code of Best Practices of Corporate Governance in 2016. In December 2017, shadow voting was abolished and a mobile voting system was introduced to ease shareholders’ access to general meetings. In February 2018, the Financial Services Commission (FSC) announced a plan to facilitate and encourage minority shareholder participation at meetings for listed companies, among other things. Opportunities: Oasis was the first foreign signatory to the Korean Stewardship Code. Korea’s National Pension Service (NPS), the world’s third-largest pension fund, adopted a stewardship code this year. That endorsement is substantial, as NPS owns key stakes in nearly every major company in Korea and often holds the tipping vote between family ownership and institutional and retail shareholders. As a testament to companies’ increased vulnerability, this year has already seen Elliott target one of the country’s most recognisable names: Hyundai. its campaign in Hyundai Motor Group to stop an abusive acquisition echoes its campaign in Samsung Electronics, which helped kick off the corporate governance revolution in Korea. In addition to Elliott, there are a growing number of domestic activists. While the investment universe in Korea in terms of market capitalisation and industry remains dominated by a small number of family-controlled companies, or ‘chaebols’, we believe Korea’s corporate governance revolution – in practice, a revolution against the chaebols (‘Chaebolution’) – can happen very quickly. There have been several false dawns in South Korea in the past, but we would not be surprised to see a very different South Korean investment landscape in two years. If Chaebolution does sweep across South Korea, we believe pay-out ratios will improve dramatically and, with them, equity market valuations. FINDING A VOICE Activists across Asia are increasingly engaging with management

www.ethicalboardroom.com

Hong Kong: a tale of two cities, err, I mean two systems

HSI ROE: 12.2 Debt to equity: 35.9 Growth: 10.15 EBITDA margin: 28.1 P/E: 11.5x EV/EBITDA: 10.6 Price to tangible book: 1.27 The Hang Seng Index (HSI) is dominated by two very different kinds of companies: the new entrepreneurial class from China – companies that are growing fast and whose valuations reflect that growth (Tencent is nine per cent of the HSI) – and the older, stogy, often second- or thirdgeneration property, ports, infrastructure and banking businesses in Hong Kong that trade at much more modest prices. The most prominent and publicised corporate governance battles have been fought in the second category, where one can observe the most significant discounts to book value and abysmal ROE compared to global peers, a sign of both investor frustration and a lack of accountability and where shareholder engagement is needed the most. Developments in corporate governance: Hong Kong is in the midst of its own Stewardship Code adoption, albeit at a much slower pace. In 2016 the Hong Kong Securities and Futures Commission published its ‘Principles of Responsible Ownership,’ otherwise known as the Hong Kong Stewardship Code. The Principles are similar to most stewardship codes, asking investors to monitor and engage with investee companies and have robust policies for executing, monitoring, reporting and enhancing their stewardship activity. The Hong Kong Exchanges and Clearing Limited (HKEX) published its proposed revisions to the Corporate Governance Code and Listing Rules in November 2017. The proposed changes aim to address corporate governance concerns, such as independence, ‘overboarding’, the responsibilities of the nomination committee and board diversity. Opportunities: Because of structural hurdles in Hong Kong, including large family ownership structures that effectively make many companies in Hong Kong very closely held, the tight relationships between pension managers and corporates and the large percentage of passive retail, there have not been many successful engagements with management. There

has been some history of stopping abusive transactions, but there are still many more companies plagued by low asset turnover, low ROE and years of poor share performance that look like they could use an engaged shareholder base. The recent dual share class amendments implemented in Hong Kong (read: super voting shares for founders), will also hamper engagement going forward. Still, there have been some successes, with a smaller number of active and public engagements with management and few winning victories over management recommendations – but they have been few and far between. David Webb, a well-known private investor and advocate for shareholder rights and market transparency in Hong Kong, has led his own battles and continued publicly to call out bad behaviour when he sees it. Shareholders blocked the abusive attempted merger of Power Assets with Cheung Kong Infrastructure and, in a separate case, banded together with our own efforts to protect shareholder interests in Yingde Gases. Other notable cases include BlackRock’s public (and ultimately losing) battle to protect its interests against a dilutive issuance in G-Resources, the battle over Convoy Global Holdings and Elliott’s fight with management at Bank of East Asia. In order to stall the long march to irrelevance as it competes with Shanghai for liquidity and with New York as a tech listing destination, the success of Hong Kong’s corporate governance is important as Hong Kong seeks to differentiate itself from the mainland as an investment destination.

Singapore: cheap for all the reasons we’ve talked about

STI ROE: 10 Debt to equity: 42.8 Growth: 1.9 EBITDA margin: 23.5 P/E: 13.2x EV/EBITDA: 11.72 Price to tangible book: 1.38 Dominated by real estate, resource and ports, many companies in Singapore’s benchmark STI index have been listed for more than 50 years. These are second-, third- and fourthgeneration businesses in the hands of professional management – making their equity cheap for familiar reasons. Developments in corporate governance: Singapore, in constant competition with Hong Kong, has also made serious progress in setting up a framework for successful shareholder engagement. Singapore released its stewardship code, called the Singapore Stewardship Principles for Responsible Investors (SSP), in November 2016.

Autumn 2018 | Ethical Boardroom 135

Activism & Engagement | Asia Singapore’s Corporate Governance Council released a paper in January 2018 with its recommendations for revisions to the Code of Corporate Governance, encouraging improvements like greater director independence, enhanced board diversity and board renewal, among other measures. Singapore also has a number of useful tools and resources for activist investors, including the powerful lobby group, Securities Investors’ Association Singapore (SIAS), whose questions Singaporean companies are encouraged to respond to at their AGMs. Opportunities: Singapore has hosted some shareholder battles and there is a recent history of campaigns that have borne some fruit (like Hong Kong, this has happened off a very low base). Singapore’s legal authority is in place; now shareholders must increase their engagement. Singapore shares the same issues with many other jurisdictions in Asia, where there are significant family holdings controlling more than 30 per cent of the shares outstanding, often not working to maximise shareholder value, with the occasional (very painful for investors) related party transactions at depressed prices diluting value for minority shareholders. These families eventually will need to make a decision as to whether or not they need the market. A decade of low interest rates has made equity financing look too expensive, but with the decline in equity (but certainly not asset) valuations over the same time period, current prices make equity financing untenable. In a normalised rate environment, controlling shareholders will have to make a choice on whether or not they want to adopt reform policies to reopen the market. Singapore has the distinct advantage of having Singapore’s sovereign wealth as an enormous public market investor. Temasek’s leadership in improving governance, encouraging buybacks, cheering mergers and encouraging management to do more to increase corporate value can act as a significant impetus to kickstart a virtuous cycle of corporate governance improvement. As a result, unlike Hong Kong, Singapore has a far greater ability to pull the levers of public policy in order to support significant improvements in governance and with it equity returns.

China: growing fast, so shareholder haven’t needed to focus on CG – yet

CSI300 ROE: 12.68 Debt to equity: 73.3 Growth: 18.2 EBITDA margin: 11.7 P/E: 15.9x EV/EBITDA: 9.7 Price to tangible book: 1.87 China is growing fast, so shareholders have not needed to focus on corporate governance – yet. The most actively traded

136 Ethical Boardroom | Autumn 2018

market in the region, China is dominated by entrepreneur-run companies and state-owned enterprises (SOEs), with the most growth potential and the widest and deepest moats protecting management. Developments & opportunities in corporate governance: China developed its corporate governance code under the leadership of the China Securities Regulatory Commission (CSRC) in 2001. This was further updated in 2011 and reviewed again in 2016. And yet, in this early stage of development, China’s corporate governance wave has yet to develop. In general, the shareholder bases have not been ‘institutionalised’ enough yet to create a framework of responsible engagement. In some ways, mainland China offers regulations that many Western investors could only dream of, with very strict sentences for those convicted of corporate fraud (including the death penalty). There

The encouraging news is that governments, from Japan to India, have now demonstrated how important they believe corporate governance is to increase foreign investment, lower the costs of capital and invigorate corporates and, with them, their economies are often far more serious penalties faced for committing frauds in China than are faced by Chinese executives for committing fraud on foreign investors in foreign markets – where executives behind some of the most famous Chinese frauds remain free without facing much personal consequence, let alone the prospect of regulatory or criminal liability. Mainland China also blocks controversial ‘dual-class shares’, something that the US, Singapore and now Hong Kong have permitted. For foreign, long-term investors in search of high return, owner-operator businesses, China is probably the best hunting ground. However, uneven application of the law and that some entrepreneurs view their relationship with minority shareholders as adversarial (not unlike Carnegie or Rockefeller in their time) means that shareholders still face considerable risk if their interests and the founder’s interests ever diverge. There has been a smattering of campaigns, typically led by large individual shareholders rather than institutional investors. In the broad context, investors have been willing to forgive the poor corporate governance,

including the VIE structure and dual-class share structures of foreign listed mainland businesses. The state-owned enterprises and largest companies have now enshrined in their corporate documents the special place the Communist Party holds in their governance structure and shareholders have had no choice but to accept it. For now, shareholders can complain, point out abuse or fraud, or flee. Market openness to genuine engagement is still distant.

Taiwan: Cheap(ish) for common reasons

TWSE ROE: 7.8 Debt to Equity: 35 Growth: 3.5 EBITDA Margin: 9.5 P/E: 15x EV/EBITDA: 10.9 Price to Tangible Book: 1.26 The fast growth of the tech-heavy Taiwan market has slowed, but valuations have not yet come down to very attractive levels for value-biased engaged shareholders. Developments & opportunities in corporate governance: Taiwan published its Stewardship Principles for institutional investors in 2016, which encourages investors to monitor and dialogue with investee companies. Since 2017, all companies are required to have at least two independent directors and 20 per cent board independence and to disclose the gender of directors. The Taiwan Stock Exchange also made changes to its Corporate Governance Evaluation System to place further emphasis on e-voting and English disclosure, which has been mandatory for all TWSE/TPEX listed companies since 1 January 2018. While we believe there are many Taiwanese companies that can use improvement, close family ownership has so far prevented engaged shareholders from being effective. More explicit government support would be helpful here.

Indonesia: not yet

JCI ROE: 6.9 Debt to equity: 37.5 Growth: 7.5 EBITDA margin: 14.5 P/E: 14.6x EV/EBITDA: 9.35 Price to tangible book: 12.6 Developments in corporate governance: Not yet. Nat Rothschild’s bruising and losing experience in Indonesia with Bumi and the Bakrie family provides a cautionary tale for any activist shareholder. Bumi, an Indonesia-focussed coal miner, was created by effectively injecting the Bakries’ Indonesian mines into Rothschild’s Londonlisted shell. In a messy, public five-year meltdown, Rothschild and the Bakries fell out over the company’s governance. Still, teaming up with a powerful Indonesian family, as hedge fund Argyle Street Management did to launch an offer at the end of the Bumi saga, seems to be the only practical path. www.ethicalboardroom.com

Asia | Activism & Engagement Further separation of Indonesia’s powerful family interests and the judiciary would help governance and valuations dramatically.

Malaysia: Cheap for all the reasons

FBMKLCI ROE: 11.3 Debt to Equity: 52.6 Growth: 4 EBITDA Margin: 26 P/E: 21.5x EV/EBITDA: 12.8 Price to Tangible Book: 2.2 Malaysia has had its share of issues and some of the ‘corporate governance discount’ is self-inflicted. There is a new government in office following the 1MBD scandal (which was so vast in scope that I’m not sure ‘bad corporate governance’ adequately covers the numerous failures and issues involved). Like other British colonies, Malaysia’s legal system is shareholder-friendly, but success also requires a fair judiciary and a robust legal system, free from political influence. Developments & opportunities in corporate governance: In 2017, Malaysia released its newly revised Corporate Governance Code which further encourages meaningful disclosure, ethical behaviour, accountability and transparency. As the code states, ‘companies that embrace these principles are more likely to produce long-term value than those that are lacking in one or all.’ They call this ‘CARE’ – an acronym for Comprehend the spirit of the code, Apply the best practices and Report meaningful and accurate disclosure. I’m happy to continue to monitor the Malaysian market from afar for now.

India: not cheap. Investors have accepted the trade-off of poor corporate governance for growth S&P BSE SENSEX ROE: 6.9 Debt to equity: 72.25 Growth: 11.5 EBITDA margin: 14.5 P/E: 22.9x EV/EBITDA: 19.9 Price to tangible book: 4.6 Investors have accepted the trade-off of poor corporate governance for growth and India has been one of the best-performing markets over the past one-, three- and five-year periods.

Developments in corporate governance: The Committee on Corporate Governance published a report recommending revisions to the Securities & Exchange Board of India (Listing Obligations & Disclosure Requirements) Regulations in October 2017. The proposed recommendations included a proposal for a Stewardship Code for institutional investors and focussed on related party transactions, transparency, board structure, director independence and disclosure (among other areas). Additionally, the previous Congress-led government introduced a new Companies www.ethicalboardroom.com

Act that introduced e-voting and gave shareholders a vote for every share they held. It’s worth noting that the Indian regulatory framework and rules for takeovers and delisting offers are not unfriendly to minority shareholders, as the former colony’s rules are based on the UK Takeovers Code. Opportunities: India is also seeing a bit of a rise in shareholder activism in companies that have not delivered on their side of the growth bargain. That includes rejections of pay increases at Tata Motors and the blocking of sales to related parties at below fair market value at Raymond Ltd. There have been a number of other proxy battles to gain board access, including in 2017, when Florintree Advisors proposed a ‘small shareholder’ representative on the board of PTC India, but was not successful. This battle continues. Similar to China, a number of entrepreneur-led companies and SOEs dominate the market. India has a very developed legal system, though it is a very long and arduous process to use and navigate that system. The government has been prone to incessant change in its foreign investment policies, the most recent of which taxes equity market gains. The market remains cheap, but for different reasons than in most other Asian countries. We are forever interested in ‘incredible India’ and will continue to watch this space. If I had any advice for India, it would be just to stop changing the investing rules every two years. Investors like consistency.

Australia: a mixed bag

ASX ROE: 11.9 Debt to equity: 41.4 Growth: 6.5 EBITDA margin: 28.3 P/E: 20x EV/EBITDA: 13.6 Price to tangible book: 2.78 Australia continues to grapple with the competing calls of independence and foreign investment. Often described as the ‘most over-brokered market’ in Asia as the result of brokers and investors looking to return home to Bondi after years in Bangkok, Osaka and Singapore, Australia has had a surprising number of frauds, self-promotions and over-inflated company valuations, given its robust regulatory system and open disclosures. Developments & opportunities in corporate governance: Australia is open to engagement and some large shareholders are engaging some of the country’s largest companies. The rules make engagements easy: like Japan, Australia has low thresholds to call an EGM and requirements for consistent supermajorities for executive pay. In terms of corporate governance development and the way the market and investors perceive the aggressiveness of shareholders, I would say Australia is mid-way between the UK and the US.

The single most important market structure feature in Australia is the giant superannuation funds, which make institutions the single most important investor base. This has led to success for ‘home-grown’ Australian activists who can marshal those investors, such as Gary Weiss, who won a resounding victory in his Ariadne fight and allowed Elliott to have some degree of success with BHP. Engaging the superannuation funds and getting these typically conservative investors to vote with activists has been the biggest challenge. The best opportunities come when those board or management actions are so egregious that they meet the high investor hurdle for support. Hence, while there have been numerous engagements with successful board representation granted in the past few years, for largescale and transformative engagements to be successful, activists in Australia still need to make a very compelling case.

Closing thoughts and looking ahead

Of the typical demands of shareholder activists, the most common in Asia to date have focussed on improving return of capital, board representation and investor relations and opposition to announced M&A. Interested–party transactions and transactions within conglomerate structures seen as being undertaken just to further a founder’s influence are increasingly reviewed and opposed. It is still early days in the ‘engagement’ (the term of art in Asia), or activist landscape. Corporates are just beginning to understand what these shareholders want, how they approach companies and how to address their concerns. The encouraging news is that governments, from Japan to India, have now demonstrated how important they believe corporate governance is to increase foreign investment, lower the costs of capital and invigorate corporates and with them, their economies. Governments now understand that this comes cheaply, as engaged shareholders work on improving their corporates for ‘free’ and management or the board can use the help and guidance, as opposed to an investor set that runs as soon as they see something they don’t like. As more shareholders engage, more shareholders vote their interests and more corporates improve, everyone wins. 1 ‘A U.S. Admiral’s Bluntness Rattles China and Washington’, New York Times, May 6, 2016, at https://www.nytimes. com/2016/05/07/world/asia/us-admiral-harry-harris. html. 2According to SharkRepellent and Activist Insight as of March 1, 2018. 3‘Shareholder Activism in Asia: Confrontation gaining momentum,’ J.P.Morgan report, May 2018, at https://www.jpmorgan.com/ jpmpdf/1320745400533.pdf 4Message In A Bottle Of Sauce The Economist, Nov. 29, 2007 at https://www. economist.com/special-report/2007/11/29/messagein-a-bottle-of-sauce 5IR Japan data as of June 2018

Autumn 2018 | Ethical Boardroom 137

Activism & Engagement | Australia

Australia’s activist awakening Activism is set to play a larger role in Australia as investors address governance shortcomings and underperformance We consider 2018 to be a watershed year in Australia for what constitutes good governance and good, decent, corporate stewardship – but not as one might expect. 2018 will be remembered as the year when the great and good of corporate Australia (as well as perceptions of what constitutes good governance) were dealt a severe blow to their credibility by two events:

The report of the Prudential Inquiry into the Commonwealth Bank of Australia (CBA), commissioned by the Australian Prudential Regulatory Authority (APRA); and The Royal Commission into Misconduct into Banking, Superannuation and Financial Services Industry (the Royal Commission)

Australia’s corporate governance practices have been shown wanting. The APRA inquiry was established after a number of very public stumbles by CBA, including a money laundering scandal. Among the many findings of the inquiry, several should act as a wake-up call to investors. The inquiry found, for example, that ‘there was not sufficient challenge

138 Ethical Boardroom | Autumn 2018

Gabriel Radzyminski

Fund Manager, Sandon Capital from the board to group executives’1 and that there was a general lack of accountability in the organisation.2 The APRA inquiry stripped away many of the long-held illusions (or perhaps delusions) of how good governance operates. Being a CBA director was one of the most prestigious directorships in the land. The inquiry has cost the CEO his job and several directors have retired. The Royal Commission then proceeded to make the CBA inquiry look like a walk in the park. So far there have been a number of recommendations of criminal prosecution of several companies, including specific executives, although no charges have yet been laid. AMP was the fi rst high-profi le victim of the Royal Commission. Under cross examination, AMP executives admitted to charging fees to clients who had died and charging fees for no service (something other banks and financial services providers have also done). The CEO, chairman and several non-executive directors stepped down from their roles. The insurance industry is now under scrutiny by the Royal Commission and, given the behaviour that has come to light so far, that industry is unlikely to fare much better than the banking and superannuation industries.

Failing standards

Governance, and particularly its failures, have been at the heart of many of the problems identified by each of these investigations. The APRA inquiry, by virtue of its terms of reference, provided insight into where and how problems began at board level’. All and sundry, even government ministers, are now heaping (well-deserved) opprobrium upon those culprits who’ve been exposed. Prime Minister Scott Morrison was reported (when Treasurer) as describing the CBA board as ‘an ineffective board that lacked zeal and failed to provide oversight’. Others, including some leading lights of corporate Australia, have sought to deflect responsibility onto shareholders, saying the mantra of shareholder returns are at fault. We do not agree. Ultimately, directors must shoulder the blame, but so too must the shareholders as they allowed the poor oversight to continue, largely unchecked. Trust has been lost. Distrustful and dissatisfied customers eventually lead to the loss of shareholder value. Indeed, shareholders as a group may end up paying a price greater than the aggrieved customers of those miscreant companies. Yet how can this possibly have happened? There are a number of possible explanations. Benjamin Graham explained, when writing about a 1920s’ proxy fight, ‘the business of Wall Street was largely a

www.ethicalboardroom.com

Australia | Activism & Engagement gentlemen’s game, played by an elaborate set of rules. One of the basic rules was ‘no poaching on the other man’s preserves’. 3 Wall Street’s basic rule of the 1920s is well and truly alive in Australian corporate life today.

Unbalanced ecosystem

One of the challenges in Australia is that the size of the corporate gene pool is small. Most C-level executives, company directors and the investment analysts and fund managers covering those companies know each other within three, if not two, degrees of separation. Acceding to the inner sanctum of the directors’ club, like any club, requires conformity and strict adherence to the club rules. Collegiality seems to have been misinterpreted by many to mean conformity. Those with directorial aspirations must play by the rules or they risk forfeiting those aspirations. Changing club rules will prove difficult. Perhaps a more effective paradigm is to think of the corporate world as an ecosystem where balances change (and need to change) all the time. Perhaps the corporate ecosystem has been allowed to fall out of kilter and needs a change of balance. Prior to 1970, corporate boards around the world were dominated by inside directors, chosen and controlled by management. Their function was largely an advisory one, characterised by consultation activities. Following a number of corporate scandals in the US in the 1970s, the functions and structure of boards began to change. In particular, the concept of independent directors and the related model of a ‘monitoring board of directors’ was established. Marvin Eisenberg’s influential

www.ethicalboardroom.com

book published in 1976 The Structure of the Corporation was the fi rst to espouse that the essential function of a board was to monitor the company’s management by being independent from it. Australian governance standards were slow to adapt to the changes that occurred overseas. As a result of the excesses of the late 1980s, the Bosch Report recommended more independent directors on boards. In 1992, the Australian Securities Exchange (ASX) proposed the introduction of

Shareholders are typically presented with a predetermined slate of directors for election, candidates not selected by shareholders, but rather by the incumbent board mandatory requirements for independent directors. However, the business community campaigned strongly against this. Following a number of high-profi le corporate failures at the beginning of the 2000s, the ASX implemented a requirement in 2004 for listed companies to adopt a majority of independent directors. Today, the focus of independence of directors seems to have evolved from an independence from management, to an independence from the owners of a company, the shareholders. There are numerous reasons why this independence from owners has evolved. We believe one reason lies

in how directors are proposed and elected. Shareholders are typically presented with a predetermined slate of directors for election, candidates not selected by shareholders, but rather by the incumbent board. Corporate voting is more akin to a one-party state than a western liberal democracy. We believe some shareholders have become too far removed from the companies in which they invest and this has contributed to increasing agency risks. At the same time, investment analysts and portfolio managers (and others) value close relationships with corporate management and directors. Australian companies, especially our largest ones, have been largely immune to the attentions of activist investors. Other than BHP Limited, which was the target of a campaign by Elliott Advisors, a US activist fi rm, far fewer of Australia’s largest companies have found themselves in an activist’s cross hairs than the largest companies in the US. We believe there are numerous factors that have led to this situation, but not because Australian companies are such exemplary performers. One factor that might contribute to this complacency might simply be due to the laid-back Aussie culture. Keep in mind that wonderful Australian idiom ‘she’ll be right’. This expression is often used to refer to something that will fi x or correct itself in time. RISE OF THE ACTIVISTS Activism in Australia is ready to blossom

Autumn 2018 | Ethical Boardroom 139

Activism & Engagement | Australia Other factors that we believe may A genuinely well-informed owner can test contribute to this complacency include the and challenge a company. This then allows fact that Australian superannuation funds for an adequate tension between owners, have been vocal (and effective) in reigning directors and executives. in some of the worst excesses of executive A lack of proper and pro-active oversight of remuneration. Australian investors have a directors by shareholders is a large part of why powerful tool at their disposal, referred to governance may have failed. Just as a strong as the ‘two strikes’ rule. This rule, which board overseeing management will bring out allows shareholders to vote on a company’s their best (and nip in the bud the worst), so too remuneration report, means that any are strong forward-thinking shareholders company that receives two ‘strikes’ (25 per needed to bring out the best in boards. cent or more of shares voting against the Directors are rarely judged by shareholders remuneration report) are obliged to call a on the performance of their companies, rather general meeting to spill the board. Although they are judged by their peers in the board there have been no successful spill motions room. It is rare for a nominated director not to at any large companies, the fear of public be elected. In 2017, we saw shareholders call rebuke has led boards to engage with for (and draw) blood at several companies, shareholders on remuneration matters. including two of our largest, BHP and A sense of ‘mission accomplished’ may Commonwealth Bank. For many directors, have emerged among many institutional investors (particularly our pension or superannuation funds) as a result of their successes reigning in the excesses of remuneration. However, while remuneration is typically an easy topic on which to find consensus (typically, more is bad, less is good), we find that significantly more value is destroyed through errors of strategic commission and omission. Sanction and confrontation, challenging at the best of times, become more difficult when the ties that bind risk being cut. The relatively small investment and business community means that Graham’s Basic Rule thrives and serves to protect the entrenched and the established. In all of this, shareholders should be asking serious questions of the effectiveness of the governance structures of these organisations. While traditional Although their customers have paid terribly for such investors might transgressions, it is the be able to step up shareholders who will part of the way, we especially those at the ultimately pay the highest highest echelons, this was price. As customer trust is believe corporate probably an all-too-rare broken, shareholder value Australia still needs taste of shareholders risks being eroded, by reduced prospects and to a the added scrutiny expressing their displeasure. the likely preliminary lesser extent, class actions. of a well-capitalised Given findings of the Royal Part of the problem is Commission, there may well that too much faith has cohort of be more directors facing been placed in the tenets genuinely activist shareholder wrath. of good governance. The investors Another way to foster main risk that governance some greater ‘tension’ might seeks to mitigate is agency be to have more directors nominated by risk. Yet good governance alone cannot shareholders rather than simply by invitation solve agency issues and the conflicts of from incumbent directors. This might serve interest these engender. to create a class of director whose interests Tackling the problem are not only aligned with, but also dependent We believe the best way to mitigate agency on the satisfaction of shareholders. risks is effective ownership. Frankly, this We find very few people prepared to means harder and more time-consuming allow themselves to be nominated by us analysis of investment opportunities (which (as an activist shareholder) for fear of the is increasingly difficult as pressure on fees consequences on their non-executive and the move to passive management grows). directors’ careers. They fear being 140 Ethical Boardroom | Autumn 2018

perceived as not being team players and trying to circumvent the traditional path for board accession. While traditional investors might be able to step up part of the way, we believe corporate Australia still needs the added scrutiny of a well-capitalised cohort of genuinely activist investors. Activists play a very particular role in the corporate ecosystem. They emerge as shareholders where more traditional forms of influence have not yielded change or where changes are occurring too slowly. The activist investor will often focus on issues or fears that other investors dare not make public for fear of sanction. It is rare for an activist’s proposal to be completely unique. Instead, they are often proposals that other shareholders would like to see but

FORWARD-THINKING SHAREHOLDERS Activist investors can bring out the best in boards

are not prepared to fight for. The activist’s proposals may also be those considered by the board, but not prioritised by management (for many varied reasons). Perhaps, when reading these words from the other side of the world, one might conclude that activism in Australia will never blossom. That would be wrong: all the factors we have cited above contribute to a very rich opportunity set for the activist investor. Telstra Corporation, Australia’s largest telecommunications (and ninth largest) company, faced an enormous investor backlash at its recent AGM. 62% of those voting voted against its remuneration report – one of the largest such votes ever against a top company. Page 14, the Prudential Inquiry into the Commonwealth Bank of Australia 2Chapter 7, the Prudential Inquiry into the Commonwealth Bank of Australia 3 J Gramm & G Radzyminski, Australian Governance Summit 2018 Reader, AICD Reader, Chapter 8 “The evolution of activism: is your board ready? What we can learn from the rise of activism in America.” 1

www.ethicalboardroom.com

KEEPING IT ABOVE BOARD “Essential reading for boards who want to stay ahead of the governance curve”

Board Leadership • Board Governance • Activism & Engagement Technology • Regulatory & Compliance • Risk Management twitter.com/EthicalBoard

www.linkedin.com/company/ethical-board-group

Global News Africa appoints KPMG ‘must pay damages’ to South Africa Kropz heavyweight boss Global auditor KPMG has vowed to rebuild its reputation following a report into a corruption scandal that saw at least 1.9 billion rand ($130million) stolen from local bank VBS. The investigation, carried out by a team of lawyers and forensic investigators on behalf of the South African Reserve Bank, found that former KPMG partner Sipho Malaba knew about the cash shortage at VBS.

KPMG should be forced to take responsibility for its role in VBS’s collapse and South Africa should seek damages from the auditor for the role it played, the investigation concluded. Wiseman Nkuhlu, KPMG executive chairman, said: “I am confident that the extensive remedial changes the firm has already made will enable us to rebuild public and client trust in KPMG, helping us to continue to serve business and society in South Africa.”

Corporate governance key to Kenya share success There is a ‘direct and strong correlation’ between corporate governance and share price performance among listed companies in Kenya, a new report has revealed. A survey of 47 companies listed on the Nairobi Securities Exchange (with a market capitalisation in excess of one billion Kenya shilling) found that firms with higher levels of corporate governance outperformed those with lower levels of corporate governance by 15 per cent. The annual Cytonn Corporate Governance Report — 2018 ranks companies on 24 metrics that consider different aspects of governance, including board composition, ethnic and gender diversity, board meeting attendance, board independence, remuneration and overall transparency. John Ndua, investment associate at Cytonn Investments, said: “This indicates the importance of strong corporate governance in delivering sustainable and attractive returns to investors.”

Governance at Nigerian airlines fails to take off Stakeholders in Nigeria’s aviation sector have attributed the inability of national airlines to stay in business for a very long period of time to a lack of corporate governance. Experts at the fourth quarterly Business Breakfast Meeting organised by the Aviation Safety Roundtable Initiative in Lagos, identified a link between poor corporate governance and high incidence of fraud and corruption. Since the 1980s, several airlines have collapsed in Nigeria with the last national airline — Air Nigeria – ceasing trading in 2012, collapsing under 35billion naira of debt.

142 Ethical Boardroom | Autumn 2018

Victor Banjo, director-general of the Institute of Directors in Nigeria and a former director at the defunct Virgin Nigeria Airline, said: “Good corporate governance thrives when you have a rationalised policy determination process. This is only achievable when we have clear-sighted political leaders who are committed to the development of Nigeria as opposed to sectional and parochial interests.”

South African fertiliser company Kropz turned to former BHP board member Lord Robin Renwick for its chairman role ahead of a listing on the London AIM stock exchange. Lord Renwick of Clifton — a boardroom veteran who was vice chairman of JP Morgan Europe and a board member at BHP Billiton, British Airways and Harmony Gold — will be the firm’s non-executive chairman. Kropz said it opted to list on the AIM because it provided a broader access to funds and enabled the company to talk to people through a global platform. The company hopes to raise £50million from the listing, which will go towards its Elandsfontein phosphate mining project in South Africa.

Transnet CEO battle goes to arbitration The Labour Court in Johannesburg has ordered that the dismissal case of Transnet chief executive Siyabonga Gama be referred to arbitration. In September, the board of Transnet unveiled plans to dismiss Gama after losing confidence in his ability to lead South Africa’s state-owned ports and rail company. An investigation has also implicated Gama in allegations of misconduct and contravention of the Finance Management Act following the acquisition of R54billion worth of locomotives. Transnet gave Gama 10 days to show why his contract should not be terminated. Gama appealed to the Labour Court and Judge Graham Moshoana ruled that Gama must keep his job while the dispute over whether his contract could be terminated is taken to arbitration.

www.ethicalboardroom.com

AFRICAN ROOTS, WORLD CLASS SERVICE

...THINK www.zenithbank.com www.zenithbank.com

For enquiries and feedback, kindly contact For enquiries and feedback, kindly contact ZenithDirect, our 24hr interactive Contact Centre: ZenithDirect, our 24hr interactive Contact Centre:

+234 1 278 7000, +234 1 292 7000, +234 1 278 7000, +234 1 292 7000, +234 1 464 7000, 0700ZENITHBANK +234 1 464 7000, 0700ZENITHBANK zenithdirect@zenithbank.com zenithdirect@zenithbank.com

Africa | Green Bonds

Sustainable investment in South Africa The JSE’s green bond segment aims to boost investment in ESG projects Akshar Sewkuran

Bonds Specialist in Capital Markets, Johannesburg Stock Exchange

Climate change as a systemic risk to global economies has led to an increasing demand from investors for socially responsible investment opportunities to address their environmental, social and governance mandate. Green bonds raise money that is specially allocated for funding projects that result in environmental and climate benefits. While making up only a fragment of the global capital market, they have increased in terms of issuer diversity, number of issuers and

investor involvement. The market for green bonds is valued at more than $900billion and the year-on-year issuance has doubled in size annually over the past three years and is expected to grow by a further $250billion in 2018. The launch of the new Johannesburg Stock Exchange (JSE) Green Bond Segment in September 2017 has led to an increased appetite from investors. These are bond instruments where proceeds will be exclusively applied to finance new or existing eligible green projects and which are aligned with the four core components of the Green Bond Principles, as defined by the International Capital Market Association. The local market has just four green bonds listed, the most recent of these – the City of Cape Town’s earlier this year – was five times oversubscribed and the fi rst corporate issuer Growthpoint was close to three times oversubscribed. For issuers, the green bond market can offer several important benefits for green investment, including diversification to

investors who are increasingly demanding socially responsible investment (SRI) opportunities. This could assist issuers tapping into offshore pools of capital and creating additional demand for their bond issuances. There are possible cost advantages as the market develops more fully – an interesting dynamic, which many issuers give as the rationale for listing a green bond. However, the cost advantages in developed markets seem to only appear after three years of a fully functioning market and, even then, the benefits are diﬃcult to attribute to the green aspect. What has become certain is that oversubscription is observed frequently, book builds are done relatively quickly, no new issuance premium is also prominent, as is the ability to up-scale volume issued. What is becoming more prevalent is the activity in the secondary market, whereby green bonds are trading tighter spreads – assisting the primary market issuances’

GOING GREEN IN SOUTH AFRICA There is an increased interest in bonds that raise money for environmental projects

144 Ethical Boardroom | Autumn 2018

www.ethicalboardroom.com

Green Bonds | Africa pricing, as well as studies showing that green bonds are proving to be more resilient during credit volatility. This allows issuers in less environmentally-friendly sectors to take part in the green bond market by signalling changes to their business model and attracting a new basket of ESG-focussed investors. This has become significant for issuers who are now able to monetise and receive benefit from the capital markets for their sustainability efforts.

Addressing climate risk

For investors there are a number of benefits â&#x20AC;&#x201C; namely, being able to support the capital flow towards a responsible real economy that addresses the risk of climate change;

www.ethicalboardroom.com

investors have the ability to add investments into their portfolios that diversify the risk of climate-related changes; and it helps them meet ESG mandate requirements through a single-listed financial product. As an example, French energy giants have resorted to issuing green bonds to help finance a strategic shift toward renewable energy. This complements mandatory â&#x20AC;&#x2DC;real economyâ&#x20AC;&#x2122; policies that lead to changes in business models, such as carbon pricing, waste reduction and recycling targets.

Finally, listing a green bond could enhance the reputation and promote the importance of governance of an issuer. Positive press coverage, both locally and abroad, greeted the green bond listings by Growthpoint, City of Joburg and City of Cape Town. For investors, green bonds have become one of the main outlets for a growing pool of international capital that comes with environmental or ethical strings attached. The Global Sustainable Investment Alliance estimates that $10.4trillion in assets worldwide involves some form of ESG measurement.

Autumn 2018 | Ethical Boardroom 145

Africa | Green Bonds

Sustainable finance is being forced into the mainstream and we believe there is significant potential for growth in South Africa. The Pension Funds’ Act Regulation 28 requires that investments have to include ESG considerations in their investment portfolios – and a green bond is a product that speaks directly to this requirement. The JSE has ensured that its green bond listing requirements are aligned with international best practice. With the global growth in this field, we have seen that green bonds give issuers the ability to attract new investors with a socially responsible investing (SRI) or ESG focus and tap growing pools of SRI capital. As more investors see the benefits of green investing through the return profi le of these investments, as well as the protection it can offer during volatile periods thanks to its enhanced governance, we believe there is healthy scope for responsible investing to grow in the South African market. Although the green bond market is still nascent in South Africa – with many potential issuers unaware of the benefits of tapping the capital markets with a green bond – the JSE ‘expects it to continue developing, with corporates playing a catalytic effect by using the capital markets to fund their low-carbon initiatives and, importantly in the context of South Africa, securing a low-carbon economy that secures jobs and investments’.

Growthpoint — a case study

Growthpoint Properties was the fi rst South African company to issue a green bond on the Johannesburg Stock Exchange on 9 March 2018. The international property company, which owns and manages a

146 Ethical Boardroom | Autumn 2018

better pricing than the nominal bonds. Th rough this issuance, Growthpoint diversified portfolio of 559 property assets has successfully positioned themselves locally and internationally, has issued as a world-class property fund clearly R1.1billion($94million) bonds for terms committed to supporting and investing in of five, seven and 10 years. They will be environmental sustainability, with their used to fund the green buildings and green green bond framework and reporting initiatives of South Africa’s leading real commitment attached to the bonds estate investment trust (REIT). issued, and with the longest 10-year bond The issue was very successful – three times maturing in 2028.” oversubscribed – and the company increased Among the investors in the new the issue size to ZAR1.1 bn. In terms of Growthpoint Green bonds is the African pricing, the issue provided GrowthPoint Local Currency Bond Fund (ALCB Fund), with a benefit in terms of pricing as follows: an initiative of KfW Development Bank and the German government – backed by ■ The five-year note was five basis additional investors. It aims to promote points (bp) better than Growthpoint’s the development of African capital markets last plain vanilla issue by acting as an anchor investor in primary ■ The seven-year note was one bp bond issuance. It has invested around better than its last issue $70million since inception in 13 countries. ■ For the fi rst time ever, it was able In addition to anchor investments, the to tap into the 10-year maturity via ALCB Fund offers technical assistance to a public auction and attributed that cover transaction-related costs, including to the fact that it was a green bond compliance with international green ■ The issuer was also able bond standards. to diversify its investors Karl von Klitzing, chairman Sustainable and attracted an anchor of the board of the ALCB Fund, ﬁnance is being said: “We are delighted to be international investor in the 10-year tranche forced into the investing in Growthpoint’s green bond and to mainstream and inaugural The green bonds are priced be supporting the sustainable at 139bp (1.39 per cent) for the we believe there real estate sector. As the first five-year term, at 169bp (1.69 corporate green bond issuance is signiﬁcant per cent) for the seven-year in Sub-Saharan Africa, it potential for term and at 200bp (2.00 per represents a milestone for the cent) for the 10-year term above growth in market. Growthpoint has three-month Johannesburg developed a comprehensive South Africa Interbank Average Rate. framework with the Green Delia Patterson, Senior Building Council of South Africa Transactor for Debt Capital Markets to ensure investors are well-informed of the Distribution at RMB, the lead arranger of the environmental impact of its green buildings. bonds, commented: “Investors appreciate the We hope to contribute towards improved additional level of oversight that is provided reporting standards as a catalyst for further to meet the green classification criteria and green bond issuance in renewable energy, this usually results in stronger appetite at housing and infrastructure sectors.”

www.ethicalboardroom.com

Good governance is our anchor for sustainable business growth Vodacom is honoured to be the recipient of the Best Corporate Governance Award for the Telecoms sector in Africa.

Vodacom Power to you

Technology | Board Tools

Reduce risk. Cut costs. Secure data.

underestimate your service 5 Don’t needs (and read the small print)

expect all of them to rely on multiple-factor authentication for logins and to use a state-of-the-art, end-to-end encryption method (i.e. on-server and on-device hardware encryption, TLS (transport layer encryption) and backup encryption). However, there are more questions to be asked: if applicable law and jurisdiction are important to you, ask your board portal provider about server location, the identity, ownership and domicile of their subcontractors, and the location of developers who have access to your data. When it comes to external validation and reporting, go beyond just reading the reports and pay some attention to the reputation and credibility of the external auditors and testers. Related to that, seek to find out whether your contract foresees the commissioning of external audits orchestrated by you and at what cost. Moreover, ask questions about transaction data. Those data include, for example, who logs in and how often, from which type of

update was made to the software. Also, he vehemently opposed any new features or changes in design. At some point, however, his board rejuvenated with different board members joining. To his surprise, the new members requested more, not fewer features. This was a game changer. The company secretary eventually understood that he cannot assume to know his board members’ preferences in advance. My recommendation is thus to look ahead. What features does the current version of your preferred board portal include and what features are in development? Ask to see your provider’s roadmap. That said, upon making your decisions, bear in mind that roadmaps are not always to be trusted. Feature development, testing and release might take more time than expected and don’t necessarily depend on your providers’ efficiency alone. Therefore, if you need a particular feature today, you are well advised to go with a provider who already has it built

I once met a company secretary who was working for a large construction company. He expected his new board portal to be ‘rock-solid’, just like the buildings his company constructs. In his mind, the software he just bought might have taken some time to be built, but once it’s done, it’s done. Unfortunately, software is always under construction: new features are added, underused ones are removed, bugs are fixed and security gaps are closed. And this is done by releasing new software versions at a considerable pace. Facebook, for example, does it weekly. As a result, prepare for an ever-changing product. The board portal that you have today will look different in a couple of months. And this means that you will be relying on your provider’s support and service throughout your contractual relationship. A well-orchestrated first onboarding and training is fine, but you will need more. The less frequently your board meets, the more important this becomes as board members get out of practice. My recommendation is, therefore, to check with your new board portal provider about its release cycle: how often do they make updates? What is its philosophy in this regard? And how will you know and be alerted about the upcoming changes? Also, seek to find out how many trainings are offered with no additional charge and what type of trainings, manuals, tutorials, etc, you are entitled to. The same holds true for support. Every moreparticularly information, please Increased data protection requirements software For has flaws, if the releasecontact: MORE EFFECTIVE cycles are frequent and testing periods are and exploding data growth presents new MEETINGS Cheng short. In fact, providers who optSonia for frequent Boards that go challenges and opportunities for your digital cite ease releases typically hazard the consequences +44 (0)20 3727 1783 of transparency organisation. of producing more bugs. These are then fixed sonia.cheng@fticonsulting.com ‘on the go’ – as users notice them. Read the in. If not, try to find out about the stage of device and IP-address, etc. Who owns this small print in your service level agreement. Our information governance experts development of that feature: is it already data: you or your software provider? And can What does it say about response time and can help develop andInimplement privacy specified? production? Already being you get logs of this data? How easily and at criticality of incidents? During the sales tested? Is there a release date in sight? what cost? What is the quality of these logs? process, ask to see some historic metrics programmes and solutions that reduce In addition, in looking ahead, plan for As a specialist in corporate governance, that reflect the availability of your new Nina Bryant compliance exit risk, cut costs, secure data in case you decide to opt for a different I can assure you that board work is fully board portal: what is the mean time between +44 (0)20 and enable faster and deeper into solution. Make sure youinsight know what will transparent these days. Boards who transition service incidents and what is the mean time3727 1124 happen to your data, post-exit, and whether from paper to digital can, at least in theory, between failures (reliability)? What is the nina.bryant@fticonsulting.com data. you can get your board materials extracted provide full transparency over such things mean time to repair (maintainability)? to some external hardware. What are the as time invested in meeting preparation. Finally, assure yourself that your provider www.ftitechnology.com/IG costs of this process? How efficiently can Finally, and most importantly ask about has enough service and support staff. Ask this data be uploaded into a new tool? key handling and server crypto-control. how many accounts a customer success While your data is (hopefully) encrypted on manager has to take care of on average. Last but not least, once you have made all the servers, the salient question is who has a This will provide you with an idea of the your choices and have wholeheartedly opted copy of the key (or ‘password’) to decrypt the level of responsiveness you can expect for your preferred board portal provider, bear data? Server crypto-control can be led by the from your customer success manager. in mind that most observers expect the market provider, by you or by no one. If a zeroDon’t miss out on getting a clear to consolidate in the near future. Smaller knowledge protocol is used for encryption, picture on security and confidentiality providers might not achieve growth and may you can trust that no unauthorised person Data security and confidentiality require the disappear altogether while your provider has access to your data and board materials. involvement of experts. Get your internal of choice might eventually be acquired by Don’t get stuck in short-termism audit and risk people on board early on in the a bigger competitor. What’s your plan B? I remember a company secretary who evaluation process. Board portals nowadays 1 Global Board Portal Market: Trends & Opportunities (2016 was extremely annoyed every time an have decent security standards. I would Edition) 2Market Guide for Board Portals – Gartner 2014

146 Ethical Boardroom | Spring 2018