Relationship intelligence solutions for dealmakers
Governance solutions for HR teams
View Case Study
View Case Study
Products
Relationship intelligence solutions for dealmakers
Executive compensation data solutions for HR teams
Resources
Equilar Institute
MediaCompany
Scott A. Scanlon is chief executive officer, editor-in-chief and co-founder of Hunt Scanlon Media where he oversees all of the company’s editorial content for newsletters, newswire briefings and the company’s market intelligence reports. Mr. Scanlon also oversees all news and editorial content and distribution initiatives for Hunt Scanlon Media’s digital platforms. He is a renowned expert on talent management, executive search and leadership solutions strategies and he is regularly quoted by The Wall Street Journal, The New York Times, Businessweek, The Financial Times, The Economist, Forbes and other major media.
So many factors are impeding risk management today—but at the top of my list at No. 1 is lack of skilled talent.
We all know there is a global shortage of talented leaders—and every function is impacted. But in risk management, this leadership shortage appears to be particularly acute. Banking, insurance and capital markets have all been negatively affected. And this has put finding risk management talent in the crosshairs of every top recruiter and corporate board across the country.
What seems to be driving the risk management talent crisis is the growing reliance on digital platforms. New technologies have created a surge in the need for people to manage them—and that has made the talent shortage especially urgent in risk management.
According to one recent survey, nearly two-thirds of executives said that a shortage of skills in new and emerging technologies is hurting the risk function’s effectiveness. Just 10% said their risk teams have the internal resources needed to carry out the functions they are asked to perform.
Talent shortages have been persistent since the Great Recession crisis exploded a decade ago. In 2019, that challenge is only deepening. AI is now the latest technology to surface in the risk management area—and with it has come a new talent shortage that pales in comparison to what we have experienced to date.
Risk management has always evolved. With the right talent in place, we will likely see many great evolutions to come. But it all comes down to people. Without talented humans, our risk management processes are doomed to fail.
Brian V. Breheny heads the firm’s SEC Reporting and Compliance practice. He concentrates his practice in the areas of mergers and acquisitions, corporate governance, and general corporate and securities matters and advises numerous clients on a full range of SEC reporting, compliance and corporate governance matters, including advising clients on compliance with the provisions of the Dodd-Frank Act, the SEC’s tender offer rules and regulations and the federal proxy rules.
Prior to joining Skadden in 2010, Mr. Breheny held a number of leadership positions in the Division of Corporation Finance at the U.S. Securities and Exchange Commission. He began as chief of the SEC’s Office of Mergers and Acquisitions in July 2003, and in November 2007 he became deputy director, legal and regulatory policy.
An increasingly critical factor that impedes the board’s role in risk management is identifying the information that board members need to receive regarding the company’s operations in order for them to make informed decisions. That was the central issue considered by the Delaware Supreme Court in a recent action against the board members of Blue Bell Creameries. In that matter, the Blue Bell board members were challenged as to whether they had a proper system in place to identify, monitor and mitigate the risks that led to a listeria outbreak in the company’s ice cream and the deaths of three people.
Delaware law does not specifically dictate the information a board should receive in connection with its risk management and oversight responsibilities. Rather, board members are obligated to make good faith efforts to ensure they are receiving appropriate information in a timely manner.
In the Blue Bell decision, the Delaware Supreme Court reversed a lower court’s decision that the board members had acted in good faith because it believed that the board had not “put in place a reasonable board-level system of monitoring and compliance.” The court noted that, while the management at Blue Bell had information related to the listeria contamination in certain of the company’s plants, there was no indication in the minutes that the board had discussed this information.
The Blue Bell decision was remanded to the lower courts for further consideration and, therefore, the board members may still prevail as to whether they had the necessary information regarding the company’s risks. Nevertheless, the decision is a reminder to boards of all companies, whether incorporated in Delaware or elsewhere, that they need to ensure themselves that board-level systems are in place and that such systems identify, monitor, consider and mitigate company risks that are central to the business and operations of the company. Facebook Inc.’s recent $100 million SEC settlement—where the SEC alleged that Facebook discovered the misuse of its users’ information in 2015 but did not correct its existing public disclosures for more than two years—is another example of how company decisions regarding company risks can be challenged and result in liabilities. It is clear for these and other reasons that information flow is a critical factor in impeding risk management.
Annalisa Barrett is a Senior Advisor with the KPMG Board Leadership Center, where she plays a key role in the development of research and thought leadership and advises directors on emerging trends in corporate governance. She has been quoted in the New York Times, Bloomberg, and the Financial Times, and her research has been featured in the Wall Street Journal.
Prior to joining KPMG, Ms. Barrett was CEO of Board Governance Research LLC. Barrett was also a Senior Advisor for ValueEdge Advisors, and Vice President and Senior Research Associate at The Corporate Library (now MSCI ESG Research). She previously was a Research Consultant in the Executive Compensation practice at Towers Perrin (now Willis Towers Watson) and a Tax Consultant in the Family Wealth Planning practice of Arthur Andersen.
One of the board’s most important responsibilities is to ensure that the company has an effective risk management strategy; however, there is less agreement about how boards should go about doing this. Some boards delegate risk oversight to a committee, either by creating a separate risk committee or by adding this topic to the audit committee’s already full agenda. Other boards consider risk oversight as an issue that should be addressed by the full board and integrated into every board discussion. As with many aspects of corporate governance, there is no “right” answer—rather, there are pros and cons to each approach and boards should design their structures to reflect what works best for their respective companies (and, ideally, should review the structure at least annually to ensure it still is effective). However, there are two aspects of the company’s corporate governance that may be even more important when considering what can impede the board’s oversight of risk management approach:
The culture within the boardroom
The board’s relationship with management
Board Culture: The culture within the boardroom dictates how robust the conversations and deliberations will be between board members. Directors must feel comfortable raising their concerns about current and potential risks facing the company. No one should hesitate to ask the important “what if” questions that may encourage the company to take action to mitigate risk. Effective board and committee leaders engender a culture of acceptance that allows all members to voice their concerns openly and share valuable insights from their experience assessing and mitigating risks—successfully and unsuccessfully—throughout their careers.
Relationship with Management: Similarly, the relationship that the board develops with management can play a significant role in risk mitigation. Important issues facing the company may not be brought to the board’s attention if management feels as though the board is unnecessarily intimidating or is “out to get them.” On the other hand, a board that has a strong relationship with management can make it clear that directors want to hear about potential risks before they become real threats that cause damage that could have been prevented.
Jonathan E. Salzberger is a Senior Director of Innisfree M&A Incorporated. Mr. Salzberger advises companies and investors on shareholder activism, proxy solicitation, corporate governance issues and shareholder engagement, with an emphasis on merger solicitations and proxy contests.
Prior to joining Innisfree, Mr. Salzberger was a mergers and acquisitions attorney with Sullivan & Cromwell LLP, where he represented clients in hostile and friendly, domestic and cross-border transactions.
Hypothetical: An employee alleges to the general counsel that the CEO has sexually harassed her on multiple occasions. The general counsel takes the allegation to the board. Let’s assume two alternatives. Board one consists of men in their 50s and 60s, all former public company CEOs themselves, with an average tenure of nine years. Board two consists of gender-diverse members from different business backgrounds and an average tenure of four years. Sure, both boards could handle this allegation in an adept and thorough manner. But if you are an institutional investor on the outside, in which board would you have more confidence to arrive at the right outcome and minimize risk to the enterprise?
For the Vanguards and BlackRocks of the world, one of the board’s primary objectives is to frequently and thoughtfully consider its own composition to ensure that the right people are in place to not only oversee management’s execution of the long-term value creation strategy, but also to understand and address the potential risks that threaten value. Board composition and risk management go hand-in-hand; bad things can happen when a board lacks critical experience and expertise to “issue spot” the enterprise risks at play.
The 2008 financial crisis ignited investor concerns about board composition: How can boards manage risk when they don’t have the expertise to understand the products being traded and sold? The crisis prompted demands for directors with a wider range of skill sets. Now that financial and other proficiencies are better represented on boards, investors are calling for a second review of board composition—this time, geared to diversity of background and experience—to combat groupthink and address red flags.
This helps explain the focus on board diversity over the last few years. While the push for gender diversity has been a key platform for many institutional investors (perhaps partly because of the relative ease of identifying it), gender diversity is simply a proxy for diversity of thought and experience. Diversity of all types can serve as an antidote to the potential groupthink that hindered the “male, pale and stale” boards of the past. Thus, boards are encouraged to canvass for members with the right expertise who will stimulate discussion and bring new views to the boardroom.
Simply put, institutional investors believe that diverse boards will identify and manage risks better. They will likely be more sensitive to immediately apparent risks, such as sexual harassment in the #MeToo era, but also to unforeseen risks—whether cybersecurity or supply-chain management—by virtue of their range of perspectives.
Roles
Solutions
Industries
Roles
Solutions
