Holly J. Gregory is partner at Sidley Austin LLP. This post is based on her Sidley memorandum.
Boards function in a complex and dynamic business setting in which stakeholder expectations and demands for board attention are expanding. The challenges of operating through the COVID-19 pandemic in an uncertain environment continue to be felt as companies anticipate a new post-pandemic normal. Companies face pressure on multiple fronts, including resistance to returning to in-person work in a highly competitive talent market, supply chain bottlenecks and inflation, the potential for a global and national economic slowdown, and increasing risk of cyberattacks, unusual climate events, and regulatory action (including antitrust enforcement and taxation), all in an atmosphere of heightened scrutiny of board oversight.
Ensuring that directors are well-positioned to satisfy their oversight responsibility requires periodic assessment of board agenda priorities and the related structures, processes, and controls that are in place to ensure that the board is well-informed on a timely basis of matters requiring attention. This post summarizes directors’ duty of oversight and highlights issues that are likely to require significant board attention in 2022, including:
- Strategy and risk.
- Corporate purpose and environmental, social, and governance (ESG) matters.
- Human capital and workforce issues.
- Shareholder engagement and activism.
- Crisis management.
- Board-management relationships and board culture.
Duty of Oversight
While the board is responsible under state corporate law for the direction and management of the company, it typically delegates significant authority to the CEO and senior management to run the business. Once the board has delegated broad authority, its primary responsibility is to oversee management’s performance (while attending to areas that are not delegated to management, such as governance matters, CEO compensation and succession, retention and oversight of the independent auditor, approval of major transactions, determination of dividend payments, and bylaw amendments).
Board oversight involves the continual inquiry by directors into whether the board’s delegation of authority to management is reasonable, and whether the board has received sufficient and accurate information from management to make that determination. Typical areas of oversight include strategic initiatives, financial performance and the integrity of financial statements and accounting and financial reporting processes, risk management, and compliance.
Boards have a responsibility to identify and monitor risk and compliance on an ongoing basis, and they must do so rigorously with respect to mission-critical risks. This requires that the board understand the risks associated with corporate strategy and business operations, the risk management and compliance systems that are in place, and the information and control systems that are designed to bring risk and compliance issues to management’s and the board’s attention. Boards need to be prepared to act on risk and compliance issues as they arise and should attend to the board’s own structure and processes for oversight of risk and compliance.
A majority of public companies vest oversight responsibility for the full range of corporate risks in their audit committees, which, as required by stock exchange listing standards, are populated by individuals with financial literacy, but who may not have experience with non-financial risks. Freestanding risk or compliance committees are relatively rare, as are committees focused solely on the environment, health, and safety. According to a 2020 National Association of Corporate Directors (NACD) survey of Russell 3000 companies, approximately 9% of boards have risk committees, approximately 4% have separate compliance committees, and 4% have environment, health, and safety committees (NACD, Inside the Public Company Boardroom (Oct. 30, 2020), available at nacdonline.org (login required)).
Boards should evaluate whether they are appropriately structured for risk and compliance oversight, and should also review periodically the information and control systems designed to ensure that relevant information is brought to the attention of management and the board in a timely manner. Given its already heavy workload, the audit committee may not be ideally positioned to focus on mission-critical risks at the level required.
Strategy and Risk
The board should remain focused on providing guidance and oversight, with the majority of its time reserved for discussing corporate strategy and assessing the quality of management’s performance, including management’s focus on business continuity, opportunities, and risks. The board plays a key role in assisting management in understanding and focusing on the risks associated with corporate strategies, the drivers of corporate performance, and the business and political environment, determining the company’s risk appetite, and devoting appropriate resources to risk identification and management activities. In light of recent Delaware case law emphasizing the role of the board with respect to mission-critical risks (see Box, Director Liability for Failure of Oversight), board attention to the fundamental drivers of the business, the most critical risks facing the company, and how those forces may be impacted should account, along with strategic matters, for a significant portion of the board’s agenda.
Issues of strategy are increasingly intertwined with issues of corporate purpose and ESG matters (see below Corporate Purpose and ESG Matters). For example, given the intense focus of investors and regulators on climate change, corporate commitments to carbon net zero by 2050 (or earlier) are increasing. For many companies, a shift to a carbon neutral future will require a significant change in operations, and may even require an exit from certain businesses. Boards, together with management, should consider the strategic options and alternatives, including the potential for investing in alternative business lines. Similarly, rising concerns about privacy and social justice issues may have strategic importance for companies in certain industries.
Director Liability for Failure of Oversight
Directors can be held liable for failing to provide oversight. While this type of legal claim has typically failed, it is more frequently surviving a motion to dismiss.
For example, a failure of oversight claim recently survived a motion to dismiss in In re Boeing Co. Derivative Litigation (2021 WL 4059934 (Del. Ch. Sept. 7, 2021)). This decision provides guidance on the indicators of active oversight of critical risks that courts expect to see, and that, if absent, support a claim against directors. In Boeing, the shareholders alleged that Boeing’s directors failed to oversee safety issues relating to software problems with 737 MAX aircraft that were known to management. Supported by information received from the company in response to a books and records demand and publicly available committee charters, the shareholders alleged that:
- No board committee was specifically tasked with overseeing airplane safety, and every committee charter was silent with respect to airplane safety.
- The audit committee focused on financial and production risks, and not on airplane safety risks.
- The enterprise risk visibility process overseen by the audit committee focused on financial and production risks, and did not specifically emphasize airplane safety.
- The board’s yearly updates on compliance did not address airplane safety, and airplane safety was not a regular agenda item at board meetings.
- Management did not report to the board on safety issues, and the board did not have a means of receiving internal reports and complaints about safety, including whistleblower complaints.
The court found that the plaintiffs had pled sufficient facts to support claims that the board had completely failed to establish a reporting system for airplane safety and had ignored red flags about airline safety issues.
In early November 2021, a proposed settlement between current and former directors of Boeing and company shareholders was filed with the court. Under the terms of that settlement, the directors would pay $237.5 million (largely covered by insurance), a record amount for a failure of oversight case. The proposed settlement also requires the company to have at least three directors with safety-related experience and an additional director with aviation/aerospace, engineering, or product safety oversight expertise within one year.
The board should:
- Ensure that a considerable proportion of board time is focused on strategic issues, including specific strategic plans and transactions, and the company’s broader long-term direction.
- Consider with management what opportunities are likely to emerge in the current environment, how issues of corporate purpose and ESG relate to corporate strategy, and what opportunities and risks arise from the heightened attention to stakeholder interests and ESG, including climate change.
- Understand the risks associated with strategic decisions and operations, and the processes management has in place to identify, monitor, and manage risk.
- Monitor management’s performance in carrying out the strategy and managing associated risks.
- Reach a well-informed business judgment about what compliance, safety, or other risks might be mission critical.
- Consider whether the board has clearly delegated to a committee the responsibility to assist in oversight of mission-critical risks. Committee charters should clearly reflect this responsibility, and committee members should have appropriate experience (or access to appropriate expertise) and receive relevant information.
- Review the reporting processes that ensure information about mission-critical risks (including compliance) is brought to board and committee attention in a manner that is clear, easy to understand, and not unduly dependent on management discretion. The board should consider engaging a third party to assist in reviewing these information and control systems.
- Regularly discuss risk and compliance, including mission-critical risks, at board and committee meetings, with the board reviewing the company’s enterprise risk management and mission-critical risks at least annually.
- Ensure that board and committee agendas, minutes, and meeting materials reflect discussions of risk and compliance issues related to ongoing oversight, periodic reviews and deeper dives, and special situations.
- Hold management accountable for creating and maintaining a corporate culture that prioritizes achieving the company’s purpose with integrity and professionalism, and for implementing and maintaining compliance, risk management, and information and control systems that are fit for purpose.
Corporate Purpose and ESG Matters
In an environment of rising expectations about the role of companies in society, boards should remain focused on ensuring that the company innovates in providing goods and services in a way that meets the fair expectations of a range of stakeholders. Shareholder primacy rhetoric is being replaced by a broader recognition that, for shareholders to profit in the long term, a range of other stakeholders and interests must be satisfied (see Business Roundtable, Statement on the Purpose of a Corporation (Aug. 19, 2019), available at businessroundtable.org; for more information, search The Corporate Purpose Debate and The Modern Standard for Corporate Responsibility: Business Roundtable’s Redefinition on Practical Law).
This shift has not changed directors’ legal accountability. Fiduciary obligations to act in the best interests of the company and its shareholders remain the same. However, directors have considerable discretion (outside of sale of control transactions) to consider non-shareholder interests, as long as there is a plausible connection to a rational business purpose that ultimately is intended to benefit the company and its shareholders over the long term.
The broader view of corporate purpose is related to growing interest by investors, customers, employees, and regulators in ESG matters. Concerns about climate change, the COVID-19 pandemic, and racial and other inequity have focused attention on environmental and social issues. Many stakeholders are looking to companies for help in finding solutions (for more information, search Addressing Social Justice Issues: Implications for the Board on Practical Law). Connecting these efforts to the company’s unique purpose and strategies will help to ensure that these activities are undertaken consistent with the best interests of the company, and the enhancement of long-term shareholder value.
How a company addresses ESG matters is increasingly viewed as linked to its resiliency in the face of crisis and its ability to create value over the long term, and as a matter of strategic importance. In their consideration of corporate strategy, boards and management need to assess how ESG issues, such as climate change, privacy, or other social concerns, could impact the business and the options for addressing these issues.
The dramatic increase in investor interest in and support for both ESG initiatives and enhanced disclosure of these initiatives shows no signs of abating. Investors are continuing to seek greater transparency about ESG issues, and both investors and proxy advisors are scrutinizing disclosure. Shareholder proposals on ESG matters are receiving higher votes, and shareholder activists are pointing to ESG vulnerabilities in their campaigns, including a lack of expertise on the board regarding key ESG-related risks.
Many large institutional investors believe that strong performance on ESG issues is related to value creation, and they are more frequently seeking to engage with companies on environmental and diversity, equity, and inclusion (DEI) issues. They are more likely to vote in favor of environmental and social shareholder proposals than in the past, which accounts for the record number of these proposals that received majority support in 2021. Of the environmental and social shareholder proposals voted on through June 30, 2021, 20% received majority support, up significantly from 12% in 2020 (EY Americas Center for Board Matters, What Boards Should Know About ESG Developments in the 2021 Proxy Season (Aug. 3, 2021), available at ey.com). Investors are also voting against directors due to ESG issues, such as their failure to act on climate concerns, a lack of board diversity, overboarding, or a lack of independence.
The company should take special care with its ESG disclosure to ensure accuracy, because inaccurate disclosure can give rise to SEC enforcement actions and securities fraud claims (asserting that a stated ESG commitment was false based on the failure to take actions consistent with the commitment), and will also be scrutinized by shareholder activists (for more information, search Oversight of EESG Disclosure on Practical Law).
The board should:
- Understand how management is ensuring that stakeholder considerations and ESG matters are integrated into strategic and business decisions, as well as enterprise risk management. This includes consideration of appropriate
- metrics to measure performance against goals, ensuring that
- disclosure controls and procedures are designed to support both voluntary and mandated ESG disclosure, and the degree to which management compensation should include some element of ESG incentive-related compensation.
- Review how the board, including board committees, provides appropriate oversight of ESG matters.
- Consider articulating a company-specific statement of purpose that describes how the goods or services the company provides, and related corporate activities, serve the interests of stakeholders and the broader social good, and consider how to use this articulated purpose as a guide for corporate decisions. Discuss with senior management how they:
- view the specific purpose of the company;
- consider the interests of key stakeholders (such as customers, suppliers, and employees) in pursuing actions in the long-term best interests of the company and its shareholders; and
- engage and communicate about these issues with key stakeholders.
- Discuss with management:
- their efforts to reassess business practices to identify unintentionally discriminatory practices, for example, in the treatment of customers;
- the contours and objectives of ESG efforts, including support for education, health care, food security, supplier diversity, and social justice; and
- ESG disclosure and related materiality considerations in the company’s SEC filings, in corporate responsibility or sustainability reports, and on the corporate website.
- Set standards and policies regarding sustainability and social responsibility, including environmental issues, lobbying and political contributions, and human rights.
- Stay informed of developments and trends in ESG disclosure, including SEC statements and guidance, statements by significant institutional investors, shareholder proposal trends, activities of nongovernmental standard setters, peer company benchmarking, and federal legislation.
Human Capital and Workforce Issues
The COVID-19 pandemic, together with the shift to a knowledge-based economy, highlighted the value of human capital and triggered changes in business needs, work preferences, the market for human capital, and associated risks (for example, cybersecurity and compliance). Human capital management issues are critical to corporate culture, and are a key area for board oversight. These issues include:
- Talent management, including employee recruitment, promotion, and retention.
- Employee health and safety.
- Fair compensation and benefits, including minimum wage, pay equity, and paid leave.
- DEI at all levels of the company.
- Training and career development initiatives.
- Workforce management issues, including layoffs.
- Efforts to combat discrimination, harassment, and bullying.
- Treatment of whistleblowers.
Human capital measures will continue to be a major focus during the 2022 proxy season, given the high level of investor interest in these matters and the enhanced disclosure about human capital resources required by recent amendments to Regulation S-K. This includes a discussion of the human capital measures or objectives the company focuses on in managing its business, to the extent material to an understanding of the company’s business taken as a whole.
In addition, management succession continues to be a key board priority, and boards should review emergency succession plans for the CEO and other key officer positions to ensure they are up to date.
The board should:
- Understand through discussions with management how the current market for talent is affecting the company, including the impact of return-to-work policies, and how management is addressing any labor difficulties or shortages, including plans to invest in worker training, wages, and benefits.
- Set a tone at the top through communications and policies designed to protect employee well-being and support DEI.
- Discuss with management their efforts to:
- improve DEI in the workforce, including at senior levels, and pay and opportunity equity (such as access to training and promotions); and
- protect against discriminatory practices in the hiring, pay, and promotion of employees.
- Focus on the corporate culture, emphasizing expectations that management will foster within the company a culture of ethical behavior, fair dealing, respect for DEI, and integrity.
- Oversee management’s efforts to educate personnel about the corporate code of conduct and expected standards of behavior.
- Determine appropriate incentives to attract and retain leaders and to align key executives with performance expectations.
- Consider whether incentive plans need to be reworked to ensure that appropriate behaviors are encouraged.
Shareholder Engagement and Activism
The onus is on boards and senior executive teams to inform and engage with shareholders about corporate purpose and strategy, key board decisions, and the rationales for those decisions. Engagement provides an opportunity to gain insight into shareholder viewpoints, which can be valuable in formulating approaches to corporate strategy, ESG issues, and other matters. While directors should consider shareholder viewpoints, they cannot defer to those viewpoints, but must always make informed business judgments that they believe are in the best interests of the company.
One benefit of building trust and relationships with key shareholders based on transparency and understanding is that shareholders may be more willing to support the board and management in the face of shareholder activism and other pressures. With increased volatility in the stock market, and as hedge fund war chests continue to grow, hostile takeover activity and other shareholder activism threats are increasing. Boards can expect activists to exploit the enhanced vulnerability of target companies. The same applies to unsolicited takeover bids by well-capitalized strategic buyers.
The board should ensure that the company is positioned to respond, including through a review of takeover and activist preparedness with financial and legal advisors. This includes a review to ensure that the company has an appropriate team and communications protocols, state-of-the-art bylaw protections, and an up-to-date poison pill on the shelf (for more information, search Stockholder Activism and Takeover Defenses Checklist on Practical Law). If the company is approached by an activist, the board and management should consider the issues they raise and not automatically default to a defensive mode.
The board should:
- Actively oversee and participate as appropriate in engagement with key shareholders, with an emphasis on listening and learning about shareholder viewpoints and developing enduring relationships.
- Seek to understand key shareholders’ views about corporate purpose, which is often intertwined with ESG issues, such as climate change, DEI, and corporate culture.
- Stay informed of proxy advisor perspectives (without assuming that they necessarily reflect the views of the company’s shareholders).
- Consider with management how various types of shareholder activists are likely to view the company, including its strategies and governance practices, to identify vulnerabilities.
- Confirm that management is monitoring changes in stock ownership.
- Update or activate defense preparation plans with management, including by identifying special proxy fight counsel, reviewing structural defenses, putting a poison pill on the shelf, and developing a “break the glass” communications plan.
Crisis Management
Every board is likely to face a crisis that requires it to become more actively engaged in overseeing management’s response or even in developing and undertaking the response itself if the crisis involves issues of management integrity, credibility, or capacity. To prepare the company to react quickly and with assurance to a crisis driven by external or internal events, the board and management should consider sources of potential crises and develop plans to address them. Embedding crisis preparedness in board and company culture can help reduce the inevitable tensions that arise when a company is under significant pressure.
In most circumstances, management will address the crisis on a day-to-day basis and handle crisis-related communications, but the board should expect to meet more frequently and be kept up to date. Directors should understand what is known and not yet known, what management is doing to investigate the matter further, who the crisis team is both within management and with respect to key advisors, and what management plans to convey in its communications and high-level messaging. The board (and management) should avoid making statements that assume a positive outcome before there is full visibility into the situation.
However, in matters that involve management conflicts of interest or integrity, the board must take a more active role, usually through a current or special committee comprised of independent and disinterested (unconflicted) directors. The board should engage counsel and potentially other advisors, direct counsel in the investigation of the facts, and avoid making statements in the early stages of the investigation about confidence in management or an assumed positive outcome.
If a crisis occurs, the board should seek to ensure that the attorney-client privilege will not be waived (to the extent appropriate). Both regulators and auditors may expect to be informed early of the issue and what the company is doing to investigate, and the board should seek guidance from counsel on this. Consideration should also be given to how to engage with employees, customers, suppliers, regulators, and shareholders, so that the company speaks with one voice. Once all the facts are known, and the immediate crisis has been addressed (including through reports to regulators, disciplinary action, or both), the board should consider whether compliance or control systems should be strengthened.
To prepare for a crisis, the board should:
- Consider whether the company has:
- business continuity plans that are appropriate to the potential risks of disruption identified, including through a discussion with management of relevant contingencies. The board should continually reassess the adequacy of the plans in light of developments; and
- an up-to-date crisis management plan to assist the company in reacting appropriately, without either under- or over-reacting.
- Ensure it can act effectively when a crisis occurs by embracing governance structures and practices that support a board culture in which consensus can be readily achieved after full and informed discussion, independent viewpoints are respected and valued, and confidentiality is protected.
Board-Management Relationships and Board Culture
While the board monitors management’s performance and provides direction, it should also act as a sounding board for management to test and hone ideas and as a resource for expertise. Strong board-management relationships require a constructive and respectful give and take, a recognition of the distinction between board and management roles, and transparency grounded in the expectation that management will deliver bad news promptly. The board needs to develop a strong working relationship with the CEO and other members of the management team, and at the same time be able to provide constructive guidance and criticism.
Similarly, the board needs to develop its own culture of trust, respect, and openness. The ability to bring objective judgment to bear and to express and consider diverse viewpoints while working toward consensus is necessary. As part of their annual evaluation and re-nomination processes, boards should consider whether their composition is appropriate or requires refreshment. Board composition and refreshment are under increased scrutiny by shareholders (including activists), who are paying closer attention to director qualifications and diversity, and are scrutinizing company disclosure on this topic. Large institutional investors continue to view board diversity as a key priority, and various states and Nasdaq have imposed diversity requirements for boards.
The board should:
- Ensure clarity in the delegation of authority to management, in communicating expectations for performance, and in related incentive compensation structures.
- Offer management the benefit of the board’s collective expertise, but remember that the board oversees management and should not dictate actions that are clearly within management’s purview.
- Recruit highly qualified directors with relevant expertise who can satisfy the requisite time commitment, taking into account diversity considerations.
- Consider board refreshment mechanisms, including age and tenure limits, and review individual director evaluations.
- Avoid treating the re-nomination decision as a foregone conclusion, and base re-nomination decisions on an assessment of relevant expertise, ability to make the necessary time commitment, and actual performance.
- Evaluate board and committee leadership, and consider rotation of leadership positions and committee membership, ensuring that leadership is in place to provide a strong yet supportive counterweight to management.