- Corporate Security
- Governance, Risk & Compliance
- Information Security
In partnership with The Risk Management Society, we hosted a webinar on the topic of how incentive compensation can, and should, affect your risk management programs.
When we polled our webinar attendees on whether risk metrics are considered in part of their company’s performance plan, 55% of respondents said No. Ultimately, a good risk management program should allow a corporation to take on more risk comfortably and report on data faster, including data on incentive compensation.
Jacob: Hello, and welcome to Resolver’s sponsored webinar titled Tying Risk Management to Compensation. My name is Jacob and I’ll be the facilitator for the program today. A few notes before we begin; if you have a question for the presenters during today’s session, please submit them by writing in the question box. You can submit them at any time, but we will reserve time at the end of the presentation for Q&A. If we do not have enough time to answer all the questions, we will answer them via email after the last session. A copy of the PowerPoint presentation is available underneath the handout tab. I would like to turn today’s presentation over to our speakers: Jamie Gahunia, strategic product manager, ERN for Resolver; Brian Link, managing director for Mobius 1; Kathryn Neel, managing director for Semler Brossy, a consulting group; and Brad Tartick, senior associate Torys. Going to now turn over to our presenters.
Jamie Gahunia: Hi, everyone and thank you for joining our Resolver’s webinar. Today’s session is a panel discussion with three leaders who have insight into corporate compensation programs. So they can help us in terms of reconciling the conflicting goals of risk and reward. On one hand, we need the right levels of compensation to attract and retrain top talent as well as being able to hit organization strategic goals and objectives. On the other hand, we can market an event, shift it to our focus to whether an organization has appropriate risk management practices so it doesn’t face any negative impact, auditory reputation regulators or other stakeholders. So at the end of the session, we hope that you’ll be armed with some information on how to start conversations with your executives on adopting great risk mitigating features into your executive compensation.
Jamie Gahunia: So I want to introduce myself as moderator for today’s session. I’m Jamie Gahunia, product manager at Resolver. For those who haven’t heard of Resolver, we are one of the few recognized risk management software on Gartner’s Magic Quadrant. So this would include enterprise risk, operational risk, compliance, security, internal audit, and IT risk. To start off, I’d like to … a panelist to introduce ourselves and tell the audience a little bit about your career and experience with performance programs. So we’ll start off with Kathryn, then Brian, and then Brad.
Kathryn Neel: Great. Hi, everyone. My name is Kathryn Neel and I work with Semler Brossy Consulting Group. We are a consulting firm primarily to boards of directors, but also to senior management teams on executive compensation programs. So I started my career in public accounting. I’ve a CPA and then have been in executive compensation consulting since 2007. As I mentioned, we primarily advise boards and management teams on executive pay so that could include incentive compensation design, as well as factoring in risk aspects into the compensation program. Over to you, Brian.
Brian Link: Great, thank you, Kathryn. My name is Brian Link, I’m managing director of Mobius 1. Mobius 1 works with nonprofits and cooperatives across the globe and in the nonprofit realm, you can imagine they take on considerable risk, risk that often other folks, government included, don’t want to take on. So risk if very inherent in that business. And then trying to attract people and retain people in those roles where they are managing organizations that are taking on significant risk and associated liability at times can be quite a challenge. Achieving that balance is quite important. And then prior to this role, I was a partner with [Ernst and Young 00:04:02] heading up the enterprise risk management practice in the far East area working with large governmental organizations, public companies and so forth, and working quite a bit with a lot of committees and boards that are tasked with not only oversight of risk management, but also looking at executive comp and how to marry those two dimensions. Sometimes feeling that they’re diametrically opposed and trying to get that right balance. Over to you, Brad.
Brad Tartick: Thanks, Brian. Good afternoon, everyone. I’m an associate at Torys, LLP, which is a full service corporate law firm in Toronto. My practice focus is mainly on employment benefits and executive compensation law in Canada. In terms of exec comp, what we’ll do is we’ll help with the drafting of the plan, then interpreting the provisions as well as security filings and annual disclosure requirements.
Jamie Gahunia: Excellent. Thank you, everyone. So let’s get into the first question. First question is to Kathryn; What do most executive compensation plans incentivize?
Kathryn Neel: Well there’s a nice graphic on the screen here to outline some of the major components that comprise the executive compensation program. Executives have a salary just like the rest of the employees of a company, typically do, and most of the time, executives are also provided a bonus opportunity which is based on the achievement of goals over a one-year period, typically. They usually also have long-term incentive plans, which can include, for the most part, equity-based incentives, so stock-based compensation, potentially also cash-based compensation usually vesting over a multi-year period of time. Typically three years, sometimes four or five.
Kathryn Neel: There are also benefits and perquisites, so typical benefits like other employees receive and sometimes incremental perquisites that often have a purpose of sort of helping the executive be more effective in their role. For example, tax planning given how busy they are, how much they work, and how much travel they often have. Those would comprise those last two categories, the paid expenses and on the insurance bucket. I think a lot of what we’ll be talking about today really falls in the buckets of the bonus and the long-term incentive plan where those two pieces comprise the incentive-related components of compensation for executives where they may be motivated to go out and achieve certain results in order to get compensated.
Jamie Gahunia: Excellent, Kathryn. Brad, do you have any additional thoughts to add to this?
Brad Tartick: No, I think that sums it up very nicely.
Jamie Gahunia: Excellent. So on that note, we have our first poll for our audience; What is the primary driver of your company’s compensation plans?
Jamie Gahunia: Excellent. So looking at the poll results, most executive compensation plans incentivize performance around revenue growth, and potentially shareholder value. Kathryn, this is a question for you; Does this strategy align with the organization in achieving its corporate objectives?
Kathryn Neel: So generally I would say yes, and when you look at the response related to revenue growth, I mean clearly there, what it’s reflecting is … but the companies that we work for, work with are in business to turn a profit. That starts certainly by selling a product or services and in today’s environment, innovation is very, very important to maintain competitiveness in the marketplace in which companies are operating. S executives typically are motivated or incentivized to increase sales, to grow revenue. And then the shareholder value aspect of it could be profitability, so making sure that the revenue growth that they’re driving is profitable but also a return for shareholders, that could be measured either through return-based performance metrics or through the stock component of their compensation. The stock component of course would track with the value of the company’s stock, which would be aligned with what shareholders are experiencing and appreciating. And so if you think about it from that perspective, then certainly those are the metrics that you would expect a company would include and would use to motivate its executives to achieve its desired outcomes.
Jamie Gahunia: Excellent. And Brian, I want you to argue the other side, which is why this doesn’t align with achieving objectives.
Brian Link: Well I’d say it does and it doesn’t. So if you sort of take the Devil’s advocate position and say, well, how does it not align. I think that’s predominantly sort of recasting it a bit in terms of short term verus long term. Are you trying to create long-term value, durable value, or are you trying to hit your quarterly earnings target, which can create some sort of [inaudible 00:09:36] perverse incentives to do some things that are not necessarily driving value over the long term. Historically, that’s been one of the drivers that anecdotal evidence and the real evidence has shown can be a bit problematic when you’re managing the business quarter to quarter, hitting your EPS targets, but … in so doing, creating excessive risk exposures.
Brian Link: So I’d say … you could say no, it’s really all about creating long-term value and you really have to take that longer view, which requires a different set of metrics and associated incentives. As Kathryn mentioned, taking a look at incentives that push the time horizon out a little bit and that tends to be, I think, a little bit more accurate metric. The other bit is when things go badly, how prepared is that executive management team to recover from a risk of a potentially catastrophic risk event. You could way, well you don’t know until it happens, but I wouldn’t say that’s completely true, but I’m sure we’ll get to that in a little bit further on in the discussion.
Jamie Gahunia: Excellent. Thanks, Brian. Brad, this one is for you; Taking to a department level, how do compensation plans vary by department?
Brad Tartick: Thanks, Jamie. I think just taking a step back, you got to look at the main objective of incentive plans. I think one of them is to reward employees for performance because employees are going to be performing different functions within an organization. Often compensation plans are going to vary by department. Senior executives, when we talked about this earlier, their performance metrics are typically tied to company financial performance, which is revenue growth like the slide one showed, and generally, some form of equity. Whereas lower-level employees might instead be eligible to participate in a cash bonus or commission plan. I think also performance metrics within incentive plans can be different by department. Where you have, for instance, health and safety teams metrics might reward lack of injuries and incidents in the workplace, the sales teams might want to be focusing on number of sales or month-to-month growth in sales. So I think when designing a compensation plan, it’s important to determine what you’re trying to achieve and what performance you’re trying to reward.
Jamie Gahunia: Excellent. Thanks, Brad. So now … I guess we have talked about the executive and department level compensation. Let’s turn to the risk management team themselves. Brian, can you discuss how risk executives are typically compensated and are they treated like other execs or differently?
Brian Link: Sure. So for those organizations that have a dedicated risk function, then they are quite often treated as other functions within the organization. If the responsibility for risk falls within internal audit, then you’re going to have more involvement of the audit committee instead of that compensation or at least minimum reviewing that compensation. But I would say generally speaking, and again, it also varies by industry sectors. So in financial services right now, we’re still in a regulatory environment where supply and demand is acting up on the risk function and where … you know, for instance folks that have particular experience in skills around AML or ICAP or stress testing, or you know, a little bit more quantitative or legal/compliance experience, they’re going to be better compensated because they’re in demand. But then folks who are more of generalists, who are doing some very critical, strategic work within an organization heading up the risk function, are not necessarily viewed as being requiring the same sort of compensation level even though they have a very strategic position.
Brian Link: And that’s where I think the audit committee, again, needs to intervene and say, no, we want to raise the bar a bit because this is a critical position for us as the audit committee and the audit committee chair in particular, so they can say, hey, I’m not going to set the compensation level for the had of the risk function but risk is critical for us. We own risk, at least oversight and monitoring of risk. So I think it’s very, very important that they raise the bar a bit.
Brian Link: I guess the final thing I’d add there is that you also want to make sure that … I mention the regulators, the financial regulators, what’s happening now is a lot of them are being sort of captured by the lobbyists and so forth. You want to make sure that those folks are compensated well and so they don’t have improper incentives or influence to have those regulatory drivers diminished because in terms of the health of the financial system globally, you want to have those folks on their toes. So that’s the one other thing I’d mention as well.
Jamie Gahunia: Excellent. Thanks, Brian. What about you, Kathryn? Who should be approving the compensation for roles in risk auditing compliance? Should it be the CFO, their manager, and why?
Kathryn Neel: So I’ve been surprised, I think, just tagging on to what Brian was describing, I think I’ve been surprised to find that at most companies, folks who are overseeing risk or internal audit, for example, are compensated on the same basis, meaning in the same ways on the same programs and against the same goals and metrics, as their counterparts in roles over which they’re sort of overseeing if you will. So I’ve been surprised at the extent to which I don’t see a lot of differentiation and how they’re rewarded.
Kathryn Neel: There are some companies who do differentiate the pay. For example, they’ll have a different waiting or a different mix of the bonus metrics tied to, let’s say, individual or department objectives relative to overall corporate financial results where you might see a heavier waiting for financial results for their counterparts in other departments, but in their department there’s a swap where it’s heavier weighted toward their own performance. But in terms of then overseeing the actual pay and approval process for folks in those roles, I’ve also been surprised to find that generally it is their manager who proposes and approves their compensation changes whether it’s bonus payouts or it’s changes over year in target compensation, as opposed to having a little bit more one-over-one oversight of those types of things where you’d have the manager of the manager or even in some cases, perhaps the audit committee or compensation committee of the board who might approve the pay for the chief risk officer or the chief auditor.
Kathryn Neel: Like I said, I’m surprised to find that doesn’t happen more often. I think that all companies should really think hard about that issue and what the best governance structure is for them. It certainly feels that in industries where there’s a high degree of risk in regulatory compliance and other areas that you might rethink the standard approach of just having manager approval of compensation for those types of roles, and think about some other governance structure either by committee or by elevating it to a higher level where approvals could take place.
Jamie Gahunia: Excellent. Brian, I want to come back to you. Can you discuss this idea of what conflicting goals of managing the risk of the organization versus driving the organization forward from a risk team’s point of view?
Brian Link: Yeah. I think the risk team’s responsibility needs to be very clear that the risk team doesn’t … and again, I suppose to some extent it depends on the industry sector, but by and large the risk team shouldn’t own the risk. They’re there as facilitators, they’re there to ensure that risks are identified, assessed, reported consistently, et cetera, so that management and the board have good information by which to make decisions, informed decisions. So they’re there to make sure that risk becomes part of the fabric of the organization and that it’s done efficiently and consistently and so forth. So they’re really there, ultimately, as enablers. I’m sure everyone’s often heard the analogy of you have brakes in a car in some way so you can go faster. So in a similar way, if you have good risk management practices at hand, that means that ultimately the organization can actually be … take on a larger bit of risk more comfortably and therefore, sometimes places longer but with a bit more confidence because they’ve got better data and data coming back quickly enough that they can respond effectively when things are changing. So I don’t know if that quite answers your question. Yep.
Jamie Gahunia: That’s good enough. I think I’d like to put the question to the audience in terms of your risk team value driver, so what is currently your top value driver of your risk management program?
Jamie Gahunia: With that mind, Brad, this question is for you; What are the significant and common risks to consider in executive compensation?
Brad Tartick: Thanks. I think, you know, one of the things that is setting the wrong performance metrics, and I think we alluded to this, companies occasionally set targets which are unchecked or are only included to motivate short-term gain rather than maybe focusing on the longer term and broader company goals. I also think that lack of proper communication is a risk. I think communication is one of the most important aspects with respect to exec comp. Communication often takes place between a company’s HR team without their comp professionals. The executives that issue the board, possibly even the media and the governmental agencies, I think failure … many exec comp programs can be linked to failures in the communication process. That includes failure to obtain executive input and clearly defined performance goals, changing performance standards midstream without at least discussing it with your executives, and then also implementing a poorly drafted compensation plan that’s unclear and potentially leaves open the possibility of misinterpretation.
Brad Tartick: One other risk that I see is with respect to poor monitoring and updating of your compensation programs. A company needs to regularly review its compensation policies and plans to confirm that they actually reflect current company goals including meeting risk of management objectives. Just as a company grows, evolves so should its compensation plans and risk mitigation processes. So undertaking a review, at least on an annual basis, is definitely worth while so you can consider … so you can identify and resolve any issues with your comp program.
Jamie Gahunia: Excellent. Kathryn, do you have any comments to add to that?
Kathryn Neel: I think that’s a great summary and I think just going back to maybe the modest debate that Brian and I were having earlier about whether the traditional metrics are really the right metrics in incentive programs. I think another risk is, of course, that by focusing solely on those types of goals and objectives, you miss a lot of the risks that may be surrounding the organization or even opportunities beyond just the risks, but certainly focusing solely on those and not keeping in mind some of the factors that are potentially capable of having a great impact on your organization then even the things that you’re pursuing to drive financial performance is a big risk factor. And I think that’s part of what we’re trying to discuss today is how might you consider where and how those types of things belong within the compensation programs.
Jamie Gahunia: Excellent. That’s a good segue to our next question which is what are some ways that organizations should use to mitigate any risks associated with risk compensation plans. Brian, if you could start us off.
Brian Link: Sure. I think we’ve touched on a couple of these already, but I think at the end of the day, keeping it simple. I think the more complex the plan gets, the less effective it gets, so just keeping it at simple and relevant, focusing on the long term like we’ve spoken about before, getting and keeping the board involved. And really focusing in on some of the aspects that we may get into a little bit later here as well, but they’re a little bit harder to quantify in terms of incentive targets and so forth, and that is ensuring that the culture of risk taking is appropriate and the right tone at the top is in place at the organization because that’s ultimately where the executives can have a massive impact upon the success of the organization from a risk perspective is by setting that proper tone at the top and establishing the appropriate culture and so forth.
Brian Link: I’m going to date myself a little bit for the younger folks that are listening, but if you look at Enron or some of the other corporate collapses of days gone by, Enron was considered world class in terms of enterprise risk management. They were the bell winner and they had a very well compensated executive management team that were being rewarded for having this world-class risk management. However, in terms of the tone at the top, the culture of the organization, it was sort of rotting from within and it had catastrophic outcomes as a result. And so that cultural aspect, that softer aspect is critical and just getting down [inaudible 00:24:37].
Jamie Gahunia: [crosstalk 00:24:41].
Brian Link: Sorry. I bumped the button there. In having an internal audit involved to take a look at the program independently and objectively from time to time to validate the compensation program I think is also a best practice.
Jamie Gahunia: Excellent. Kathryn, do you have any examples to share with us on this topic?
Kathryn Neel: Yeah, one … a couple of examples to share. So the first that comes to mind is a good practice that I’ve seen some companies use where their compensation committee actually has a meeting with their risk committee once a year and the compensation … the purpose is the compensation committee to really be briefed on the major enterprise risks and the risk appetite of the organization so they can get a feel for whether there’s something that is significant inherent risk within the business or outside the business, even that could or maybe should have some role within or some impact on the compensation program. So is there such a large risk to the organization that it should be contemplated within how the pay program is designed, whether that’s having everyone in the organization focused on how to mitigate that risk or to keep an eye on that risk, and that might include something like safety and I think maybe we’ll get into some specifics in a minute, but in companies where safety or compliance or quality are really paramount. It could be that it’s important to have those types of things captured within the incentive programs.
Kathryn Neel: Another example would be a company I’m aware of where at the end of the year, they have a formula that determines their bonus program for executives, but they have the ability for the committee to make a risk adjustment to the outcome of the bonus program, and they consider whether or not the company itself and the management team operated within the designated risk appetite and risk framework for the company during the year, thinking that if the company were able to achieve outstanding results but did so by way of putting the company at risk in ways that weren’t part of what the approved framework were, then there might be a negative impact on the annual bonus score. And if the opposite were true, if the company were to deliver outstanding performance and really stayed within or at the low end of the agreed upon risk appetite or framework, that there might be some positive impact on the annual bonus program.
Kathryn Neel: So those are two thoughts that come to mind when we think about how to capture, how you can capture risk within the compensation program.
Jamie Gahunia: Excellent. And Brad, what strategies have you soon work?
Brad Tartick: Sure. In addition to Kathryn’s risk adjustment to bonuses, which I think is a great idea, I think you can include a cap on the amount of incentive comp that can be earned under a plan. As we’ve talked about, you can include provisions or best provisions that are based on achievement of performance metrics that are tied to risk. Companies will often also adopt a share ownership guideline or include mileage provisions in compensation plans or employment contracts that are going to result in forfeiture of any unvested awards or unpaid compensation in the event that an executive breaches a contract or a particular policy. You could also adopt a callback call, see? I’d like this to take a few minutes discussing callbacks since there’s been a growing number of companies who are using them to allocate risk and share the financial loss with their executives. I think a question to consider is under what conditions is it appropriate to adopt a callback policy, which is effectively reclaiming of pay, and how’s it going to work?
Brad Tartick: So I think in the US, you have to first look at the legislation. So callback provisions were introduced by Sarbanes Oxley. Under that act, the SEC has the power to force the CEO and CFO to repay certain compensation received in the past 12 months, that the company needs to restate their financial, and that would be a restatement due to material noncompliance and as a result a misconduct, and the misconduct itself doesn’t actually need to be misconduct of the CEO or CFO. Similar roles would apply to Canadian companies that are listed on the US dock exchanges as foreign private insurers.
Brad Tartick: In 2015, the SEC also proposed a new rule under [Dodd Frank 00:29:06] in US Secures Exchange Act, which contains provisions that would actually require public companies to adopt a company-enforced callback policy. So these policies would generally be broader in scope in what’s now required under Sarbanes-Oxley. It would apply to current and former executives and it would have a longer lookback period, three years versus 12 years. And so … excuse me. And then in Canada, there are really no legal requirements to implement a callback policy, but it is quite prevalent, especially among financial institutions and other large public companies. I also think that there’s a general industry consensus in support of the implementation of callbacks from proxy risers and various other groups, like the Financial Stability Board and institutional shareholder services.
Brad Tartick: So what does a company have to think about when establishing a callback policy? I mean, there’s lots of laws to think about and I think that we could go on for quite a bit of time to discuss all the potential of all that considerations, but just mainly I think in order to adopt a callback policy, you have to figure out what is the objective. It can be a number of reasons, including protecting the company shareholders’ interest and preventing significant damage to the company, avoiding bad optics, and reducing potential motivation for inappropriate actions and decisions by executives.
Brad Tartick: The second point is how can a company’s objective be achieved? Well I think this is through a properly drafted policy which includes an explicit set of rules of pre-established process for the board or whoever’s going to be implementing the policy to follow.
Brad Tartick: And the third is it goes to the implementation of the policy. Will the company be prepared to investigate and potentially penalize actions or decisions that breach the policy once clear evidence of capability is established. This is why having a clear and concise set of rules and steps in the policy can be really helpful.
Brad Tartick: So just to wrap up the point on callbacks; if your company doesn’t have one in place now, it’s probably worth while to consider whether it would be beneficial, and if you do have one, perhaps it’s time to consider whether it needs to be updated.
Jamie Gahunia: Excellent. Thanks, Brad. So we’ve talked about [inaudible 00:31:24] financial services companies, public companies. Let’s put an industry lens on this; How might these practices vary by industry, and Kathryn, this question is for you.
Kathryn Neel: Sure. They certainly do and I would say that the practices vary notably by industry where if you were to look at, for example, financial services I think that’s an obvious one where there’s really been a lot of focus on risk and the impact that compensation has had in driving executives to potentially take excessive risk and put their companies at risk, and then the overall broader economy at risk and the financial crisis. In that case, that’s where you really do see the regulators have stepped in and have stepped up and have actually specified certain compensation arrangements that they view to be more or less risky.
Kathryn Neel: So Brad mentioned earlier putting a maximum or a cap on compensation payouts under incentive programs. The regulators generally believe financial services organizations should have lower caps on incentive payouts and that executive should not be motivated to swing for the fences, if you will, and take on risky loans, as an example. They also don’t think that stock options are a good design for financial institutions because again, the inherent risk that’s associated with options where there’s incredible upside potential but really, very little in the way of downside potential.
Kathryn Neel: In other industries, if you were to look at the utilities sector or the extractive industries where there would be a heavy construction aspect to the business, you see safety metrics highly prevalent. So I work with the utility company that’s very, very focused on reducing injury rates. In some cases, I’ve worked with another organization where they were actually focused on reducing or eliminating and minimizing to the best extent possible, fatalities. So these types of organizations often do have metrics that are related to injuries within their incentive compensation programs.
Kathryn Neel: I have a similar experience with companies that are in the entertainment space. So you think of big entertainment venues or amusement parks where safety and security is very, very important and a focus on customer satisfaction as well, because customer satisfaction and a happy customer is ultimately going to lead to most likely behaviors that are going to support unrisky behavior within an organization as well.
Kathryn Neel: So those are some examples that really come to mind where you would find these measures are more prevalent than they are, let’s say, in consumer goods for example, where you really find for most the part a heavy focus on financial metrics only.
Jamie Gahunia: Excellent. Thanks, Kathryn. Next question is for Brian; So besides the financial metrics that we’ve been talking about, should compensation plans consider risk metrics when determining bonus payout and financial incentives? Brian, can you discuss the pros and cons of using risk metrics?
Brian Link: Sure. I think Kathryn actually touched on quite a few of them just now. If you look at non financial measures, anything that impacts value is one dimension. So that could be quality, that could be customer satisfaction, it could be some combination thereof. Again, depending upon the industry, what are those risks that may impact value that aren’t necessarily purely … then ultimately represented in terms of financial metrics or manifest in terms of financial metrics. And then also looking at increasing area of interest which is sustainability and looking at metrics throughout sustainability, what used to be called triple bottom line and now is being expanded out to say what are the risks that we as a company are contributing to at a macro level environmentally and in terms of the environment, in terms of equity, et cetera.
Brian Link: And then also, again as Kathryn mentioned, health and safety in certain industries is critically important and should be, and is, often a metric. Extractive industries, again that Kathryn mentioned, [inaudible 00:36:11] point where the nature of the business is such that it’s very, very difficult to avoid injury and death, but then folks will say, well, what is our risk appetite? How many people can die every year? And is that even really a question we should be asking? Because shouldn’t it be zero?
Brian Link: And so it’s really good to have those difficult conversations early on and say all right, these are the things that are critically important to us as an organization that demonstrates that we care about our people and our impact to the environment and the communities which we operate. What are those key metrics that we should be tying back. And most of them do have a risk dimension associated with them.
Kathryn Neel: Jamie, there’s one I neglected to mention, if you don’t mind, that Brian just … when he was talking, it just reminded me of it. It’s heavily in the news and headlines these days, if you read about pharmaceutical companies and drug distributors and their role in the opioid crisis. But even beyond that, just the pharmaceutical industry itself, and the risk that the products that they’re manufacturing could damage people’s health and then there’s also the risk that sales people do things they shouldn’t do to drive sales.
Kathryn Neel: And so that one, I think, it’s a perfect example because we’re all following what’s going on with these companies. And many of these organizations in the pharmaceutical space actually do have some kind of quality and/or compliance measure already included within the compensation program, but you have to step back and wonder is it really enough? Are they doing enough in that area? Could they potentially do more to make sure there’s a balance set of incentives against, of course, innovating and creating products that are going to save lives because that is the mission of these types of organizations, but then being responsible in how they market and sell the products. And also ensuring, of course, that the quality of the product is at such a high level and such high standard that it’s not going to do damage to anyone’s health.
Kathryn Neel: Those, I really do think just to reiterate what I was saying, I think it’s appropriate to step back and to reevaluate the balance of incentives to achieve all of those different objectives that I just mentioned and make sure that they are appropriately balanced.
Jamie Gahunia: Excellent. Thanks, Kathryn. On that note, we have another poll question; Are risk metrics considered as part of your organization’s performance plan?
Jamie Gahunia: Brian, so this next question is for you. I know we talked about metrics a lot and I see a lot of nos in here. I’m wondering if you can comment on how to potentially introduce the idea of metrics in an organization, and from your past experiences at [E.Y. 00:39:26].
Brian Link: Sure, sure. And again, it really is sector specific. When we look at the quantitative metrics that are typically used, it’s risk adjusted, rate over turn on capital, earnings per share, return on assets, and there’s quite a list of acronyms; you know, economic value added and it goes on and on. And the most common one is some ways the easiest one is total shareholder returns, but it’s really sort of a blunt instrument because executives can influence that to some extent but there’s 40 percent or even half of that quite often is determined by the sector, the market. So they’re being compensated both upside and downside for something that they don’t really control all that much.
Brian Link: So I think some of the, again, the financial metrics are important. They’re good indicators. But also on the qualitative side of things, or the non financial metrics, that ultimately impact the durability of the company in value, I think are as important if not more important. Where you really want to impact the fabric of the company, the mission of the company, the long-term value of the company that do manifest themselves in financial metrics at the end of the day, but the non financial metrics, I think, are much more powerful in terms of being those leading indicators of where the company is tracking, or the organization is tracking. Because I think we’ve been talking quite a bit with an assumption that we’re talking about public companies, but there are other organizations, non governmental organizations and others, where shareholder value is not a metric. So then you have to say, well, what is our mission, how’s it defined and how do we measure it, and what are the impacts that we’re trying to achieve.
Brian Link: So again, those non financial indicators become critically important. It really boils down to having a really well-defined strategy, well-defined KPIs and targets, and then if you have those, which a lot of organizations don’t have but if you have those, then you’re in much better position to then say, okay, how do we look at risk and then how do we look at the incentives and draw out that matrix. But it really all starts with the strategic plan and the associated targets.
Jamie Gahunia: Excellent. And on that note, there’s another poll; In terms of the audience that actually measures KRIs and other risk metrics, what tools do you use? So how do you currently measure and track KRIs and other risk metrics?
Jamie Gahunia: Excellent. I’d also like to talk about culture. Culture came up earlier before. Let’s explore that a little bit more. So corporate culture does play a significant role in risk-based decision making, ultimately the success in the organization. Kathryn, this one’s for you; How can organizations measure culture and cultural risk?
Kathryn Neel: It’s a real area of focus right now for boards. In my experience, the compensation committees that I work with are rethinking their mandates a bit to broaden them out beyond just pay and think more about human resources overall, so becoming more of an HR in compensation committee than just a compensation committee. And as part of that broader mandate, wanting to oversee culture, if you were to follow what the national association of corporate directors is putting out and talking to, their members about … it’s a lot about the board’s role in overseeing culture and the importance of culture in managing risk for an organization, the external reputation of the company and the impact that ultimately then has on shareholder value. So culture is just certainly front and center. I have some companies that are a little bit ahead of the curve in thinking about okay, how would we report to a board or even measure internally our view of our own culture, and certainly associating engagement scores are a method that have been used for a long time to measure the health of an organization internally.
Kathryn Neel: But one really interesting example I saw recently was a company that had done an in-depth analysis of Glassdoor ratings and comments where they looked at their own ratings and then they looked at their top 10 or 12 competitors. And they analyzed the ratings over time. They analyzed ratings, for example, about leadership of the organization. So I believe in Glassdoor, there’s a specific question to rate the confidence of the leadership team and of the CEO in particular, and it was very interesting to see how over time, the ratings evolved and changed when there were leadership changes, how they changed depending on what was going on with an organization. But I think in the end, the company was a bit skeptical of the information they’d get through Glassdoor and it ended up confirming a lot of their suspicions about their own culture and about some of their key competitors’ culture. I think was a really, really good measure … not measure per se, but a very good evaluation of their culture in places where they could improve places where they were very strong. And it even highlighted places where some of their key competitors were very strong and exceeded their ratings so they could try to go out and learn what it is that these other organizations are doing to have such a strong culture.
Kathryn Neel: I think they’ll continue to do this. It highlighted the laggards for sure. My understanding is that some of their … it was actually the idea of one of their investors who’d gone out and started this assessment as a way to look at the portfolio of companies that they had within a particular industry and evaluate where there were strengths and where there were weaknesses. So I thought that was a very unique and very good way to try to get a good sense for culture that was different from what I’ve seen before.
Jamie Gahunia: Excellent. And Brian, do you have anything to add from your experiences? Oh. I think we’ve lost Brian.
Brian Link: Oh, sorry. I have to unmute myself. Sorry. So no, I think that it reinforces, again, the importance of leadership, setting the tone at the top as part of the corporate culture. It’s not just, you know, their capability as managers, technical capability, but also the softer skills of setting that tone, motivating folks to do the right thing, to make the right choices. You can look at things like Kathryn mentioned the opioid crisis and how that’s impacting some of the companies.
Brian Link: Also Volkswagen, from the senior leadership team on down, motivated to do some things that they shouldn’t have been doing that have very, very negatively impacted the company from a value perspective and reputation perspective long-term.
Brian Link: So the question is how do you then ensure that the management team is up to the task of appropriately setting that tone at the top, have the right moral and ethical fiber, as opposed to that dimetric opposing force of growth at all costs, which unfortunately some folks are completely against because it helps drive those returns. So the board, again, I think it comes out on top where they’re not going to make … there’s not a huge differential in the boards’ pay based upon how the company does. They are … they tend to be much more independent, much more objective, and they’re on the hook if things go wrong. So they’re in a perfect position to really up their game in terms of demanding the metrics that give them some sense of corporate culture.
Brian Link: Another hard bit of it is just walking the halls, getting out there and talking to folks at the [inaudible 00:48:25] face. And you can do it through Glassdoor, but that tends to have a certain sort of bias to it, but it’s a good data point. You know, nothing better than going around and talking to line management. You have 12 conversations with line managers and you can learn an awful lot as a board member.
Jamie Gahunia: Excellent. Thanks, Brian. And we have our final poll, which is within your organization is risk management part of the committee that decides executive compensation?
Jamie Gahunia: On that note, yeah … it’s very high. The nos. On that note, Kathryn or Brad, do you want to chat about the results of this before we go into the next question?
Kathryn Neel: Any comments, Brad?
Brad Tartick: None for me.
Kathryn Neel: Yeah. I guess I said wow, and I guess I am a little bit surprised. I think the question was referring more to maybe internal committees on compensation as opposed to the board committee on compensation. So the internal committees who make decisions around executive pay, it seems like it’s something that should be raised if there’s no one in risk that’s involved. To me, that indicates maybe there’s some conversations that should take place about how you can bring in a view of risk within the organization when those decisions are being made. Because I know boards are thinking about how to cross staff committees where you might have a member of the risk committee that also serves on the compensation committees, that you bring the viewpoints of someone who’s a member of the risk committee on to that compensation committee.
Jamie Gahunia: Excellent. And we are down to our last question, which is … perhaps this is for Brad. Can you share some advice on how to start conversations with executives on adopting great risk mitigating features into executive compensation?
Brad Tartick: Sure. Well I don’t think it’s a one-size-fits-all type answer. I think the starting point would be issue identification by the board or the compensation committee while having a look at their compensation practices. Also, looking at industry trends and risk mitigation practices of the company’s peers. I think the idea would be the compensation committee or the board would then have to get management on board with any changes. I think that generally starts with a conversation with the CEO and works its way down. How this happens, I think depends a large part on the company and the circumstances that are motivating the change. For changes, there will be a range as to how aggressive or conservative you’ll want to be with management. The type of company, the board and management dynamics, I think will dictate where you land on that scale of aggressive or conservative.
Brad Tartick: For example, management of a large public company may be a bit more inclined to change since they may care a bit more about being a good corporate citizen. Also, I think it would probably be easier to implement value; Best in class risk mitigation policy. If a big problem has been identified at the company, whereas if everything is going smoothly, I think it’s going to be harder to get management on board with any changes, especially changes that affect their compensation in a negative way potentially.
Brad Tartick: So in those cases, I think you can highlight to your management what have your peers implemented and what the industry standard is. All that is to say that strategy to retake it is very much dependent on the circumstances and you can always look to your outside guidance to help navigate you through the situations.
Jamie Gahunia: Excellent. Thanks, Brad. So that concludes our panel session. We have a few minutes before we let you go for some Q&A. We have, actually, one question that’s come through and so this question is do any of you see companies leveraging risk management in the compensation of other business lines within the organization? For example, when a specific area continuously does not provide necessary information pertaining to risk functionality, HR is involved, and eventually this behavior began to impact their end of year compensation. Maybe Kathryn, you want to take that question? So I think you’re on mute.
Kathryn Neel: Apologies. Is that working now?
Jamie Gahunia: Yes, yes.
Kathryn Neel: I think that what’s been described there in the question is probably typically how that’s handled when I’ve seen it. So that is that when a bonus funding is determined, usually there’s a corporate funding but then there’s an allocation of bonus dollars or bonus funding to various regions or business units or departments. In any business unit or area of the organization that is not doing what they should be doing with respect to what was asked in the question, should most likely have an impact to their allocation of the bonus funding. Money talks and so usually those types of decisions made to reduce the funding for a group that’s just not complying where they should be may be what’s required to have an impact on the performance of that business unit. I mean, ultimately you would think that senior leadership would step in at a certain point and be very concerned about that type of behavior, but I agree that involving HR and then considering how you might make an adjustment to the incentive payout for that business unit is probably the best way to go.
Jamie Gahunia: Excellent. And that is all for our questions, so that concludes our webinar. I’d like to thank our esteemed guests for participating in our webinar. Feel free to reach us at any time. Our contact details are, I believe, in the handout, so thank you every one.
Kathryn Neel: Thank you.
Brad Tartick: Thanks very much.