Too often boards segment the function of internal audit into one solely of financial reporting. In this world of fast-paced change, this perspective severely limits the opportunity for effective risk mitigation. Internal audit can position the Board to assess risk more effectively. While boards typically rely on management for risk information, internal audit plays an essential, but too often an underutilized role in the information flow between senior management and the board.

D&O Questionnaire

Limiting the function of internal audit to financial risk reporting, leaves the board vulnerable to missing threats from other risks such as data privacy and cyber security. Internal audit brings value in its ability to provide assurance as to the accuracy, completeness, or transparency of allinformation sent by management to the board. Yet, boards rarely utilize internal audit for assurance of the information they are given. In a recent study nearly 60% of chief audit executives indicated that internal audit “rarely or never provides assurance on the quality of information given to the board nor does internal audit have formal discussions about the information with the board and management.” Nearly one-third reported providing assurance to boards “only for unusual situations.”

Analysts and those who critique governance are beginning to take note. Certainly the seeming rise in governance failures that have made headlines recently begs the question, did the board not have the right information to know what was going on? If they had had the right information, could the risk have been mitigated? Because the board’s risk oversight role requires directors’ close attention to the accuracy of all information provided to them, boards must commit to utilizing internal audit to provide assurance consistently for all information, and to asking these pertinent questions to make certain the information provided to them is reliable.

  1. Is the financial information accurate?
  2. Are business and strategy plans realistic?
  3. Who is managing third-party risk and is it being updated regularly?
  4. Are management and the board aligned on addressing fraud opportunity risks?
  5. Does the company culture breed integrity?
  6. Who is responsible for protecting the company’s crown jewels and what are the threats?

Elon Musk’s unpredictable behavior has become a recurring headline, much to the dismay of those at Tesla who would like the Company’s founder to exercise restraint befitting a CEO. The company’s inability to force his compliance with recent SEC rulings has called into question whether Musk should continue to serve as chief executive officer. The stakeholder community is standing by to see how the Tesla Board will address these problems. Byron Loflin, CEO of Center for Board Excellence, suggests that it is time for the Tesla Board to exercise its oversight responsibilities, guide the situation, and mentor their CEO. For more information, see the Wall Street Journal’s CFO Journal article addressing the topic.

The annual Corporate Governance Awards were hosted by Corporate Secretary on November 8, 2018, in New York City. This annual event puts the spotlight on the importance of accountability, compliance, and governance excellence in organizations by recognizing leaders who have demonstrated extraordinary commitment to implementing these ideals in companies across diverse industries.

The winners for 2018 are:

Best Compliance and Ethics Program (Large Cap) – VISA
Best Compliance and Ethics Program (Small to Mid-Cap) – NW Natural
Best ESG Reporting – Microsoft
Best Overall Governance for a Private Company – Graybar Electric Company
Best Overall Corporate Governance (International) – Westpac
Best Proxy Statement (Large Cap) – General Motors
Best Proxy Statement (Small to Mid-Cap) – AMN Healthcare Services
Best Shareholder Engagement – Hewlett Packard Enterprise
Best Use of Technology – HP
Governance Professional of the Year (Large Cap) – Shannon Kinney, ConocoPhilips
Governance Professional of the Year (Small to Mid-Cap) – Courtney Schuster Kamlet, Syneos Health
Governance Team of the Year (Large Cap) – General Motors
Governance Team of the Year (Small to Mid-Cap) – Atlas Air Worldwide
Rising Star – Connie Wu, Splunk

Center for Board Excellence (CBE) offers a suite of governance and compliance solutions that support directors, officers, and governance professionals in their efforts to promote governance excellence and accountability. CBE’s proprietary assessment and reporting processes promote strategic alignment between board and management and turn feedback into action–all while removing paper from the process. Merging expertise, technology, and innovation, CBE provides clients with customized solutions for compliance processes, including directors’ and officers’ questionnaires, related party questionnaires, and conflict of interest questionnaires, among others.

CBE is proud to share a common purpose with those recognized by Corporate Secretary: a commitment to excellence in corporate governance. We commend this year’s nominees and winners, and look forward to further partnerships with such exemplary organizations and professionals.

Are you using best practices to collect and store the information you obtain from your Directors and Officers? If you still compile your company’s information manually and collect responses on paper, by scan or emailed responses, you already realize that your systems are not optimized, but it has further reaching implications.

Best practices in compliance- and governance-related tasks require professionals to consider many additional factors that technology can improve. Modern, cloud-based systems for D&O questionnairesprovide a number of key benefits that go beyond saving the legal team time:

  1. Security & The Private Cloud – A private cloud environment provides greater control and security for your data. Most providers for these types of services rely on a hosted cloud service like Amazon Web Services or Microsoft’s Azure. With hosted servers, are you sure who really controls your data at the end of the day? Using a private cloud ensures that your data is under your control and can be kept secure or deleted completely at your discretion. This provides heightened security, ensuring that sensitive data is retained and is not susceptible to inadvertent destruction or theft that targets mass-market systems.
  2. Time – Few things are more valuable to your Directors and Officers (or to any of us for that matter) than time. Customer feedback indicates that a properly constructed online process reduces the time it takes to complete the questionnaire by nearly 50%. This is time that you are giving back to the highest paid people in your company.  That’s no small matter. In addition, the legal and compliance teams will save dozens of hours by automating the most labor intensive parts of their processes, while also creating a series of gatekeepers to flag particular types of responses.
  3. Accuracy – Have you ever had questions left blank on a questionnaire, which then requires follow-up and perhaps additional certification? Online tools can eliminate missed questions and ensure a more accurate process by pre-screening for changes from prior years and even creating internal flags that generate alerts for the legal team whenever an unexpected answer is entered.  Using best practices helps eliminate errors.

While it is often difficult for legal departments to obtain additional legal budget for technology acquisitions, there are points in time when best practices can no longer be overlooked and technology migrations become necessary.

The D&O questionnaire has tipped over. Paper or cut and paste processes can no longer be justified now that the efficiencies and reliability of cloud-based systems so clearly outweigh the minimal cost.

Toyota and Volkswagen have been the two biggest vehicle manufacturers worldwide for the past several years. Just two years ago, Volkswagen was number one, but a look behind the numbers, shows that trouble had been looming for some time. In a recent New York Times article, Charles M. Elson, director of the John L. Weinberg Center for Corporate Governance at the University of Delaware, said “the governance of Volkswagen was a breeding ground for scandal. It was an accident waiting to happen.”

Despite the many other public examples of failed corporate governance practices that have wrecked companies (WorldCom, Enron, Arthur Anderson, Toshiba) and lead to massive losses (AIG, Lehman), VW tolerated, if not encouraged, a level of corporate governance deception that would draw a raised eyebrow from Bernie Madoff.

Ferdinand Peich, the VW Chairman until this past April, exerted such control over the Board of Directors that he forced the appointment of his former nanny (now his 4th wife) to the Board of Directors. Her only prior experience was teaching kindergarten. With two children of my own, I deeply respect the role of teachers, but this appointment doesn’t pass the proverbial corporate smell test.

And then we have the new economy’s automotive darlings, Tesla and its CEO Elon Musk. The Tesla Board of Directors has adopted a fairly detailed set of Corporate Governance Guidelines. In its annual proxy statement, it details the criteria for board nominees, which they say, “must reflect a Board that is comprised of directors who (1) are predominantly independent, (2) are of high integrity, (3) have broad, business-related knowledge experience at the policy-making level in business or technology, including their understanding of Tesla’s business in particular, (4) have qualifications that will increase overall Board effectiveness and (5) meet other requirements as may be required by applicable rules, such as financial literacy or financial expertise with respect to audit committee members.”

Tesla also completes an annual evaluation of its board and each of its members, and according to the proxy, these evaluations are considered by the Nominating & Governance Committee as part of their annual recommendation for board nominees. Based on the observable factors related to board governance, Tesla has modern, efficient, and effective governance structure, which stands in stark contrast to that of VW. The Tesla Model S has been described as a vehicle built around an iPad – where software is a driving force for ongoing innovation long after the consumer drives it off the lot. Like its governance practices, Volkswagen’s approach to software is painfully archaic.

Comparing the two company’s public disclosures is like test driving the Model S followed by a 1974 Volkswagen Thing. While driving the Thing might make some nostalgic, it won’t be a comfortable ride and even Lloyds of London would balk at the idea of a warranty. As vehicle consumers have done with their choice in cars, it’s time for investors to demand more from companies. Interestingly, the German institutional investors seemed more in tune with the failings at VW than their US and foreign counterparts. At the time the VW emissions scandal was discovered in September, just 2% of the company was owned by German institutions—while more than 26% was held by foreign institutions.

It is time that all institutional investors require more rigorous corporate governance, not government regulation. This should include disclosures as to why each board member was selected and metrics for board performance. Institutions should require more robust minimum requirements, before they invest, and insist on continued adherence or withhold their support from company board nominees and other proposals the company puts before shareholders. The investing public cannot rely on ISS as the sole gatekeeper. We need global institutional rigor to insist on sound governance practices.

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy.

CBE Privacy Settings

When you visit a website, it may store or retrieve information on your browser, mostly in the form of cookies. Control your personal Cookie Services for our website here.

These cookies are necessary for the website to function and cannot be switched off in our systems.

In order to use this website we use the following technically required cookies wordpress_test_cookie wordpress_logged_in_ wordpress_sec

Decline all Services
Accept all Services