Corporate Risks: What Do Corporate Leaders Worry About?
This column may be another example of what I call — “ A profound grasp of the obvious.” The answer to the question of this column is easy according to everyone – financial performance, quarterly results and shareholder value. So is that all on the mind of corporate leaders?
We all know the problems created by executive compensation schemes and the short-sighted management perspective that such schemes create. The Dodd-Frank Act focused on reforming this process but so far there has been little change in the macroeconomic trend – corporate executive compensation levels are still high and continue to skew management incentives towards the short-term over the long-term.
Aside from the obsessive focus on short-term financial performance, senior management consistently cite four major risks: data privacy, electronic data protection, conflicts of interest and foreign bribery. Underlying many of these issues, corporate leaders are fast understanding the benefits and dangers of social media, which increase many ethics and compliance risks.
In response to this constellation of risks, companies are devoting more time to enterprise risk management systems which help to place these risks in context of other organizational risks. This is a very helpful exercise because it helps an ethics and compliance officer to assess the relative importance of the risks for which he or she is responsible. From an organizational standpoint, it is important for senior management to allocate resources to address the risks and provide a clear strategy to respond or to prepare for possible risks.
Based on this analysis, an ethics and compliance program will benefit from proper positioning. For too long, ethics and compliance programs have suffered from neglect and lack of resources. That picture is quickly changing – companies are spending on average more money each year for ethics and compliance programs. Companies have a long way to go and it will take years of consistent support to elevate an ethics and compliance program to its proper place.
As to the list of major worries, companies are facing major risks in the data privacy and electronic data protection areas. It is an issue which requires careful assessment and remedial measures. The consequences of a breach or a violation of personal data can be disastrous from a financial and reputational standpoint.
Congress is examining – yet again – the possibility of a new federal law which would preempt state laws protecting against data breaches. Businesses want relief from the patchwork of state laws and regulations but the deal offered by Congress may be too hard to swallow. Whatever happens in this area, there is no doubt penalties and negative media attention to data breaches and privacy violations will increase.
Similarly, anti-corruption enforcement is here to stay and will increase as international enforcement and coordination increases. More countries are passing laws which establish corporate liability for foreign bribery – the means by which countries can impose penalties against companies for bribery violations.
Finally, the increased focus on conflicts of interest represents the beginning of an important trend – liability for corporate governance miscues and failings. The Justice Department and the SEC have demonstrated an aggressive approach to senior management liability. As they climb the corporate ladder, directors are next on their target list. Corporate governance regulation is also bound to increase. Conflicts of interest undermine corporate governance principles. Shareholders are ready to take on corporate boards for such undisclosed or substantial conflicts of interest which undermine the governance process.