On February 12, the White House released the widely anticipated Framework for Improving Critical Infrastructure Cybersecurity (“the Framework”). Developed pursuant to Executive Order 13636 (issued in February 2013), the Framework strongly encourages companies across the financial, communications, chemical, transportation, healthcare, energy, water, defense, food, agriculture, and other critical infrastructure sectors to implement and comply with its voluntary standards. The provisions set forth in the Framework may establish a new baseline for industry standard practices, and may impact or guide FTC enforcement actions and plaintiff data breach lawsuits.
Over the past year, boards of directors continued to face increasing scrutiny from shareholders and regulators, and the consequences of failures became more serious in terms of regulatory enforcement, shareholder litigation and market reaction. We expect these trends to continue in 2014, and proactive board oversight and involvement will remain crucial in this challenging environment.
During 2013, activist investors publicly pressured all types of companies—large and small, high-flyers and laggards—to pursue strategies focused on short-term returns, even if inconsistent with directors’ preferred, sustainable long-term strategies. In addition, activists increasingly focused on governance issues, resulting in heightened shareholder scrutiny and attempts at participation in areas that historically have been management and board prerogatives. We expect increased activism in the coming year. We also expect boards to continue to have to grapple with oversight of complex issues related to executive compensation, shareholder litigation over significant transactions, risk management, tax strategies, proposed changes to audit rules, messaging to shareholders and the market, and board decision-making processes. And, as evidenced in recent headlines, in 2014 the issue of cybersecurity will demand the attention of many boards.
U.S. public companies face a host of challenges as they enter 2014. Here is our list of hot topics for the boardroom in the coming year:
- 1. Oversee strategic planning amid continuing fiscal uncertainty and game-changing advances in information technology
- 2. Address cybersecurity
- 3. Set appropriate executive compensation as shareholders increasingly focus on pay for performance and activists target pay disparity
- 4. Address the growing demands of compliance oversight
- 5. Assess the impact of health care reform on the company’s benefit plans and cost structure
- 6. Determine whether the CEO and board chair positions should be separated
- 7. Ensure appropriate board composition in light of increasing focus on director tenure and diversity
- 8. Cultivate shareholder relations and strengthen defenses as activist hedge funds target more companies
- 9. Address boardroom confidentiality
- 10. Consider whether to adopt a forum selection bylaw
In many respects, the relentless drive to adopt corporate governance mandates seems to have reached a plateau: essentially all of the prescribed “best practices”—including say-on-pay, the dismantling of takeover defenses, majority voting in the election of directors and the declassification of board structures—have been codified in rules and regulations or voluntarily adopted by a majority of S&P 500 companies. Only 11 percent of S&P 500 companies have a classified board, 8 percent have a poison pill and 6 percent have not adopted a majority vote or plurality-vote-plus-resignation standard to elect directors. The activists’ “best practices” of yesterday have become the standard practices of today. While proxy advisors and other stakeholders in the corporate governance industry will undoubtedly continue to propose new mandates, we are currently in a period of relative stasis as compared to the sea change that began with the Sarbanes-Oxley Act and unfolded over the last decade.
In other respects, however, the corporate governance landscape continues to evolve in meaningful ways. We may be entering an era of more nuanced corporate governance debates, where the focus has shifted from check-the-box policies to more complex questions such as how to strike the right balance in recruiting directors with complementary skill sets and diverse perspectives, and how to tailor the board’s role in overseeing risk management to the specific needs of the company. Shareholder engagement has been an area of particular focus, as both companies and institutional investors have sought to engage in more regular dialogue on corporate governance matters. The evolving trend here is not only the frequency and depth of engagement, but also a more fundamental re-thinking of the nature of relationships with shareholders and the role that these relationships play in facilitating long-term value creation. Importantly, this trend is about more than just expanding shareholder influence in corporate governance matters; instead, there is an emphasis on the roles and responsibilities of both companies and shareholders in facilitating thoughtful conversations instead of reflexive, off-the-shelf mandates on corporate governance issues, and cultivating long-term relationships that have the potential to curb short-termist pressures in the market.
It is an honor to be with you today [Oct. 15, 2013]. The National Association of Corporate Directors has long played an important leadership role providing the insight and guidance that board members need to enhance shareholder value and effectively confront the various business challenges their companies face. The NACD has also been a very important partner to the SEC—providing valuable input on a number of our rulemaking efforts that affect companies and their boards of directors.
As members of boards of directors, each of you has an incredibly important job. You are fiduciaries and tasked with the oversight of company management—which requires a tremendous amount of time, knowledge and dedication. As a former director, I know all-too-well the heavy responsibility you have and the hard and time-consuming work involved to do the job properly.
One aspect of the job, which has taken on increasing importance in the last several years, is the role that you play in shareholder engagement and ensuring that management is considering the needs of investors in connection with the information that is provided to them.
While the proxy and annual reporting season for calendar year public companies typically heats up in the winter, by autumn preparations for the 2014 season should be underway. The following key issues for the upcoming season are discussed below:
- Current Say-on-Pay Considerations
- Compensation Committee Independence and Compensation Consultants
- NYSE Quorum Requirement Change
- Pending Dodd-Frank Regulation
- Proxy Access
- Specialized Disclosures
- SEC Interpretations Impacting Reporting
- Iran Sanctions Disclosure
- PCAOB Audit Committee Communications Requirements
- Director and Officer Questionnaires
The “IT confidence gap”
Overseeing a company’s information technology activities is a significant challenge for directors. The pace of change in this area is rapid, the subject matter is complicated, and the highly technical language used to describe emerging technologies and evolving risks makes this a challenging area. And many companies are relying more and more on technology to get ahead, often prompting substantial changes in how they operate. All of these factors can make the board’s IT oversight responsibility appear harder than it is.
Our research, which included surveying 860 public company directors, indicates many board members are uncomfortable with overseeing their company’s IT. Although many directors want to better comprehend the risks and opportunities related to IT, they sometimes don’t have an adequate understanding of the subject to be truly effective in their oversight roles. In addition, boards often lack a well-defined process that satisfies their needs in this area. On the whole, this confluence of factors creates an “IT confidence gap” for many board members. Consider the following:
A fog of uncertainty hangs over U.S. public companies as 2013 approaches. The looming fiscal cliff, increased regulatory burdens, the ongoing European debt crisis, growing Middle East unrest and slowing global growth are just a few of the uncertainties companies will have to navigate as they chart a course for the coming year. Here is our list of hot topics for the boardroom in 2013:
As boards of directors examine the risks that their companies face, corporate cybersecurity issues loom large. Forty-eight percent of directors (and 55 percent of general counsel) cited data security as their top concern in a recent study by Corporate Board Member/FTI Consulting. These numbers have roughly doubled since 2008, when only a quarter of directors and general counsel cited data security as a major concern. With revenues, intellectual property, business relationships and customer confidence potentially at stake, directors should consider whether their companies and management teams are adequately addressing the growing threat of cybersecurity in the new high-tech landscape.
Cybersecurity risk is a difficult and intimidating topic for corporate boards to consider. However, it is important to keep in mind that cybersecurity risk is only one of many areas of risk that are overseen by boards of directors and that, in most cases, the usual strategies and procedures for evaluating and managing risk can apply. Directors are not expected to be experts in this area and are entitled to rely upon management and outside experts for information and advice. Nonetheless, directors should request that management reports to the board on the steps the company is taking to mitigate cyber threats, and directors should consider whether the company is appropriately assessing its risks and devoting adequate resources to the issue. The business judgment rule remains the standard for evaluating decisions taken by a board in this area.
With the arrival of fall, calendar-year companies are gearing up for what promises to be another busy proxy season, preparing for new rules that will impact their disclosures and governance practices, and planning their 2013 board and committee calendars. To assist public companies in these endeavors, we discuss below ten key items for corporate secretaries and in-house counsel to consider.