Download PDF Version
Every year, the responsibilities of corporate directors at publicly traded companies seem to grow greater. Dealing with the most recent regulatory changes, assessing the impact of financial reporting requirements, managing executive compensation and being ever vigilant to the growing threat of cyber-attacks are just a few of the issues that boards need to manage in 2016.
The BDO Board Survey, conducted annually by the Corporate Governance Practice of BDO USA, was created to act as a barometer to measure the attitudes of public company directors on these and other governance issues. The 2016 BDO Board Survey, conducted in September of 2016, examines the opinions of 160 corporate directors of public company boards.
This year’s study reveals that directors are in favor of proactively addressing the issue of ‘overboarding’ by placing limits on the total number of boards on which a director may serve. They are increasingly frustrated with the growing number of disclosures in financial statements, but recognize disclosures about complex audit matters are meaningful to investors and they seem to find the use of non-GAAP disclosures helpful. In general, board members are not in favor of communicating with institutional shareholders about incentive pay packages, but those boards that are communicating with shareholders feel it has had a positive impact on their investor relations. Cybersecurity continues to take up more and more of board members’ time, as directors report year-over-year progress in cyber-attack prevention strategies and contingency planning for cyber breaches.
“The 2016 BDO Board Survey reveals frustration among boards with the growing number of disclosures in financial statements today, though they clearly see use for non-GAAP metrics - especially with regard to executive compensation calculations,” said Amy Rojik, Partner in the Corporate Governance Practice at BDO USA. “Directors are also clearly in favor of setting limits on how many total boards on which a director can serve, but not on the amount of pay they can earn for their service.”
In recent years, directors have seen a major increase in the number of hours required to serve on a public company board. Given this trend, in 2017, proxy advisory firms ISS and Glass Lewis have indicated they will oppose non-executive directors with more than 5 board seats. Interestingly, board members themselves are in favor of more severe limits.
When asked about the issue of “overboarding”, approximately three-quarters (74%) of directors believe corporate boards should proactively limit the number of boards on which a director can serve. Of those in favor of setting limitations, more than three-quarters (79%) would set more severe limits than the proxy advisors. Forty-four percent would set the limit at three boards, more than a quarter (28%) chose four, and less than 10 percent said two (6%) or one (1%). Only nineteen percent of directors agreed with the proxy advisors suggested limit of 5 board seats.
Financial Reporting Disclosures
Seventy percent of board members believe that there are so many disclosures in financial statements today, that it is difficult to decide what information is most important. When asked to identify the most meaningful financial reporting disclosures for investors, approximately half (49%) cited critical audit matters that involve complex judgements on material issues. Non-GAAP financial measures that provide supplemental information on a business’s performance (29%) and how the organization is addressing risk management (19%) were the next most cited as meaningful disclosures.
More than two-thirds (71%) of public company board members believe disclosures regarding the audit committee’s oversight of the external auditor provide value to current and potential shareholders. Alternatively, less than a quarter (24%) of directors believe disclosures regarding sustainability matters (climate change, corporate social responsibility, etc.) are important to investors’ understanding of a company’s business and enabling them to make informed decisions.
Board members were split when asked whether they thought additional guidance from regulators on non-GAAP metrics would be helpful, given the increased use of these measures in financial statements. About half (51%) were in favor of additional guidance, while a similar proportion (49%) saw no need for more regulatory guidance. Of those in favor of additional guidance on non-GAAP measures, close to half (46%) identified EBITDA as the metric that causes them the most concern. Restructuring costs (14%), stock-based compensation (13%) and acquisition integration costs (13%) were areas of concern cited by much smaller minorities of directors.
Two-thirds (67%) of the board members feel auditor involvement would provide higher investor confidence in the reporting of non-GAAP measures, compared to a third (33%) who do not feel it will have an impact.
Despite the popular criticism that non-GAAP or pro forma figures – when used with compensation metrics - can help executives draw bigger pay packages, approximately three-quarters (74%) of directors are opposed to prohibiting the use of non-GAAP measures in executive compensation calculations.
Frequency of Say-on-Pay.
In 2011, the Dodd-Frank Act instituted mandatory “Say-on-Pay” shareholder votes on executive compensation which should be conducted every one, two or three years, as determined by the shareholders. The frequency of these shareholder votes is to be revisited and voted on every six years. In 2017, most public companies will be conducting a new shareholder vote to determine the frequency of Say-on-Pay votes moving forward. This year’s survey reveals that directors see a disconnect between themselves and shareholders on this issue.
Based on their experience over the past six years, a majority (56%) of board members believe the votes should take place every three years, compared to approximately a fifth (19%) preferring two years and a quarter (25%) opting for every year. However, when asked to predict how their shareholders will vote on the frequency of Say-on-Pay votes, half (51%) the directors predicted every year. The remainder were split between every two (22%) and every three (27%) years.
Communicating on Pay.
Forty-one percent of directors do not consider it appropriate to communicate with institutional shareholders regarding incentive pay packages. In contrast, at least one-fifth (22%) of directors say their board or compensation committee does proactively communicate with institutional shareholders on the topic and slightly fewer (18%) indicate they are considering such communications. Interestingly, of the relatively few actively communicating, two-thirds (66%) believe it has positively impacted their investor relations. Only three percent believe it hasn’t. The remainder (31%) weren’t sure.
“Given the growing workload of the typical corporate board, it is understandable that directors would like to limit the frequency of Say-on-Pay votes to every three years. However, since these same board members believe their shareholders will opt for annual votes, it is surprising that so few of the directors say their boards are communicating with institutional shareholders on pay packages,” said Tom Ziemba, a Senior Director in the Compensation and Benefits Practice of BDO USA. “Our experience is that proper, proactive communication with shareholders can yield positive results in communicating the benefits of incentive pay packages. The directors in this survey who are communicating with investors on compensation, corroborate that belief – with two-thirds reporting a positive impact on investor relations and only three percent reporting a negative impact. Moving forward, look for more boards to become proactive in communicating on pay.”
CEO – Median Employee Pay Ratio.
Beginning with 2018 proxies, public companies will be required to disclose the ratio of median employee pay to CEO compensation. This 2018 requirement will report on 2017 compensation. When asked if their boards had begun to take steps to comply with this new requirement, directors were split. Almost half (49%) are familiar with the new requirement but have taken no actions, while better than one-third (37%) are already preparing pay ratio calculations for internal planning purposes – though they will not disclose the ratio prior to the required disclosure date. Relatively few (8%) say they are planning to disclose the pay ratio calculation prior to the mandatory disclosure date. Surprisingly, 6 percent of the directors say they are still unfamiliar with the requirement.
Director Pay Limits?
Recent shareholder lawsuits alleging excessive director pay have put a spotlight on how boards determine their own pay. When asked about the topic, a majority (56%) of board members were opposed to director pay limits, compared to forty-four percent in favor of limits. Of those in favor of limits on director pay, a strong majority (81%) favor total compensation limits versus the remainder (19%) that prefer only equity limits.
When asked which of the two major party presidential candidates would positively impact corporate governance, Donald Trump (25%) received twice the support of Hillary Clinton (12%), but the most popular opinion (54%) of the board members was that neither candidate will have a positive impact.
Approximately three-quarters of public company directors report that their board is more involved with cybersecurity than it was 12 months ago and an even greater percentage say they have increased company investments during the past year to defend against cyber-attacks, with an average budget expansion of 22 percent. This is the third consecutive year that board members have reported increases in time and dollars spent on cybersecurity. The survey also identified improvements in the number of boards with cyber-breach response plans in place (from 45% to 63%). Nevertheless, barely one-quarter are sharing information on cyber-attacks with entities outside of their business – a practice that needs to become more prevalent for the safety of critical infrastructure and national security, particularly at larger organizations.
Public Company Board Members Reveal Positive Trends on Cybersecurity
|Increased Board Involvement
|Increased Cybersecurity Investments
|Documented/Protected Digital assets
|Breach Response Plan in Place
|Third-Party Risk Requirements
|Purchase Cyber Insurance
Better than a fifth (22%) of board members indicate that their company experienced a cyber-breach during the past two years, the exact same percentage as last year (22%) and double the percentage of 2013 (11%). When considering these responses, it is important to note that some companies do not report their breaches and, in other instances, businesses can be unaware that they have been hacked.
Three quarters (74%) of public company board members report that their board is more involved with cybersecurity than it was 12 months ago. The vast majority of directors (88%) are briefed on cybersecurity at least once a year – this includes more than a third (34%) that are briefed quarterly and a similar proportion that are briefed annually (37%). The balance are briefed twice a year (9%) or more often than quarterly (8%). Surprisingly, twelve percent say they are still not briefed at all on cybersecurity.
“Over the past three years, The BDO Board Survey has documented the ascension of cybersecurity up the boardroom agenda. Corporate directors are being briefed more often and are responding with increased budgets to address this critical area,” said Shahryar Shaghaghi, National Leader of Technology Services for BDO Consulting. “The survey also reveals significant vulnerabilities. Although measurable progress has been made from a year ago, less than half of board members report they have both identified and developed solutions to protect their critical digital assets, and an even smaller proportion indicate they have put cyber-risk requirements in place for third-party vendors – a major source of cyber-attacks. Moreover, sharing information gleaned from cyber-attacks is a key to defeating hackers, yet just one-quarter of directors say their company is sharing this information.”
Four-fifths (80%) of board members report that their company has increased investments in cybersecurity during the past 12 months, with an average budget expansion of 22 percent.
When asked about formal risk assessments of their critical digital assets, almost half (45%) of the directors report that they have completed documentation of their business’s critical digital assets and developed solutions to protect them. This represents a significant improvement from 2015 when only one-third (34%) had completed this task. A quarter (25%) of the board members indicate they have identified their critical digital assets, but a solution strategy is still in process.
Close to two-thirds (63%) of corporate directors say their company has a cyber-breach/incident response plan in place, compared to less than a fifth (18%) who do not have a plan or who aren’t sure (19%) whether they had such a plan. Those with plans represent a major improvement from last year when less than half (45%) of directors reported having them.
Forty-three percent of directors say they have cyber-risk requirements that their third-party vendors must meet, a significant increase from 2015 when just over one-third (35%) indicated they had such requirements. This is important progress as third-party vendors are one of the main sources of cyber-attacks.
Better than one-quarter (28%) of board members say their company has purchased cyber-insurance and an additional 13 percent are currently considering purchasing insurance. Eleven percent of the directors say they considered cyber-insurance in the past, but decided against it.
For more information on how boards can be engaging on cybersecurity, refer to BDO practice aid Elevating Cybersecurity to the Board - Questions Boards Should Be Asking
Need More Sharing on Cyber-Attacks
Earlier this year, the White House issued Presidential Policy Directive 41 outlining how businesses can contact relevant federal agencies about cyber incidents they experience. When asked whether they share information they gather from cyber-attacks, only a little more than a quarter (27%) of directors say they share the information externally. A slightly smaller number (24%) say they do not share the information and approximately half (49%) weren’t sure.
Of those sharing information on their cyber-attacks, the vast majority (88%) share with government agencies (FBI, Dept. of Homeland Security), more than a quarter (28%) share with ISAC (Information Sharing & Analysis Centers) and approximately one-fifth (19%) share with competitors.
Global Data Privacy
Just over a quarter (26%) of directors say they are impacted by global data privacy regulations, such as the European Union’s Data Privacy Shield Law, designed to protect the cross border transfer of data.
Do you want to learn more about these and other matters impacting boards?
To learn more about perspectives from BDO’s 2016 Board Survey, register
for the What’s on the Minds of Boards?
webinar being held on November 28, 2016. For more dynamic content relevative to boards, including cybersecurity, executive compensation, financial reporting disclosures, and many other pertinent topics, please visit BDO’s Center for Corporate Governance and Financial Reporting
About The Survey
These are the findings of The 2016 BDO Board Survey, conducted by the Corporate Governance Practice of BDO USA, which examined the opinions of 160 corporate directors of public company boards, with revenues ranging from $250 million to $1 billion, regarding financial reporting and corporate governance issues. The survey was conducted in September of 2016 by Market Measurement, an independent market research firm, on behalf of BDO.
For more information on BDO's Corporate Governance Practice, please contact one of the leaders below: