Simon Nicholas, Director at KPMG, suggests that rapidly-changing times mean businesses need to review what’s discussed around the table in their boardrooms
As a document, the board agenda can often be a standard list of items that recur at every meeting, rarely updated from one gathering to another. Whilst certain items need to be addressed regularly, a good board will be thinking ahead with its eyes firmly on the future strategy and direction of the business.
To achieve this, especially in times of fast-moving political, economic and technological change such as we have today, the input into these meetings needs to be much more dynamic. The agenda document itself should act as a barometer to new challenges, triggering debate on all relevant influences and developments.
So what should be on that agenda for 2017? KPMG’s recent work with directors and business leaders has provided us with interesting insight into seven key emerging themes for businesses in the new Brexit/Trump landscape.
Connecting and calibrating strategy and risk is more important – and more challenging – than ever
The seismic political events in the UK and the US in 2016 took many of us by surprise and left a lot of businesses scrambling to understand their potential impacts, especially in the Isle of Man. Technological advances, the evolution of new market demographics, increasing customer and employee expectations are all putting a premium on corporate agility. Does management have an effective process to monitor changes in the external environment and test the continuing validity of strategy and risk assumptions? Does this process provide early warning that adjustments may be necessary? Strategy needs to be an ongoing board discussion, not an annual decision.
Developing and executing strategy based on total impact
The growing expectations of investors, customers, employees and other stakeholders mean that the corporation’s role in society is coming under increasing scrutiny. Boards need to consider the full impact of implementing strategy including financial, reputational and regulatory impacts as well as the effect on resources and talent.
Aligning the talent in the boardroom with the company’s strategy and future needs
Once the strategy is defined, the board should embrace any change that is needed and ask itself whether it has the skillsets needed to guide the business to future success and delivery the strategy.
Focus on the tone from the top, culture and ethics
Many of the crises that have posed the most damage to companies – financial, reputational and legal – have been caused by a breakdown in the organisation’s tone at top, or its culture and incentives. Boards need to be sensitive to the example set through leadership and reinforce what they want to see in the organisation’s culture.
Reassessing the company’s crisis prevention and readiness efforts
Changing external environments demand that crisis prevention, mitigation and response plans are regularly reviewed. Boards need to ensure there is clear identification and understanding of risks across the business, including supply chain and outsourcing, and that controls and procedures are in place to deal with the worst should it happen. Mock crisis exercises are invaluable in helping companies work through gaps in planning and boards should expect to be included and apprised of their evaluation.
Reassessing the company’s shareholder engagement programme
Institutional investors are increasingly holding boards accountable for company performance and seeking greater transparency, including direct engagement with independent directors. Boards need to know how management engages with shareholders, how their priorities are understood and what information and access they seek and are given.
Refining and widening boardroom discussions about cyber risk and security
It is essential for board oversight of cyber risk to evolve in the face of the increasing number and sophistication of attacks. Boards should help elevate the company’s cyber-risk mindset to an enterprise level, encompassing key business leaders and ensuring that cyber-risk is managed as a business risk, not just an IT risk. The board should also ensure there are robust cyber security policies in place, weak points have been identified and protected, and that sufficient training is given.
If you also sit on an audit committee or interact with one, KPMG have launched their 2017 Audit Committee reminders, see www.kpmg.co.im