Seven Smokin’ Hot Buttons

by Laura J. Finn

With economic turmoil in 2009 and many shareholder rights expected to be legislated in 2010, board members have an ever-increasing number of things to think about and plan for. Say-on-pay, majority voting, elimination of staggered boards, shareholder nomination of directors, and the trendiest word of late, risk, are examples of what’s on directors’ minds. The seven biggest worries right now? Take a look.

Risk—Managing it, what it is and isn’t, and committees that should and shouldn’t handle it.

The word risk has a broad range of meaning, and the term is bandied about in corporate America as much as healthcare is in Middle America. Yet, risk shouldn’t be a reduced to a buzzword or a single committee, but rather it should be considered as a managed process that is discussed yearlong. “Directors are asking, ‘What’s my job? How do I get my arms around risk, and what’s management doing to mitigate risk?’” Keith Higgins, partner, Ropes & Gray LLP, tells Corporate Board Member. “Directors have to talk to the CEO and get the CEO to put risk analysis on every agenda. All the math whizzes built great risk models and they were not maybe as predictive as people thought.”

Moreover, risk management should not be viewed in and of itself. Bernard C. Bailey, chairman, LaserCard Corp., a secure ID provider, and director on the boards of EF Johnson Technologies, Telos Corp., and Spectrum Control, doesn’t look at risk management as something you put into a separate box. “It permeates every function within the enterprise—legal, operational, financial, liquidity, marketplace, fraud,” he says, emphasizing that the risk conversation has to be expanded to the whole board. “There is tremendous value in integrating the board and getting collective wisdom,” he opines, noting that the board has a heightened role in knowing its fiduciary duties and understanding its commitment to risk management oversight. “We have to be careful we’re not jumping on another ‘trend’ called risk management, and that you don’t just put a committee together.”

Just because boards are spending more time on risk management, shareholders shouldn’t expect companies to stop taking risks, or for risk to disappear. Sullivan & Cromwell partner James C. Morphy says he worries that in some cases, risk management might be marginalized by the fact that it’s been given its own label. ““Like a lot of things, ‘risk management’ now has a name and has become its own ‘topic’ instead of something that was simply assumed to be part of the decision making process. But I worry about casually bandying about these types of highly generalized labels,” he says, noting that some references to risk management may sound as if the risk disappears. “Business is built on taking risks and we shouldn’t lose sight of that. You want business plans to be well thought out and the risks weighed, but, at the end of the day, there is risk—no matter how much thought and planning goes into it. It’s inherent in business. People have to use the term and apply with this reality attached to it,” he cautions.

So how should a board examine risk and feel comfortable taking on some level of managed risks? “Understand where the vulnerabilities are. There’s a sense of discomfort among directors when they’ve seen so many companies get into trouble with problems that weren’t even on the radar,” advises Catherine Bromilow, partner, Corporate Governance Group, PricewaterhouseCoopers LLP. “Talking about risk with management is best—you need the whole board to hear [those discussions]; and you need compensation and audit committees to interact around risk.” In board meetings, Julie H. Jones, partner, Ropes & Gray LLP, recommends that directors view themselves as activist directors. “It’s hard to figure out the questions you’re not asking, so ask lots of questions and pull on every thread you can.”