2024 Shareholder Meeting Agenda

Introduction: 2024 Shareholder Priorities

Over the last year, public companies entered a new age of disclosure, where the margin of error has virtually disappeared in the eyes of many stakeholders. 2023 saw the introduction of major global regulations, continuing labor stressors including sector-halting strikes, new technology-related risks, and a surge in new sustainability-related stakeholder expectations of companies. Each of these forces compounded the effects of global macroeconomic uncertainty surrounding inflation and timing of interest rate changes.

These developments signal the importance of rigorous board evaluation of whether their directors and C-suite are fit for purpose. Directors need to be aware of what they bring to the boardroom, continually hone unique skillsets, and guide management in realizing the company’s strategic vision.

During 2024 shareholder meetings, investors will be attentive to the board’s proactivity toward cyber exposure, risks associated with technology usage, sustainability reporting and governance, human capital management, as well as how the board drives corporate accountability and transparency in achieving stated business objectives. As boards prepare to meet increasing demands for transparency during the upcoming proxy season and shareholder meetings, BDO’s 2024 Shareholder Meeting Agenda presents the top challenges and opportunities that boards and management teams should consider. 


All Eyes on Cyber Risk & Generative AI

Generative AI and Large Language Models (LLMs) continue to rapidly proliferate, posing enormous opportunity and risk to organizations of all sizes, regions, and industries. Companies are urged to be proactive in their understanding of how such innovations may be harnessed. However, adoption of these technologies require the creation of policies and protocols that are monitored and enforced to guide employees in responsible use and safeguard the business.

Meanwhile, data breaches and other cyberattacks are increasing in complexity, scale, and cost. According to IBM, the global average cost of a data breach increased to $4.45M USD in 2023, a 15% spike over the last three years. Phishing, ransomware, and cryptojacking remain among the most popular modes of cyberattack, often stalling operations, compromising data, and costing millions in remediation. The risks and opportunities related to new and legacy technologies, particularly where consumer data is involved, have become an all-encompassing issue for boards and management to understand, protect against, and monitor.

New SEC cybersecurity and incident disclosure regulations require transparency of the board’s role in the oversight of cyber risk management and reporting, along with management’s processes and expertise in protecting, deterring, and remediating against the company’s cyber exposures and for timely incident reporting. In 2024 SEC filings and other public technology- and cybersecurity-related disclosures, shareholders will be looking for enough detail to determine how the board understands, communicates about, and addresses the following:

ThemeComponents
Risk Landscape
  • The cyber risks material to the business
  • How cyber incidents are monitored and how the organization identifies potential cyber risks (especially for particularly vulnerable sectors)
Leadership & Expertise
  • The allocation of the board’s oversight of cybersecurity to a designated committee or specific directors*
  • The depth of management’s cybersecurity expertise

*Note: While there is currently no formal requirement for boards to disclose their own cyber expertise, directors are expected to be highly knowledgeable in this risk area, which is likely material for most companies.

Governance Structures
  • Structures designed to keep management accountable for its approach to technology implementation and cyber risks
  • Board oversight of policies, incident monitoring, and enforcement mechanisms
Data Hygiene & Usage
  • How directors uphold a foundational knowledge of the data assets the organization owns and maintains and how such are protected
  • Whether the organization takes a multidisciplinary approach to cyber risk readiness
  • The existence, if any, of training and resources to ensure that employees understand cyber risks and are vigilant in how they conduct themselves and engage with third parties, who may not have the same level of protections or controls

BDO Insight

In 2024, the board’s duty of care will cover new and emerging areas; with the advent of groundbreaking technological advances in generative AI and LLMs, the onus falls to the entire board to identify and fill any gaps in determining the needs for cyber and technology expertise.

It’s not enough to simply develop technology and cyber policies. Overall governance structures must expand to address these new and emerging risks via protection and enforcement mechanisms, training, and strengthening of the control environment. With the effectiveness of new cyber risk and incident reporting regulations, boards should already be working with management, IT, internal audit, legal, and other relevant professionals to ensure that the company’s related data governance and security programs and policies are viable and that reporting is accurate, consistent, and attestation-ready.

Leadership of change and crisis management is key to good governance — from supporting management to communicating with shareholders and other stakeholders. Boards and management, along with their advisors, need to discuss the types of events that could materially impact operations and finances and establish how they will determine materiality in the event of a breach, even if the chance of occurrence seems remote. Boards should also be regularly discussing their cyber incident preparedness and disclosure readiness. Productive conversations start with directors seeking continual education on the cyber risk landscape of the organization’s own industry and beyond. Preparedness continues with conducting readiness and/or tabletop exercises that stress test the organization’s specific incident-response plans. 

For companies considering M&A activities, boards should ensure that cyber experts and technologists participate in due diligence and pay particular attention to exposures that may arise from integrating disparate technology systems, use of third parties, and merging new employees into a new, unfamiliar corporate culture.

Climate Regulations Driving Transparency & Governance Sophistication

Given the proliferation of sweeping climate risk and greenhouse gas (GHG) emissions disclosure requirements in the U.S. and abroad, certain of which take effect in 2024, shareholders now harbor even greater expectations of corporate climate risk transparency.

California recently enacted two landmark laws mandating that companies doing business in the state disclose climate-related business risks as well as Scope 1, 2, and 3 GHG emissions. California’s requirements, which apply to both large public and private businesses, beat the SEC to the punch on finalization of its proposed climate disclosure rule.Climate disclosure requirements outside of the U.S., such as those mandated by the European Union’s CSRD, also appear to be capturing many U.S. companies in their scope due to foreign operations or participation in global supply chains.

Notably, the proposed SEC climate disclosure rule would require several disclosures related to the board’s oversight of climate-related risks, such as whether any director has expertise in climate-related risks and a description of that expertise. Boards must also keep in mind that the SEC will continue to scrutinize filings and disclosures under current regulations to ensure that companies disclose identified material risks and their estimated impact on the business. 

Depending on a company’s action or inaction related to sustainability and environmental, social, and governance (ESG) issues since the previous year, its board may expect shareholders to issue more related proxy proposals. We may very well see a repeat of last year’s deluge of sustainability and ESG-related proposals (both demanding and opposing initiatives), particularly related to executive pay, racial equity, fair labor practices, and other areas of human capital and compensation. 

BDO Insight

Boards struggling to prioritize the many sustainability and ESGrelated challenges and opportunities they face are encouraged to go back to basics:

  • Ensure management integrates sustainability and ESG considerations into its risk management strategy and involves a multi-disciplinary team across the organization.
  • Require periodic sustainability and ESG risk assessments to identify and prioritize material risks and opportunities relevant to the organization’s overall business and growth strategies.
  • Ensure decision-making involving sustainability and ESG factors is informed and communicated from the perspective of stakeholders to be most effective.
  • Within the broader context of enterprise risk management (ERM), accuracy and reliability of sustainability and ESG data should be evaluated based on the existence of effective policies, procedures, and internal controls in preparation for attestation.
  • Stay on top of evolving regulations — both domestic and global — as the depth and breadth of regulatory activity continues to increase in complexity.

In particular, directors should oversee:

  • Consistency of data across disclosures. Material sustainability and ESG risk factors discussed in a company’s sustainability report, publicly available reporting and/or marketing materials should be reported in a manner consistent with its 10-K, MD&A, etc., as appropriate.
  • Reporting aligned with appropriate frameworks. Data reporting should comply with broadly accepted industry and global frameworks.
  • Rigor of sustainability reporting. Accounting and reporting controls and processes for sustainability and ESG performance metrics and other nonfinancial disclosures should be as robust as those for the company’s financial reporting. They should also align with industry benchmarks and norms.

Boards Refining Structure & Skillsets

Shareholders and proxy advisors remain focused on ensuring that boards are diverse across various metrics: gender, race/ethnicity, age, skillset, and experience. Activist shareholders, particularly adept at highlighting vulnerabilities in a business, often call into question the viability of the governance oversight structure and the capabilities of individual directors.

Boards need to regularly evaluate their composition and capacity, allocation of roles and responsibilities, and policies and procedures in the context of the business environment and the company’s overall strategy. In seeking new directors, they need to consider the specific needs of the organization as well as the potential for conscious or unconscious biases in the selection process. Additionally, rigorous protocols should guide the company’s evaluation of board, committee, and director performance. A skills identification and gap analysis can help inform a director candidate search and board refreshment process.2

Boards must further consider which levers shareholders and proxy advisors can use to force companies to take actions like recommending the removal of individual directors, operational changes, and disclosure of certain information. Recent examples include NASDAQ’s rule and various state legislation requiring board diversity disclosures and the SEC’s Universal Proxy Card allowing shareholders more opportunity to nominate their own director candidates.

While it may be too early to discern how such levers may influence board refreshment processes, these considerations remain compelling elements for boards to keep on their radar during this year’s proxy season and shareholder meetings. Board composition may be challenged, so directors must also understand potential issues that activists could take on in their efforts to nominate their own board candidates and/or convince shareholders to reject company-supported director nominees.

BDO Insight

No one board size, structure, or composition fits all organizations. Below are essential structure-specific discussion questions for board consideration ahead of shareholder meeting season:

  • Have we identified the business’s key sources of risk and strategic opportunities? Does each director serve specific, mission-relevant needs?
  • Is our structure (including committee composition) as effective as possible? Would management and the organization benefit from a refreshed committee structure and/or a realignment of roles and responsibilities?
  • Does the mix of expertise on the board (including institutional and industry knowledge) reflect the objectives, strategy, and growth plans of the business? For example, if the growth strategy is centered on acquisition, does the board have current M&A and change management experience?
  • What skill gaps may exist, and how can we fill them? Do we need to refresh the board, or would training/education and/or use of advisors suffice?
  • How are we setting the tone and internal culture for the rest of the organization? How and with what insight are we overseeing organizational culture? Have we created an environment in which directors aren’t afraid to challenge/hold accountable management and each other?
  • How recently have we engaged with our stakeholders and shareholders on the topic of board structure and diversity? Are we evaluating ourselves against industry benchmarks?
  • How independent is our board? How does its current ratio of independent versus inside directors influence decision-making, growth, and innovation?
  • How frequently does the board look ahead and consider future material risks, challenges, and opportunities that may impact the business and/or its strategies?

Spotlight: Proxy Advisors Weigh In

Proxy advisor Glass Lewis (GL) released its changes to 2024 proxy guidelines that reflect similar topics of interest to regulators. Some of the matters referenced include:

  • Cyber Risk Oversight: GL believes such risk is material for all companies. In instances where cyberattacks have caused significant harm to shareholders, GL will closely evaluate the board’s cybersecurity oversight as well as the company’s response and disclosures. In instances where a company has been materially impacted by a cyberattack, GL may recommend against certain directors should the board’s oversight, response, or disclosures concerning cybersecurity-related issues be insufficient or not provided to shareholders.
  • Accountability for Climate-Related Issues: GL has extended its 2023 guidelines for detailed climate risk disclosures in alignment with Task Force on Climate-related Financial Disclosures (TCFD) recommendations to the S&P 500 based on whether they fall under the SASB’s financially material GHG emission risk criteria. Furthermore, they may also vote against responsible directors for absence or significantly lacking disclosure of explicit and clearly defined board oversight responsibility for climate-related issues.
  • Oversight of Environmental (“E”) and Social (“S”) Issues: When evaluating the board’s role in overseeing “E” and/or “S” issues, GL will examine a company’s committee charters and governing documents to determine if the company has codified a meaningful level of oversight of and accountability for a company’s material impacts.
  • Utility of Clawback Provisions: In addition to new listing requirements related to the clawing back of compensation when companies experience restatements of their financials, GL expects effective policies to provide companies with the power to recoup incentive compensation from executives for material instances and a rationale provided if the company decides to refrain from pursuing or pursues alternative measures.
  • Material Weaknesses (MW): Just as the SEC expects companies to remediate MWs in a company’s internal controls over financial reporting in a timely fashion, GL will consider recommending a vote against all members who served on the audit committee during the time when the MW was identified in either of the following cases: (1) if the MW has been reported and there has been no disclosure of a remediation plan; (2) when a MW has been ongoing for more than one year and there has been no disclosure of an updated remediation plan that clearly outlines the progress toward remediation.
  • Executive Ownership Guidelines: GL expects companies to facilitate alignment between the interests of the executive leadership with those of long-term shareholders by adopting and enforcing minimum share ownership rules for their named executive officers and disclosing in the CD&A section of the proxy statement. Counting unearned performancebased full value awards and/or unexercised stock options is considered inappropriate.
  • Board Gender Diversity and Underrepresented Community Diversity: If a board does not meet GL’s diversity requirements, GL may refrain from recommending voting against directors if an acceptable timeline to appoint additional diverse directors is provided — an easing of GL’s previous position.

Institutional Shareholder Services (ISS) has one policy change for U.S. markets this year:

  • Executive Compensation: Codifies the case-by-case approach by which ISS analyzes shareholder proposals requiring executive severance agreements and golden parachutes and the key factors used to analyze both types of agreements.


Spotlight: Compensation & Employee Upskilling Under Close Scrutiny

Shareholders seek more transparency into the relationship between C-Suite compensation and financial performance. Faced with continuing investor demand for insight, boards should remain thoughtful about how they design executive and board pay packages and communicate the link between pay practices and achieving business goals. Additionally, the SEC’s disclosure rules — such as pay versus performance — are pushing board compensation committees to enhance executive pay disclosure.

Similarly, as the SEC contemplates additional human capital management regulation, shareholders are demanding more information on pay equity, worker protection and development, and other people-specific metrics. The wave of labor strikes in 2023, which stalled several core industries for months on end, reflects a broader paradigm shift toward companies and senior leadership as stewards of their employees. These disputes – along with the establishment of formidable new unions in education, hospitality, and healthcare – are also a sign that fair compensation and adequate benefits remain material to the labor force, particularly in uncertain economic times.

Meanwhile, companies’ talent recruitment and retention issues persist: As skillset needs change in line with industry evolution and technological advancements, companies are falling short in explaining how they are developing their employees to prepare for or overcome these changes. Shareholders will expect to see a link between growth strategies and the organization’s efforts to enable and unlock critical talent, along with fair pay, adequate benefits, and safe working conditions.

Diversity, equity, and inclusion (DEI) proposals were less popular in 2023, and recent Supreme Court decisions that found universities’ affirmative action programs discriminatory may have further complicated DEI efforts. However, shareholders infuse capital into organizations with leaders they have confidence in. So, they pay close attention to how the board and leadership team build out their future leadership pipeline both to support diverse ideas and drive performance. Boards should be asking management key questions:

  • Where are we sourcing new directors, leaders, and employees, and are they able to support our corporate strategy?
  • Are we providing our employees equitable opportunities to grow as leaders?
  • What does our support and development pipeline look like for professionals at all levels?


Conclusion

The coalescence of supply chain disruption, high inflation, lofty interest rates, and a looming recession requires the board and management team to narrow in on fiscally responsible priorities while balancing long-term strategic objectives. Shareholders’ close attention to material cybersecurity risks, climate change, executive compensation and performance, and board composition will likely define the 2024 shareholder meeting and proxy season. Facing complex evolving and legacy risks, shareholders are looking to boards not only for confidence in the resilience of their respective organizations but also as the paragon of prudent, forward-looking corporate governance. Amid all these changes, the board must remain the stronghold, fulfilling its duty to support value creation, communicate transparently with shareholders, govern organizational controls, and oversee management’s approach to identifying and managing risk.

The SEC has postponed its issuance of a final climate-related disclosure rule until April 2024 at the earliest, per the most recent SEC Reg Flex rulemaking agenda.

2 Read more about public company boards’ view on shareholder activism in BDO’s new report, What Directors Think: Governing in the Age of Disruption, launched in partnership with Corporate Board Member and Diligent Institute.