As a CFO, you’re probably not a member of the company’s board. But you might as well be. You attend the greater portion of most board meetings and are asked for a lot of input.
But are you always fully prepared? After all, a new hot item may pique the board’s interest at any time. “If you’re caught flat-footed on whatever the current topic is, you look pretty stupid,” says Ellen Richstone, a former finance chief, longtime member of multiple boards, and current board member of the New England chapter of the National Association of Corporate Directors. “Looking back at my own time as a CFO, there were occasions when I should have known more about what the board was discussing.”
At almost any point in time, a board’s agenda most likely will include strategic planning and oversight, financial reporting, and corporate performance evaluation. Increasingly in recent years, the standard short list has grown to encompass risk oversight, globalization, compliance, and technology issues. But what, more specifically, is likely to be on the table in 2013?
Compliance Part 1: Conflict Minerals
It’s just one of the 398 rulemakings required by the Dodd-Frank Act (and one of 136 that have been finalized). But the Securities and Exchange Commission’s new regulations regarding “contract minerals” promise to be prominent in boardroom discussions this year and perhaps next.
The SEC estimates that about 6,000 U.S. companies, or 40% of the approximately 15,000 publicly held ones, will be subject to heavy new compliance requirements. That is, any company that sells products containing gold, tantalum, tin, or tungsten, or otherwise uses those substances in making products, must publicly report on the metals’ movement through its supply chain. The purpose is to determine whether they were mined in the Democratic Republic of Congo or surrounding countries, where warring parties have been looting mines for years and selling the four metals in the global market to fund their violent activities.
The reporting requirement begins in May 2014, but companies’ initial reports must cover calendar-year 2013 supply-chain activities. Reports containing false or misleading statements could expose CFOs to liability under securities laws.
Most public companies in the aerospace, automotive, construction, electronics, industrial equipment and tools, jewelry, and medical-equipment industries will be subject to the rules. Privately held companies could be at risk as well, if they supply products to public companies. In the aggregate, companies will spend several billion dollars to comply with the regulations, says Dennis Whalen, executive director of KPMG’s Audit Committee Institute.
“It’s going to be an awful lot of work for companies,” says Richstone, noting that the matter did not get on many boards’ radar screens until fairly recently. At a board meeting where she first heard about it, “we all sat there with our mouths hanging open, saying is this for real?”
Memo to CFOs: get ready to scour your supply chain.
To hear cloud-software vendors tell it, concerns over data security have drifted into the past. But, says Richstone, the topic has been featured at every board meeting she’s been to in the past year. In fact, in a recent survey by Corporate Board Member and FTI Consulting, 48% of directors rated data security as “a major concern,” almost double the level found in a similar study four years earlier. The concern is divided over the possibility that a security breach could profoundly damage a company’s business and reputation, and the possibility that Congress may enact laws for how companies should protect their data.
About the latter, says Francine Friedman, an attorney focused on public-policy issues with Akin Gump Strauss Hauer & Feld, “industry is responding by saying they are better able to handle this themselves. They can respond more quickly to the next type of cyber threat. It takes Congress so long to get anything done. Whatever they were to pass would most likely be obsolete by the time it’s implemented.”
Several lobbying initiatives funded by corporations are under way in Washington over the issue, most notably one spearheaded by the Direct Marketing Assn., Friedman notes.
Spurred by board interest, she says, “CFOs should look at what message their company is sending to consumers about protection of their information, and how it impacts the bottom line. And they should do a cost-benefit analysis: What kinds of protections are we paying for, and how secure do various types of data have to be? Is it worth it to have encryption over encryption over encryption?” Protecting e-mail addresses and passwords is crucial, phone numbers less so, and names lesser still.
Social Media: It Giveth, It Taketh
Boards are sure to be debating both the pros and cons of social media. As to the pros, McKinsey recently estimated the value that could be created by social technologies could exceed $1 trillion annually — and yet, only 3% of companies are currently deriving substantial benefits from them across all stakeholders, including customers, employees, and business partners.
“I am in general agreement with the proposition that companies are not getting great ROI on their social-media investments,” says Ron McCray, a former executive with Kimberly-Clark and Nike who is now on three corporate boards. But there are some interesting exceptions, he adds, such as Nike, which lets runners put a chip in their shoes that records speed, pace, distance, etc.; load the information into a computer; and network with runners worldwide on a Nike social-media platform.
And, he notes, “As the Obama campaign showed, social media can be a good way to get at data analytics.”
As to the cons, boards will be attuned to the potential for news that portrays the company in a poor light to spread virally — and not only news that originates externally. “What’s happening now, quite a lot, is that the CEO, for example, learns how to use Twitter, and he thinks it’s a great thing, and a lot of the employees follow right along,” says Fred Foulkes, a professor at the Boston University School of Management and another longtime member of corporate boards. “Suddenly someone is sending a Tweet about inside information, like a possible big order from a potential new customer.”
Boards, CEOs, and CFOs will be cooperating more to identify social media–related risks and options for mitigating such risks and responding to bad news or attacks that go viral, Richstone says.
BRIC by BRIC
Globalization suggests a boiling cauldron of issues for boards and senior management alike: strategic risks, market entry, local competition, local cultures, exposure to new political and economic environments, operational risks, IP protection, finding and deploying talent, the complexity of managing an extended organization, and compliance hot spots.
“The ante is moving up,” Richstone says. That’s partly because global sights are being more narrowly trained on the BRIC (Brazil, Russia, India, and China) countries, with their vast areas, populations, and poverty. And it’s partly because of the recent strong step-up in enforcement of the Foreign Corrupt Practices Act, and FCPA-like laws being enacted in many other countries.
“For the last 12 months, boards have been getting more and more [global] inputs from trusted advisers, putting more people on the streets, and doing more government evaluations,” says Richstone. “CFOs have got to be in front of those issues.”
Whalen adds that while boards understand how the company they oversee functions at headquarters and major domestic locations, “they’re trying to get a sense through their interactions with CFOs and others as to the culture in China or Russia or Brazil.”
At the same time, boards may be looking to do some retrenchment with regard to the outsourcing of processes to other countries. “I can’t say how much attention it will get overall, but I and some other directors are thinking about it,” says McCrae.
Factors including the state of the U.S. economy, unemployment levels, technology advances, and in some cases higher quality levels available in the United States are all converging to make boards and company executives consider bringing back some of what was offshored. That suggests an important role for CFOs in terms of cost modeling, but more than that. Says McCrae, “A strategic CFO is, for example, going to ask questions like, would our customers prefer American customer-service reps. That’s not about cost.”
Compliance Part 2: Delegate Compliance
There are many reasons why CFOs may be more focused on compliance in 2013, and one of them is that boards will be looking to limit the time they focus on the subject.
With the new conflict minerals requirement, many more Dodd-Frank rulemakings expected to be finalized this year, and the FCPA, boards likely will be talking about how they can exercise proper compliance oversight but stay out of the weeds.
“A priority for boards will be not getting so diverted on compliance that they don’t spend enough time making sure the company has a solid strategy and the best executive team to implement it,” says Foulkes. “So compliance will be falling even more into the purview of the CFO.”
Whalen says many boards urgently want to get back to a high focus on corporate strategy after years of focus on Sarbanes-Oxley, the recession, and Dodd-Frank. “Boards were down in the weeds,” he says. “They still have to be involved in compliance. But if the company is, say, going into China for the first time, they also have to make sure at a very high level that the company has the resources to be successful there and is leveraging the right advisers so that they don’t find themselves in two years with a big China problem.”
Still, boards are also looking to free up part of the time internal auditors have been spending on compliance activities for the past decade. “We’re seeing internal audit teams being more involved in strategy rather than just financial controls and compliance,” Whalen says. “There’s a view that internal audit should be a resource that can help audit committees and boards fulfill their responsibilities.”
Same Old, with a Twist
Boards, says Whalen, increasingly are asking audit committees and CFOs to present a one-page treatment of hot issues, and not just a 20-page PowerPoint presentation. Board members want to understand the thought process leading to decisions on things such as valuing investments, measuring credit losses, and evaluation goodwill impairments. And they want to understand alternatives to the course management chose. They want to know, he says, “If you moved one of your factors a point, would it have impaired hundreds of millions of dollars?”