Legislative Developments

• Corporate Governance Hearing: Society President & CEO Darla Stuckey is testifying today at the House Financial Services: Capital Markets and Government Sponsored Enterprises hearing: "Corporate Governance: Fostering a System that Promotes Capital Formation and Maximizes Shareholder Value." The hearing is examining public company capital markets and the associated regulatory scheme. Darla's testimony focuses on these three discrete topics:
   
  • Potential need for reform of Rule 14a-8 of the Securities Exchange Act of 1934
  • Current disclosure obligations of publicly traded companies and SEC mandates to modernize disclosure
  • Impact of mandatory disclosure obligations and other corporate governance provisions in Titles IX and XV of the Dodd-Frank Wall Street Reform and Consumer Protection Act on corporations and shareholder value

Additional witnesses include representatives from the Business Roundtable, Manhattan Institute and CalPERS. See also these letters from the US Chamber and CII.

• Government Funding: Senate Democrats and House Republicans are reportedly close to an agreement on an appropriations measure to extend government funding beyond the September 30th fiscal year-end. As reported in last week's Society Alert, both parties are still aiming for a short-term continuing resolution that would extend current federal spending levels to December 9th. See also this Morning Consult article.

Commissioner Piwowar Encourages Comment on SEC Rule Review

SEC Commissioner Piwowar urged public comment on the SEC's Regulatory Flexibility Act-mandated annual rule review list. Among the rules currently slated for review are Section 16 exemptions and associated Reg. S-K Item 405 re: Section 16 compliance, and revisions to the "Accelerated Filer" definition and accelerated filing deadlines for periodic reports. Comments are due 30 days after publication in the Federal Register.

SEC: EY Audit Partners' Personal Relationships Violate Auditor Independence

On Monday, the SEC announced charges against former partners of EY for violating auditor independence standards - its first auditor independence enforcement actions prompted by close personal relationships between auditors and client personnel. Specifically, one audit engagement senior partner reportedly maintained an inappropriately close relationship with the company client's CFO, and another engagement partner (different client) reportedly maintained a "close personal and romantic relationship" with the company's CAO. In both cases, the respective audit reports purportedly misrepresented the firm's independence. EY agreed to pay $9.3 million to settle the charges. See also this Reuters article, and this accountingToday article addressing recent PCAOB auditor independence enforcement actions.

Auditor Report Reform (Still) Perceived Negatively by Companies

Baker & McKenzie Partner and Society Member (and former PCAOB Acting Chair) Dan Goelzer summarizes the overall posture by group of the various comments submitted to the PCAOB on its recently re-proposed auditor's reporting model standard in his latest Audit Committee and Auditor Oversight Update. Based on his review of the comment letters, as was the case with the initial proposal, audit committee member comments generally opposed the proposed disclosure of critical audit matters (CAM) suggesting it could "inhibit auditor/audit committee communication, usurp management's role in determining what should be disclosed, and confuse financial statement users." Company management comments reportedly expressed concern that the proposed CAM disclosure would "undermine" the audit committee's work.

Goelzer's update includes pertinent comment letter excerpts from both audit committee members and company management.  Comments from investors, auditors and other types of commenters are reportedly more supportive of the reproposal.

See the Society's comment letter on the initial proposal here, and our prior reports on the reproposal here, here and here.

State Securities Regulators: 2,000+ Enforcement Actions in 2015

Last week, the North American Securities Administrators Association (NASAA) released its 2016 Enforcement Report based on 2015 data. Among the key statistics:

• State securities regulators conducted more than 5,000 investigations in 2015.
• More than 2,000 enforcement actions were brought against more than 2,700 respondents.
• Most enforcement actions involve some sort of fraud. Victims were often targeted via the Internet or as a result of membership of/in an identifiable affinity group.
• Actions yielded restitution of over $530 million, and $230 million in fines or penalties.
• Approximately 3,000 license/registration requests were withdrawn; more than 250 individuals had their licenses/registrations revoked or were barred from the industry; and more than 475 licenses/registrations were denied, suspended, or conditioned.

See the NASAA's release, and this post from Jim Hamilton's World of Securities Regulation.

New York State Proposes Cyber Regulations for Financial Industry

Last week, further to proposals floated late last year (which we reported on here), New York's Department of Financial Services announced proposed cybersecurity regulations for banks, insurance companies, and other financial services institutions regulated by the Department. The rules would become effective January 1, 2017 - subject to a 180-day compliance transition period. Proposed requirements include:

• Establishment of a cybersecurity program that meets certain minimum requirements including a written incident response plan
• Implementation of a written cybersecurity policy to be reviewed by the company's board of directors (or equivalent) and approved by a senior officer
• Designation of a CISO with enumerated responsibilities including bi-annual reporting to the company's board of directors (or equivalent)
• Employment and training of adequate cybersecurity personnel
• Annual IS risk assessments, and maintenance of audit trail systems
• Prompt notification to the NYDFS of cybersecurity incidents that reach a certain threshold
• Board of directors or senior officer submittal of annual certification of compliance beginning January 15, 2018

The 45-day public notice and comment period ends October 28th. All questions and comments regarding the proposed rule should be emailed to CyberRegComments@dfs.ny.gov.

See this memo from Paul Weiss, this article from American Banker, and additional resources on our Cybersecurity topical page.

UK Launches Corporate Governance Consultation

As reported last week on Rants to Riches, and further to last week's Society Alert, new Prime Minister Theresa May's July campaign speech and her speech earlier this month at the G20 Summit, the UK Parliament's Business, Innovation and Skills Committee launched a public consultation last Friday on "corporate irresponsibility" to gauge the public sentiment on various director duties, board composition and executive pay "reforms" including how the decisions of boards should be scrutinized and open to challenge, whether shareholders should have a greater role in controlling executive pay, and whether and how there should be employee representation on boards and/or compensation committees. Comments are due October 26th.

See these articles from Sodali, the guardian, International Business Times, and Reuters.

Compliance Officers: Compliance/Ethics Function Benchmarking

PwC's just-released 6th annual State of Compliance report reflects this year's benchmarking survey of more than 800 corporate compliance officers - including CCOs, CECOs. CLOs, GCs and CAEs or equivalents responsible for compliance, ethics, audit and/or risk functions. Among the many noteworthy findings are these regarding board reporting/oversight:

• 63% of respondent boards receive reports on their company's compliance and ethics (C&E) performance on at least a quarterly basis.
• Reporting to the board generally consists of basic C&E program statistics, e.g., hotline metrics, training data and risk assessment results and - typically - more detailed briefings on higher-risk internal C&E investigations (e.g., substantiated claims involving potential reputational or financial harm to the company, claims involving executives or accounting/financial fraud).
• Respondents at companies with more mature programs may also: (a) do deeper dives into particular C&E risks and the company's associated risk management efforts, (b) train the board on risk-specific topics (e.g., anti-bribery) or more general C&E topics (e.g., Federal Sentencing Guidelines and the board's duties and responsibilities relative to C&E program oversight), (c) brief the board on recent C&E headlines and trends, and/or (d) present and vet the company's annual C&E program plan.
• The board's audit committee oversees the C&E program at 65% of respondent companies; however, 20% of boards reportedly have a separate, stand-alone compliance/ethics committee.

Also noteworthy: the C&E function most commonly reports organizationally to the CLO (36% of respondents) - up 5% from 2015, and 52% of companies have an in-house compliance committee compared to 64% in 2015. Figure 10 on page 15 of the report identifies the activities most commonly conducted by the in-house committee - with identifying compliance-related risks, reviewing (annually) the effectiveness of the compliance program, and approving corporate compliance policies or policy revisions ranking 1st, 2nd, and 3rd, respectively.

See also PwC's May 2016 Trends in Compliance Organizational Structures, and numerous additional resources on our Compliance & Ethics topical page.

Non-GAAP Financial Measures Roadmap

Deloitte's newly released Roadmap to Non-GAAP Financial Measures provides guidance designed to help companies assess the appropriateness of their non-GAAP measures via a thorough, reader-friendly discussion of the SEC's updated non-GAAP C&DI guidance amplified by Deloitte's commentary and specific examples. In addition, Chapter 5 is devoted to important disclosure control & procedure considerations (which we previously reported on here), and the appendices include a management non-GAAP checklist; summaries of and links to relevant SEC speeches/remarks; SEC comment letter statistics and examples; summaries of the pertinent regulatory requirements and more. Last week, we reported on the results of a recent survey of non-GAAP disclosure correspondence between companies and SEC staff since the date of Corp Fin's most recently C&DI updates.

See also this MarketWatch article, Bloomberg BNA's: "Non-GAAP Measures: Worth the Hassle?" and "Securities Regulators See Improvements in Financial Reporting," and additional resources on our Financial Reporting topical page.

State of Corporate Social Responsibility Reporting

Only 25% of sustainability professionals believe that their CFO is absolutely convinced of the value of their CSR Report, according to the results of this inaugural Ethical Corporation "State of CSR Reporting and Communications" report reflecting a summer 2016 survey of 948 sustainability professionals worldwide (including 25% US, 43% Europe). In that the CFO is deemed to control the company budget, convincing the CFO of the value of the CSR Report is characterized as a critical internal issue. Additional key take-aways include:

• Proving the value of sustainability: Nearly 40% of organizations identified this as the biggest opportunity in 2016/2017.
• Increasing engagement with key stakeholder groups: 51% identified this as the number one issue, whereas engaging millennials was identified as the least important issue over the next 12 months.
• Too much time is being spent on the reporting process: 60% of respondents agreed that too much time is being spent on the reporting process. This drops to 57% when focusing on just respondents that work within the CSR department.
  
  

Directors & CEOs Weigh in on General Counsel Role

KPMG's latest report on the GC role: "Through the looking glass - How corporate leaders view the General Counsel of today and tomorrow" is based on interviews with directors, CEOs, and board and audit committee chairs worldwide about their expectations of the role and how the GC adds the most value to the board and the business. Notably, the interviewees identified these top five risks on which the GC needs to focus: (1) Regulation, (2) Technology-related, (3) Litigation, (4) Contracts, and (5) Reputation; however, the collective view of the GC as a key player in the business rather than the traditional in-house counsel/lawyer-only role stands out more than ever, and forms the basis for discussion about how GCs may best fulfill current and evolving expansive expectations of the role.

See also this new Columbia Law School post: "General Counsel's Growing Prominence May Prompt Privilege Problems."

Women Directors More Likely to Have Tech Experience

Perhaps further eroding the misconception that there is a lack of qualified women director candidates, Fortune reports on new Accenture research indicating that 26% of women on Forbes Global 2000 US-based company boards have professional tech experience compared to just 17% of male directors. Although the percentage differences vary by country - on an overall basis (across countries) - the study found that only 10% of directors have tech experience and that women directors are nearly twice as likely as men to have this experience. The depth of experience varies by industry - with tech and communications companies ranking 1st and 2nd, respectively. For purposes of the study, tech experience was defined as either holding a key tech position at a previous employer—such as CTO or CIO—or having senior-level responsibility at a technology firm.

According to PwC's 2015 Annual Corporate Directors Survey (PwC's 2016 survey is coming soon!), 87% of 783 public company respondent directors queried about the most desirable director attributes identified cyber expertise to be at least "somewhat" important, but directors rated IT strategy expertise as an even higher priority than having a director with a cyber risk background (with 37% ranking IT strategy expertise as "very important").

Benchmarking Board Composition & Recruitment

Further to our report in last week's Society Alert, Equilar's recently-released "Board Composition and Recruiting Trends 2016" (made available for Society members only) reveals these key findings and trends for S&P 500 boards over the last five years:

• The average board in 2016 was composed of 10.9 directors - up marginally from 10.7 in 2012. The largest average board was in the financial sector, whereas the smallest was in the tech sector.
• Of boards with a mandatory retirement age, the most prevalent was 72 years of age in 2016, followed by 75 years.
• 61% of S&P 500 companies disclosed in their proxy that ethnic or racial diversity was a consideration when assessing either the board or individual directors, while 12.8% disclosed the current composition of their boards in terms of ethnic or racial diversity.
• Women directors held 21.3% of the board seats in 2016, up 4.7% from 16.6% in 2012.
• Male directors averaged 63.1 years of age in 2016, while female directors averaged 60.2 years. Newly appointed directors of both genders averaged 57 years of age.
• Nearly twice the percentage of S&P 500 companies included a board skills matrix in their 2016 proxies -12.6% - than in 2015.
• Of all board seats, 51% were occupied by a director who served on multiple boards in 2016. Women were more likely to sit on multiple boards than men.
• Fewer boards were chaired by the company's CEO in 2016, falling to 50.3% from 56.2% in 2012.

Also noteworthy: almost 10% of directors were new in 2016 - up from 8.7% in 2013, perhaps reflecting the push toward greater board refreshment. The report also includes disclosure examples, e.g., board/director diversity, board/director skills matrices.

Adverse Impacts of Industry Expert-Dominated Boards

This Harvard Business Review report on a recently published study in the Academy of Management Journal, "When Experts Become Liabilities: Domain Experts on Boards and Organizational Failure" (available to AOM non-members for purchase) explains how industry expert-dominated boards can actually impede board effectiveness during those times when the company arguably is most needy as respects board oversight and decision-making - i.e., when the company "veers off the beaten path and faces uncertainty" or when conditions are "novel or ambiguous." The report identifies and discusses in a logical fashion these three factors characteristic of expert-dominated boards: cognitive entrenchment, overconfidence, and task conflict - that can adversely impact the kinds of thinking, perspective and dialogue in the boardroom that these types of situations warrant.

While the study's authors conclude that expert-dominated boards may be problematic, they don't recommend going "expert bare"; rather, the results suggest "that it's important to appoint a non-trivial number of directors whose primary expertise is in another industry - especially if the board is likely to face significant uncertainty."

Nonprofit Board Chairs: Role Preparation & Succession Planning

Alliance for Nonprofit Management's just-released "Voices of Nonprofit Board Chairs" reveals the results of a study of 635 US nonprofit board chairs on how they prepared for the chair role, and how they understand their leadership role in relationship to their boards, their CEO, and their communities. Among the noteworthy findings: Just over half of respondents indicated that they did nothing specific to prepare for their board chair role. As to what was helpful or very helpful to them in preparing for the role, 70% indicated observation of prior chairs; 50% mentioned asking the outgoing chair for advice; and 58% mentioned asking the CEO for advice. Helpful sources of information identified were the Internet (42%), local workshops (37%) and books (33%). Consultants and coaches were reported as least likely to be helpful and least likely to be considered a resource.

Over half of board chairs only served on their boards for 3 years of less before assuming the chair position (almost 25% had served for less than a year), whereas CEO tenure was more evenly distributed among lengths of tenure from 1-2 years to more than 12 (see Tables 9 and 14, respectively).

Recommendations include:

• Develop an intentional, well planned practice of board chair preparation and succession planning.
• Clarify the role of the chair in relation to the full board, the CEO, and the organization's community, so that there is shared agreement within the board.
• Provide training, mentoring, and coaching opportunities specifically for board chairs.
• Build leadership capacity for many potential board leaders, including committee chairs.
• Provide more accessible and research-based resources for board chairs and capacity-builders.
• Support the board chair leadership function to improve both the chair's and board's involvement in community engagement.
• Consider moving from a heroic individual model of leadership to shared leadership.

See the release, and numerous additional resources on our Non-Profits topical page.

Most Financial Institutions Impose Director Equity Caps

Reuters' recent report on director compensation notes a Willis Tower Watson analysis of the Fortune 500 indicating that 52% of financial institutions have director stock award limits (most of which were determined to be 2x - 3x director median pay) - compared to just 28% of the Fortune 500 as a whole. Most companies reportedly have implemented caps on directors' equity awards rather than overall compensation.

Establishing meaningful limits on director pay in equity plans was among King & Spalding's suggested litigation mitigation director compensation practices that we reported on last month. Access additional resources on our Director Compensation topical page.

Peer Group Benchmarking

Among the noteworthy statistics from a recent Equilar/Pay Governance webinar, "How Peer Groups Influence Pay for Performance Alignment" (access a replay here):

• The median size of an S&P 500 peer group was 17 companies for the most recent fiscal year.
• 11% of companies use multiple peer groups for a number of reasons, e.g., few direct competitors, aspirational peer groups to reflect strategy.
• More than 90% of the S&P 500 use industry as a peer group benchmark, while 75% choose peers based on revenue. However, some companies use other criteria such as market cap, whether the potential peer is a source/destination of executive talent, and other financial measures.
• Most companies target the median compensation of their peer groups. Companies do target CEO pay above or below the median in certain cases, but Pay Governance indicates a downturn over the past 5 - 10 years in targeting the 75th percentile - reportedly due to SoP and the related influence of ISS and Glass Lewis on SoP outcomes. 

Institutional Investors Offer Insights on Executive Compensation

Stanford's latest Closer Look Series: The "Buy Side View" on CEO Pay offers some valuable insights on institutional investor views on executive compensation based on input from 71 US and Canadian institutional investors examined by Rivel Research Group (see FN6). Notably, about half of the institutional investors believe that executive pay practices have improved in recent years; 75% believe that pay-for-performance (P4P) is important; and they are much more likely to vote against a company's pay due to a perceived P4P disconnect (42%) rather than egregious pay levels (25%).

Also noteworthy is the lack of consensus on the best compensation plan performance metrics. Although institutional investors reportedly tend to favor operating metrics over stock-price performance, views as to what constitutes excellent or very good P4P metrics vary. ROIC is the most favored metric at 77%, whereas TSR - the controversial benchmark of performance in the SEC's proposed Pay vs. Performance rule - is ranked 4th out of seven metrics, with just under 50% of institutional investors supporting.

Additional noteworthy institutional investor perceptions include:

• Despite voting in favor of SoP 70% - 90% of the time, only 25% believe that executive compensation packages are structured to encourage P4P "most of the time" - with 41% indicating this is so "about half the time."
• Only 11% believe that CEOs are exposed to financial downside risk "most of the time." 31% percent say that CEOs are "never" exposed to financial downside risk.
• Only 3% of respondents consider ISS and Glass Lewis SoP recommendations to be important despite the documented influence of these proxy advisors on shareholder votes overall (see, e.g., FN 11, and this new Harvard Law post and the accompanying paper: "The Role of Proxy Advisory Firms").

Using Technology to Transform the Financial Reporting Process

This new paper from the CFA Institute, "Data & Technology: Transforming the Financial Information Landscape" suggests how the use of data, data analytics and technology can be used to transform the financial reporting process so that investors would receive more transparent and better quality information on a more timely basis - ultimately resulting in better investment decision-making.

The report, which covers all of the major players in the process - companies, auditors and regulators, investors, and policy makers - makes a case for companies' structuring their data early in the financial reporting process to achieve time and cost savings, as well as better quality data. At its most basic level, this - in turn - would make the data more easily accessible and useful for audit and regulatory review/enforcement purposes, and allow for more efficient research and analysis and better decision-making by investors. Policymakers are urged to afford greater consideration in the current disclosure reform dialogue to technology to enhance the access and usability of the information in otherwise "normal course" regulatory filings.

This week's highlighted question from the Huddle is:

It has recently been brought up by a board member that we should not memorialize the Executive Session portion of a board meeting within the same set of minutes as the board meeting itself. Does anyone have experience with this? Should the Executive Session be captured on a separate page so it can be removed from the regular set of minutes?

This question generated a lot of activity and many excellent answers (too many to note here) including:

In my experience, executive session minutes are not detailed, so there is usually not a need to separate the minutes. Following an executive session, the presiding director tells the corporate secretary the topics discussed. The last section of the minutes would read something like … "The board of directors moved into an executive session and all members of management left the meeting. It was reported to the secretary that the directors discussed, among other things, succession planning, the environmental report, and xx." No actions were taken." In those instances when an action is taken (usually a draft of a possible resolution is given to the presiding director ahead of time, if the subject is known), the last sentence is revised to report that "… the following resolution, being duly made and seconded, was approved …" On occasion, if there is significant issue, the executive session minutes may be a bit longer.

Check out the Society Huddle.

• Why Basing Executive Compensation on a Formula Doesn't Work, Wall Street Journal, September 18, 2016
• Rolling DOL Fiduciary Guidance Begins in Fall: DOL's Hauser, ThinkAdvisor, September 16, 2016
• PCAOB Sanctions Audit Firms and Partners for Violating Independence Rules, September 16, 2017
• U.S. Lawmakers Ask Wells About Taking Back Bonuses Linked to Scam Case, Reuters, September 16, 2016
• SEC Whistleblower Program The Only Success in Enforcement, ValueWalk, September 15, 2016
• Investor Asks Wells Fargo to Split Chairman, CEO Roles, Wall Street Journal, September 15, 2016
• Is There Life After the SEC? Yes, On Corporate Boards, Bloomberg, September 15, 2016
• Automated Trading Could Work Against Investors: Sec Chief, Reuters, September 14, 2016

See other recently posted Articles of Interest.

Also, just a reminder that you can find additional topic-specific articles and other resources here.