Governance professionals recently gathered at the Corporate Secretary Forum – Winter in New York, hosted by Governance Intelligence, for discussions highlighting the variety of challenges they face in the coming year and offering practical solutions.
An array of experts, both on panels and in the audience, shared their insights on areas such as boards’ agendas for 2024, preparing next year’s proxy statements, risks facing companies in 2024, building a successful team of directors and how boards should be using and overseeing artificial intelligence (AI).
Below are some takeaways from the event. For more information about the Corporate Secretary Forum – Winter and our upcoming events, please click here.
Boards’ 2024 agendas
The forum began with a discussion about the issues that will feature on boards’ agenda in 2024. As usual, there is a lot to consider.
Kimberly Simpson, COO, general counsel and corporate secretary with the National Association of Corporate Directors (NACD), highlighted the potential effects on some boards of the current geopolitical landscape. NACD members had recently received a high-level security briefing at the Pentagon, followed by a discussion with a recently retired four-star general who described the situation as the most dangerous period in his lifetime.
Simpson noted that Russia’s war in Ukraine and Saudi Arabia being located near conflict in the Middle East raises concerns for boards, particularly energy companies, in areas such as supply chains and economic stability. Elsewhere, inflationary pressures appear to have eased slightly yet there remain fears of a potential recession and how that would affect companies, she added.
She also pointed to the continuing focus on cyber-security, which has been enhanced by the recent introduction of new SEC rules. Those rules, which go into effect at the end of the year, require companies to provide information to investors about material cyber-security incidents and the controls they have in place to protect against such attacks. They have been a source of discussion for audit committee chairs and there remains confusion about what best compliance practices will emerge, Simpson told attendees.
Among issues for boards to consider are other new SEC rules, including potential requirements about climate-risk disclosures, while shareholder activism has not gone away and the universal proxy remains relatively new, added to which is AI, she said.
Fellow panelist Brady Long, executive vice president and general counsel at Transocean, said boards should approach AI in the same way they oversee other risk areas. Boards are hopefully bolstering management’s and their own expertise to ensure effective oversight, he said. Most companies probably don’t have too much in-depth AI expertise and there is an opportunity for boards to bring in expertise or acquire it through learning, he commented.
There is discussion in the governance profession about the extent to which boards should recruit subject matter-specific experts on risk issues such as sustainability, cyber-security and AI. Simpson noted that members of nominating and governance committees say that having bespoke experts on the board may be less preferable than having members who are smart and more generalist. She advised boards that wish to include an AI or cyber-security expert to look for a current chief information officer (CIO) as their knowledge becomes outdated very soon after their retirement. She noted the challenges of finding a CIO who also possesses the necessary board-member skills in areas such as strategy and finance.
Long commented that new risk areas will arise every year. ‘If the way to solve the problem is to always add expertise to the board, you’re either going to run out of seats or you’re going to radically change the nature of governance,’ he told the audience.
Technology, cyber and AI top concerns
Asked to rank the significance of risks facing companies, audience members most frequently named by a large margin technology/cyber-security/AI. This was followed, in descending order, by geopolitical risk, environmental and sustainability risk, regulatory risk, shareholder activism risk and supply-chain risk.
With that array of issues in mind, Brian Short, partner with Ballard Spahr, urged governance professionals to have regular engagements with their boards on risk matters as part of their scheduled meetings. From a reporting perspective, he noted companies’ general obligations to disclose risks, to which have been added the new SEC rules on cyber-security.
Fellow panelist Seth Gastwirth, deputy general counsel and assistant corporate secretary at JLL, also urged corporate secretaries to not only obtain risk assessments for their companies but also comment on them and be flexible with them because they can quickly become out of date.
As an example, he noted that few if any companies would have had pandemics in the top 10 list of risks under their enterprise risk-management programs before the outbreak of Covid-19. Governance professionals need to be conscious that new risks will emerge during the year and should focus on their companies’ systems of controls so that people are ready to respond to new risks as needed, he advised.
Staying on track with diversity
Panelists at a later session discussed the importance of diversity in building an effective board, not just in terms of thinking and skills but also in terms of gender and race/ethnicity. In the wake of the US Supreme Court decision to essentially bar affirmative action in university admissions programs, conservative legal groups have been taking action against corporate diversity programs. A group has also challenged – thus far unsuccessfully – Nasdaq’s board diversity rule.
Leahruth Jemilo, vice president and head of ESG advisory at Corbin Advisors, said she was not concerned that such moves would upend companies’ efforts. She anticipated that the pushback would be short-lived and unsuccessful because younger generations of Americans support increased diversity. Young people want to see diversity on boards and in management, and companies that want to attract the best talent will have to focus on those areas, she told attendees.
Fellow panelist Tina Carew, associate general counsel with Invesco and general counsel and corporate secretary with Invesco Mortgage Capital, also said the pushback has not been a concern for her firm as it focuses on diversity in board recruitment.
A corporate secretary in the audience commented that her board has stopped using search firms for director recruitment because they have ‘limited thinking’ in terms of selecting diverse candidates. Instead, the board has been attending NACD and other events and using its own networks to ask specifically for creative thinkers and women of color as potential director candidates. This has led to a diverse slate of candidates, she said.
Carew said her board is also considering no longer using search firms for director recruitment.
Safety and use-case first on AI
Governance teams and boards are giving a great deal of thought to the opportunities and risks AI presents. Part of the discussion is about how to get started with the technology. Jonathan Yellin, general counsel, executive vice president and chief compliance officer with Charles River Associates, noted that for his firm there had been concern about being left behind as a business by not using AI, but that he was concerned about getting ‘over their skis’. ‘We had to understand what the goal was,’ he explained.
An AI policy is about mitigating risks the technology poses, Yellin said. As part of that, his team asked company department heads about how they wanted to use AI. They now meet regularly to discuss the ways in which it is being used and the developing regulatory framework. He described his biggest fear as confidentiality, but said he was also concerned about ethical issues such as bias in hiring. He acknowledged, however, that people are using the technology, which means he needs to engage with them.
Fellow panelist Marion Lewis, CEO of Govenda, stressed that any use of AI should be tied to a use-case. It poses a risk-versus-reward question and certain uses are inherently riskier than others, she said. For example, using AI in a medical context poses much greater risks than using it as a tool for customer services, so different standards should be applied to different use-cases.
Lewis commented that some of the key questions that need to be asked as part of developing a risk-management system include: where does the data reside? Who owns the data? What’s the track record of the vendor? Asked about uses for AI in corporate governance, she noted that a feature of a tool her firm offers is the ability to take transcripts of board meetings and create drafts of minutes that are added to the workflow. This enables what has previously been a weeks-long task to be completed in hours, she said.