Governance, Risk and Compliance

How to Manage Risks in Incentive Compensation Plans

June 9, 2019

Partnering with The Risk Management Society, we hosted a webinar on compensation risk management, discussing how to balance risk management programs and strategies with compensation that attracts and retains talent and achieves organization goals. Most executive compensation plans incentivize performance around revenue growth and shareholder value, and compensation reflects that. Typically, incentive compensation may include components like:

  • Bonuses based on achievement of goals
  • Equity or stock-based compensation
  • Benefits and other perks

This incentivization strategy aligns with the organization’s objectives by motivating executives to focus on innovation grow revenue for the company and its create value for its shareholders. However, these strategies may not align with the organization’s long-term objectives as sales and revenue are typically shorter term goals and might not be sustainable.

3 risks to consider in executive compensation

  1. Unchecked targets. Sometimes an incentive-based compensation strategy can result in innovation from executives to grow revenue for the company and its create value for its shareholders. However, these strategies may not align with the organization’s long-term objectives as sales and revenue are typically shorter term goals and might not be sustainable.
  2. Lack of proper communication. Failure to obtain executive or board input to clearly define performance goals and any changing performance standards can result in the implementation of a poorly drafted compensation plan.
  3. Poor monitoring/updating of compensation programs. Organizations must regularly review compensation policies and plans to confirm that they reflect current goals including meeting risk management objectives.
Learn how to prove the value of an ERM program. Watch the webinar on-demand

10 ways to mitigate risks associated with incentive compensation plans

  1. Keep plans simple and relevant.
  2. Focus on the long term.
  3. Get, and keep, the board involved.
  4. Ensure that the culture of risk taking is appropriate and the right tone at the top is in place.
  5. Have regular internal audits to review the program independently and objectively.
  6. Have the compensation committee meet with the risk committee regularly to discuss major enterprise risks and the organization’s risk appetite to determine any significant inherent risk within or without the organization, and if that may interact with the compensation program.
  7. Make risk adjustments to the bonus program: Consider whether the organization and the management team operated within the designated risk appetite/framework for the organization.
  8. Put a cap on the amount of incentive compensation that can be earned.
  9. Create a clawback policy. Implement forfeiture of any unvested awards or unpaid compensation in the event that an executive breaches a contract or a particular policy.  Laws like Sarbanes Oxley & Dodd Frank may give guidance.
  10. Consider the following risk metrics when determining financial incentives: Anything that impacts value, such as financial metrics, quality, customer satisfaction, sustainability, health and safety; and the organization’s mission and long-term value.

To address compensation risk management, the board and/or compensation committee should discuss risk management programs when reviewing compensation practices, industry trends, and risk mitigation practices of organization peers. A good risk management program should allow a organization to take on more risk comfortably and report on data faster, including data on incentive compensation. Risk managers are facilitators: they ensure that risks are identified, assessed, and reported consistently, so that management and the board have good information to make informed decisions, and they make sure that good risk management becomes part of the fabric of the organization.

Interested in how Resolver’s enterprise risk management software can help you? Request Your Demo Now

About the Author


Discover Resolver's Software

Incident Management Software

Protect your organization and prove your security team’s value with Resolver’s Incident Management application. Improve data capture, increase operational efficiency, and generate actionable insights, so you can stop chasing incidents and start getting ahead of them.

Enterprise Risk Management Software

Provide your organization’s board and senior leaders a top-down, strategic perspective of risks on the horizon. Manage risk holistically and proactively to increase the likelihood your business will achieve its core objectives.

Regulatory Compliance Software

Save time by monitoring all regulatory compliance activities, providing insights into key risk areas, and then focusing resources on addressing regulatory concerns.