Board Risk Oversight: Bridging the Corporate-Investor Governance Divide

The TakeAway: New International Corporate Governance Network risk oversight guidelines emphasize joint corporate and investor accountability.

Bacon and eggs.  Oil and vinegar.  Peanut butter and jelly.  Corporate and investor governance.  The first three duos are well known, but few appreciate the last pair—though a release from last week’s San Francisco Summit of the International Corporate Governance Network sheds light on the link.  Last Thursday, ICGN (a 500-member nonprofit representing 50 countries, with combined assets of $9.5 trillion) unveiled its Corporate Risk Oversight Guidelines.  “Boards and shareholders have a joint responsibility to engage in substantive and effective communication on corporate risk oversight,” states the Preamble.  Doing this well requires that “active, informed, constructive and periodic communication between boards and shareholders … be founded upon an appropriate and comparable level of respect, trust, seniority, skill and professionalism between investors and companies.”

While the corporate – investor governance connection seems obvious, the two realms usually are judged separately—but not at ICGN.  As Executive Director Carl Rosén put it, “Risk management has long been the duty of the management, but risk oversight from boards and investors has been a blind spot when it comes to procedures.  Risk oversight is defined as the board’s supervision of the risk management process” [emphasis added].

Stephen Davis, Executive Director of Yale’s Millstein Center for Corporate Governance and Performance, says that, by design, the principles are aspirational and process-based, therefore applicable across the spectrum of current and future issue areas.  This “architecture of risk governance” rests on three assumptions, later elaborated in the Guidelines separate sections:

  • The risk oversight process begins with the board, which must oversee management’s implementation of strategic and operational risk management;
  • Corporate management is responsible for developing and executing an enterprise’s “strategic and routine operational risk program”; and
  • Shareholders, directly or through designated agents, have a responsibility to assess and monitor the effectiveness of boards in overseeing risk at the companies in which they invest, and to determine what level of resources they will dedicate to this task.  Investors are not themselves responsible for risk oversight at corporations.

Davis and Erik Breen of Robeco served as co-chairs of the ICGN’s Taskforce on Corporate Risk Oversight, which drafted the principles for comment earlier this year; Davis is a long-time advocate for shareholder stewardship—and a founding member of ICGN in 1995.  “The ICGN guidelines are not designed to identify any particular type of risk,” he told the Murninghan Post.  “Instead, they recommend channels and best practices that enable investors to judge if a corporate board is truly overseeing risks—whether they be related to climate change or executive pay.  ICGN expects to add best examples over time of companies that well describe their risks and offer meaningful routes for investor dialogue.”

Aimed at a global audience, the ICGN guidance (a short version is freely available; the full version costs $50) builds on its 2009 Global Corporate Governance Principles and 2007 Statement on Institutional Shareholder Responsibilities.  The Guidelines state that boards should disclose risk oversight challenges that may have emerged over the reporting period – say, for example, an oil rig explosion – including action taken to address them, both current and future.  Moreover, boards should maintain communication channel with investors for periodic dialogue on governance matters, including the board’s role in risk oversight. “Plus, we spell out that Investors must engage and devote resources to assure themselves that risks are in fact overseen by boards,” Davis said.  The Guidelines end with two sections on investor responsibility and board disclosure, which set a high performance bar.

We applaud ICGN’s Risk Oversight Guidelines, which breaks new ground in helping to bridge the corporate / investor governance divide—and improve culture and behavior on both sides.

This entry was posted in Corporate Governance, Corporate Reporting, Investor Governance and tagged , , , , , , , . Bookmark the permalink.