Top priorities for European boards in 2017

  • Share

For corporate boards across Europe, 2016 proved to be a challenging year. In particular, large European companies have had to deal with issues such as market volatility, sluggish economic growth, competition from new and unexpected areas, more complex – and therefore more demanding – regulation and, last but not least, increasing geopolitical uncertainty.

In such circumstances, there could be a temptation to focus on addressing the immediate risks and leave long-term strategic thinking for a quieter moment. In reality, such moments rarely happen. By the time you’ve waited for one to appear, your competitors may have already gained a competitive advantage that will be difficult – or even impossible – to claw back in the future.

Consequently, boards, as well as audit committees, should take time to reflect on their priorities, and those of their organization, for the months and years ahead. They should also give considerable thought to how they can insulate their company against risks that might endanger long-term success and continued viability. To stay ahead of the competition, it’s important to focus on innovation.

In this latest publication for board members, we set out what we consider to be the top priorities in 2017 for board members. We have considered geopolitical risks, regulatory change - such as tax and the EU audit reform - digitalization and its business impact, corporate compliance and culture and associated reputational issues, talent management, corporate social responsibility and, increasingly of importance, investor relations.

Our suggested priorities do not appear in order of importance and will not be of equal relevance to every board, or indeed, every organization. However, we believe they encompass all the issues that should be high on the agenda of all boards, regardless of their structure. In addition, we have provided a list of key questions for board members to consider in relation to each priority.

We hope that this will offer food for thought when planning your personal and corporate agenda for the coming – and without doubt challenging – year.

  • Geopolitical risks

    Geopolitical risks have always existed. However, increasing globalization means that problems can spread more quickly from one region of the world to another than in the past.
    Despite the fact that both society and business profit in many ways from globalization, new risks have also emerged. The compression of time and distance means that countries are more rapidly, and more deeply, exposed to geopolitical risks and their effects than ever before.

    Geopolitical risks are closely linked and overlap with environmental, technological, societal and economic risks. According to the Global Risks Report 2016, produced by the World Economic Forum, three of the five greatest global risks for the next 18 months are geopolitical:

    • State collapse or crisis
    • Interstate conflict
    • Failure of national governance

    The events surrounding Brexit and the Italian constitutional reform referendum clearly show the interdependence of the EU states in terms of both domestic and foreign policy. In particular, they demonstrate the knock-on effects of decisions made by sovereign states acting in their own national interests. It is conceivable that such decisions will have a lasting effect on the political, social and economic constitution of the EU and will make its decision-making processes with regard to major European political issues, such as the refugee crisis, that much more complex. In addition, there is the still unresolved crisis in the Eurozone and the associated political challenges within the immediate EU community.

    The continuing conflict in Syria and in Iraq, and the looming threat of famine in Africa, will greatly increase the pressure on Europe in terms of immigration flows. This problem is aggravated by the continuing uncertainty surrounding the political future of Turkey and its position as regards the EU and North Atlantic Treaty Organization.

    Furthermore, if the current unpredictability surrounding Russian foreign policy increases, it will have a destabilizing effect on the EU states in the east of the continent. The result of the US election and the new political “unknowns” have led to greater uncertainties that could have potentially global ramifications – both political and economic. Taking this into account, the role of China must be reevaluated.

    Longer-term political and economic consequences will therefore be harder to predict. These include, among others, the effects on business models, sales markets and supply chains. One thing is, however, certain: the momentum of the geopolitical crisis will continue.

    Nevertheless, there are various ways of dealing with these uncertainties: boards have numerous tools at their disposal to sustainably increase the resilience of the organization. Some businesses and their managements may view these changes as a challenge, but others will see an opportunity.

    Related resource

    The World Economic Forum Global Risks Report 2016

    Five key questions for boards:

    • Have you identified the geopolitical risks that could affect your business model, your business strategy or your supply chain?
    • Which risk management strategies have you already put in place?
    • Could you increase the resilience of your business through digitalization?
    • In a volatile environment, how are you using CSR to strengthen the business?
    • How will you transform your corporate culture to ensure the sustainability of your business?
  • Digital transformation

    Many companies are facing the sweeping effects of digitalization which, through exponentially increasing connectivity and quantities of data, has generated a “Fourth Industrial Revolution.” Technologies such as artificial intelligence, unfettered internet access, additive manufacturing, predictive data analytics and blockchains are already revolutionizing entire industries. Meanwhile, the customer is increasingly empowered by better information and through social media. The factors have triggered a market upheaval of previously unknown dimensions, unfolding at a pace that shows no signs of abating.

    Corporate leaders are searching for the best way to deal with these challenges:

    • How can current levels of business be maintained and additional business be generated against the background of digital transformation?
    • Is this possible within the current business structure?
    • Which changes (cultural, strategic, organizational, technological) are necessary to ensure the continued success of the business?

    It is important that the board understands both the risks and the rewards for the organization that result from this fourth Industrial Revolution. This is critical for the successful monitoring of digital transformation. It is also the responsibility of the board to ensure continued development and appropriate oversight of the corporate digital strategy: the increasingly empowered customer must take center stage here. The board can assist in achieving a balance between the old business model and the new one. Here, timing is everything: digital transformation projects should be in place even if the business has not yet experienced market upheaval. This will help guard against risks such as loss of market share or tightening margins.

    Supervisory boards should have a planning horizon of 5-10 years in their sights and be prepared to challenge the executive as to the strategic direction of the organization. Technologies develop at a rapid rate and management should work with the board to adapt business strategy and introduce new working practices at a similarly rapid pace.

    Digitalization brings with it inherent dangers such as cyber attacks and threats to data protection, which affected governments and companies in equal measure in 2016. Data theft is growing, as is the threat from denial-of-service attacks, malware and ransomware (cyber blackmail that restricts access to computers). Cybersecurity is critical for survival. The board must ensure the management minimizes cyber risk as far as possible. Cyber risks should be an essential part of the risk map in every company these days.

    Equally important is the recruitment of the right personnel for successful digital transformation. Yesterday’s management is not necessarily the best match for tomorrow’s world. Boards should consider whether more flexible compensation models would be more effective in encouraging corporate spirit and innovation, or whether acquisitions are necessary to broaden the digital competences within the organization.

    Board members must have the tools necessary to oversee the implementation and success of a digital strategy. Metrics that reflect the transformation universe are often difficult to define; there are, however, useful indicators such as the number of digital transactions and their value, the costs of digital marketing and the returns, and the number of employees involved in digital projects. The more integrated the digitalization process becomes, the more sophisticated the monitoring metrics will be.

    The board must also look at its own structure and consider the potential advantages of including IT-literate colleagues (on the technology committee, for example), and weigh up the costs and benefits of bringing in further expertise from both internal and external sources.

    Related resource

    ViewPoints: digitalization, disruptive innovation and the board

    Five key questions for boards:

    • Do you know if and when your current business model may be affected?
    • Have you considered what business strategy is appropriate for your company in a digital world?
    • What are the opportunities and threats that digitalization creates for your company?
    • What are the benefits of acquiring digital expertise through a transaction? How can the board ensure the successful integration of an acquired asset with a different corporate culture?
    • Does your board have a designated digital expert who focuses on technology issues?
  • EU audit reform

    The EU audit legislation that came into effect in June 2016 introduces far-reaching changes for public interest entities (PIEs). Boards and, more especially, audit committees of PIEs (and of the parent companies or subsidiaries of PIEs) need to be fully aware of their new responsibilities.

    One of the most important initiatives introduced under Directive 2014/56/EU and Regulation (EU) 537/2014 is mandatory audit firm rotation. All PIEs in the EU must replace their auditor after a maximum period of 10 years, although an extension through tender of a further 10 years is possible (or 14 years in the case of a joint audit).

    A second important change is with regard to nonaudit services which, according to the new regulations, must be approved by the audit committee. In addition, there are new conditions concerning these nonaudit services: the catalog of services that the auditor cannot provide has been updated.

    There is also a cap on the fees for nonaudit services, which is set at 70% of the average audit fee charged to a PIE, its parent company or its subsidiaries, on a rolling three-year basis.

    EU Member States have some optional rights e.g., regarding external auditor rotation and nonaudit services, which has led to a patchwork of varied sovereign state requirements. Boards need to be aware of the national choices made and differing approaches in those Member States where the PIE, or any of its subsidiaries, operates.

    PIEs with a single-tier corporate governance framework must establish an audit committee: the supervisory board can take on this responsibility in a two-tier governance structure. Individual Member States can exempt certain PIEs from these requirements, but it is also possible that some groups of companies may be required to establish more than one audit committee. If this is the case, audit committees must be coordinated in a way that avoids duplication of effort but ensures that all legal requirements, such as monitoring the independence of the external auditor, are fulfilled. This means that nonaudit services that are permissible must be approved in advance by the audit committee. Guidelines must be put in place across the group that align these preapproval processes.

    In many Member States, the new legal requirements regarding audit committees are already best practice. However, there are other Member States where audit committees must make profound changes to their current working practices to comply with these EU reforms.

    This is of particular importance because the EU authorities responsible for supervising and reporting on the auditing industry will also have to assess and report on the activities of the audit committees of PIEs – with an eye on the way that they monitor the quality of external audit, the independence of the auditor and the choice of external auditors. The new regulations also include sanctions to address situations where members of audit committees and boards of PIEs are demonstrated not to have met their responsibilities.

    Related resource

    EU audit legislation: implications for audit committees

    Five key questions for boards:

    • Do you know how many PIEs there are in your group structure?
    • Do you have an overview of the implementation of the EU reforms in the EU Member States in which your organization operates?
    • Are you familiar with the particular external auditor rotation requirements for your organization or your group?
    • Do you have processes in place to monitor the fees paid for nonaudit services provided by your external auditor for your PIE and its subsidiaries?
    • Have you put in place an independence policy for nonaudit services provided by your external auditor, as well as a preapproval process that is standardized across the group?
  • Tax risk

    Compliance with tax law and the uncertainties arising from initiatives of the Organisation for Economic Co-operation and Development (OECD), the EU and numerous sovereign states with respect to group cross-border profit transfer are proving to be an ever-increasing problem. At the same time, there is rising public awareness and debate surrounding the tax policies of international groups, which shows no sign of abating. Globally active organizations and their boards are coming under pressure, since these tax conflicts and the unwelcome media headlines can have negative effects. These reputational risks are a deciding factor as to which financials should be made public.

    New regulations are increasingly of a global nature, such as the Base Erosion and Profit Shifting (BEPS) initiative of the OECD and the G20 for the prevention of profit transfer. The BEPS project includes an action plan containing 15 wide-reaching measures. For example, it is envisaged that businesses with a turnover of at least €750m will be obliged to produce a local financial report for each of the countries in which they operate. These overviews will then be provided to all local tax authorities, a system referred to as country-by-country reporting. The EU is also proposing an obligation to publish these local EU overviews on the internet. The fiscal authorities would, by this means, achieve enormous transparency regarding the value chain of the business and its worldwide profit distribution.

    In addition, the EU will be clamping down on competition between different tax jurisdictions. As of 2016, EU Member States must exchange information about binding agreements or “rulings” made with individual organizations. The EU commission is investigating whether such agreements constitute illegal state aid or can be regarded as such, and has already reached a decision in a significant number of cases. The EU commission wants to reclaim the tax advantages gained from these companies going back as much as 10 years. Enormous financial and reputational risks are the result.

    It is important that these organizations put the necessary processes and structures in place to ensure that appropriate tax decisions are made on a group-wide basis and that compliance with tax obligations is universal.

    Boards must also be aware of the tax strategy of their organization and the tax risks facing it. Only then can they decide if the organization can meet future challenges with the existing infrastructure and resources, and whether it is suitably protected from unwelcome financial and reputational risks. Since tax compliance obligations are becoming more and more comprehensive, it may be necessary to equip the tax department with both additional expertise and more sophisticated IT systems. Digital technologies may assist in eliminating sources of error and enable risk to be identified more quickly.

    Boards must also ensure that their organizations build good relationships with local tax authorities, to avoid uncertainties over interpretation of tax treatments and resolve areas of conflict more swiftly.

    The requirements for more transparency will not diminish and the complexity of the regulatory regime will only increase – as will the uncertainties that this brings. That tax will be a point on the agenda of the board is therefore unavoidable.

    Related resource

    Tax risk and the audit committee

    Five key questions for boards:

    • What is the tax strategy for the organization and what parameters underpin that strategy?
    • In which countries has the company agreed rulings?
    • Is your tax division adequately resourced in terms of personnel and fixed assets?
    • Are there clear policies and processes in place in the tax function?
    • Are you certain that the tax department is involved in important decisions made by other areas of the organization?
  • Corporate compliance and culture

    Corporate compliance is an essential element of good governance and is already a priority for the board, in terms of both the strategy and the sustainable development of the organization. Standards, laws and stakeholders expect compliance risks to be actively managed and minimized to protect the reputation of the organization.

    Unfortunately, many organizations react only when transgressions are uncovered or new regulatory requirements arise. This results in ill-thought-out actions and makes the implementation process difficult. Corporate compliance should be appropriate and sustainable, through proactive management of values and integrity.

    For most people, corporate compliance is understood as a set of binding requirements, such as laws and regulations, as well as voluntary, company-specific requirements, such as policies, guidelines, and public and contractual obligations. Typical areas of risk within the organization are anti-corruption, monopolies and competition; data protection and security; exports and sanctions; and other industry-specific risks.

    In order to actively manage these risks, companies will set up a compliance management system (CMS). This is not only to actively prevent potential misconduct regarding the values or core risks of the organization, but also to deal with violations. The CMS should add value to the organization and help with early identification of risks and their reduction over the long term. It should also demonstrate that there is no place for misconduct within the organization.

    A compliance misdemeanor can be very disruptive; an ongoing investigation can have negative effects on the day-to-day running of the business. Trust in management and control functions diminishes: there can be drastic financial penalties and the company’s reputation can suffer long-term damage. Supervisory bodies, investors and the media often demand proof that the board asked the right questions to ensure that the CMS was monitored on a regular basis.

    For an organization to be sustainable in the long term, the compliance function must not be neglected. Boards must ensure that the structure of the organization, its employees, its processes and its control mechanisms are effective in uncovering violations and reducing their number, and that compliance is embedded in the daily decision-making process.

    Even more important is the organizational culture and integrity. The behavior of every single employee regarding the culture, norms and values of the organization contributes to compliance. Of course, the “tone from the top” plays a very special role; only with serious support from the management can a compliance culture come alive. Supervisory authorities are increasing reporting that the culture and integrity of the organization are the cornerstones of sustainable business and make compliance effective. Boards should therefore strengthen the organization through behavioral norms, efficient governance and integrity, and, above all, by setting a good example.

    A CMS is clearly not only about reducing risk: it also couples prevention with corporate values and leads to a sustainable competitive advantage. Those organizations that can prove they take compliance seriously and demonstrate “clean” business practices to their business partners can magnify these effects. In addition, effective integrity management within the organization leads to a healthy understanding of risks and processes which, in turn, leads to more transparent and efficient business practices.

    Finally, it is important that board members are always aware of regulatory changes. In 2017, this will include the Fourth Anti-Money Laundering Directive, which should come into force in June, as well as the EU’s directives on audit reform and on the reporting of nonfinancial information. Companies must determine whether their programs, structures, people, processes and controls effectively prevent and detect noncompliance, and whether they are embedded in day-to-day decision-making.

    Related resource

    ViewPoints: board oversight of corporate culture

    Five key questions for boards:

    • Does your personal behavior and that of the board demonstrate to employees that effective compliance and integrity are vital elements for the success of the business?
    • Do you have a culture of open communication?
    • How has a CMS been implemented, and what resources are available in this function within the organization?
    • Has the CMS been effectively implemented and embedded in the organization?
    • Does the organization investigate compliance failures and take the necessary preventative measures?
  • Talent management

    Boards play a significant role in talent management in many respects, and important tasks lie ahead in 2017.

    Firstly, boards must ensure that their own membership possesses all the skills necessary for it to function properly. Secondly, succession plans must be in place for the CEO and other members of the board. Thirdly, boards have an important role in overseeing not only the recruitment and retention of senior managers, but also personnel development policies at all levels of the organization. Finally, there should be agreement within the board regarding upcoming new placements, in respect of both timing and personnel.

    One of the most important responsibilities of the board is succession planning for the CEO and CFO. Careful planning can help to avoid conflict when strategy is approved, minimize the effects on stock prices and prevent significant business disruption. It also reduces uncertainty, strengthens investor confidence and improves employee motivation. Developing a long-term succession plan, in particular for the post of CEO, is very important and must be addressed regularly, irrespective of the health or tenure of the current CEO. Continually updating the personnel plan lessens the risk of a company being damaged by an unplanned leadership vacuum.

    Issues such as the board’s inability to regenerate itself and slow progress in bringing women onto the board cause investors to question whether the board is sufficiently independent, whether mindsets are sufficiently different in discussions, and whether fresh debate and points of view are adequately encouraged. A regular, transparent and systematic efficiency audit should guarantee the independence, suitability and performance of board members. This should not only review gender, race and age, but also mindsets, ability and experience. Efficient boards find a balance between the viewpoints of long-serving members and the expectations of new ones. With the right constitution, a board is better able to recognize and monitor current and potential risks, and to stimulate new ideas. Effective planning of the structure of the board can act as a defense against aggressive investors, who may try to exploit apparent weaknesses in its makeup.

    Board members also play an important role in safeguarding the talent strategy of the organization. They should give thought to its age profile and be prepared for change at all levels. To meet the many new challenges and opportunities facing it, the business should have a program to identify suitably talented individuals for training and retention purposes.

    Despite this, many boards clearly continue to find talent management a challenge. Mistakes in the assessment and control of personnel risk and personnel issues have a negative impact on both strategy and value creation. Boards should be kept closely informed about the measures in place for the development and promotion of senior management, reassure themselves as to what talent pools are being built within the organization and consider how to guarantee that – in the face of upstream risk, globalization and technical innovation – senior management positions are appropriately filled.

    Related resource

    International board composition trends

    Five key questions for boards:

    • What oversight responsibilities does the board have with respect to talent management within the organization?
    • Are long-term and emergency executive succession plans in place and regularly updated?
    • Does the board have an appropriately diverse membership and a composition map in place in terms of gender, race, age, experience and outlook?
    • Does the board encourage challenge, or is there a culture of groupthink?
    • If there is a nomination committee in place, how effectively does it operate?
  • Corporate social responsibility

    Corporate social responsibility (CSR) – defined by the European Commission (EC) as “the responsibility of enterprises for their impact on society” – appears to be moving from a voluntary code to a mandatory requirement. This is evidenced by the EU’s directive on nonfinancial and diversity information, which comes into force in January 2017, and will be important for boards of public companies that have reporting requirements.

    EU Directive 2014/95 requires PIEs with an average of 500 or more employees to disclose a variety of information in a nonfinancial statement. It is likely to affect around 6,000 companies and groups across the EU.

    The information requirement includes environmental-, social- and employee-related issues, as well as measures undertaken with respect to human rights and the fight against corruption and bribery. Companies affected by these requirements are obliged to disclose the diversity policy for their administrative, management and supervisory bodies.

    This should not come as too much of a surprise. Thanks to the impact of globalization, fears about climate change and demands for greater sustainability, CSR has taken center stage in organizations. Readers of financial reports want to see how the business generates value. According to the directive, the disclosure of nonfinancial information serves to “strengthen investor and consumer trust.”

    The EU is not, however, the only organization pressing for change: the Task Force on Climate-Related Financial Disclosures, convened by the Financial Stability Board, has developed a voluntary program that was initiated by industry itself. In December 2016, it produced recommendations for standard reports for climate-related financial risks which companies can use in their reporting to investors, creditors and insurers.

    There are also other initiatives: many organizations already disclose such information within the framework of international and European guidelines. Among these are the UN Global Compact, the OECD guidelines for multinational groups, ISO 26000, the guidelines issued by the Global Reporting Initiative and the framework concept of the International Integrated Reporting Council.

    Companies taking part in these initiatives are probably already complying with the EU directive. However, the EC’s own impact assessment suggests that 94% of large EU companies either fail completely to disclose nonfinancial information or do so inadequately. Many of these enterprises are now facing a resource-intensive program of data gathering and processing in order to fulfill the disclosure requirements.

    Board members would do well to keep CSR near the top of their agenda for 2017 and beyond. It affects not only the CFO, but also members of the audit committee, because they are responsible for monitoring the integrity of financial statements.

    Five key questions for boards:

    • Do you know how the EU directive on nonfinancial information has been implemented in your country?
    • Are you collecting and updating the relevant data, and have you prepared the appropriate disclosures?
    • Does the board set nonfinancial KPIs as a goal for the executive management, and is this reflected in the remuneration plan?
    • Do you understand your responsibilities with regard to the disclosure of nonfinancial information?
    • Is your diversity policy appropriate?
  • Investor relations

    Historically, the executive management frequently met with investors during the year. Nonexecutives, however, generally only interacted with investors at the annual general meeting (AGM).

    Since the financial crisis, the investor relations landscape has changed markedly. Regulators are now encouraging institutional investors to play their part in achieving good corporate governance and to take a broader approach, above and beyond their own financial interests, by actively engaging with the company. Consequently, an increasing number of stewardship codes have been introduced into the world of corporate governance, most prominently in the UK.

    This is further supported by the proposed amendment to the EU Shareholder Rights Directive, which would make it easier for institutional investors to take an active role in an organization, especially regarding the appropriate supervision of the companies within the European jurisdiction in which they have invested. Such a dialogue should lead to more transparency and mutual trust.

    To fulfill their fiduciary role, institutional investors must, in future, engage not only with the management board, but also with the supervisory board (as the central supervisory body in a two-tier governance system), or with the chair of the audit committee in a single-tier system. The latter are the appropriate contacts in matters such as board recruitment, supervision and similar issues that fall exclusively within the responsibilities of the supervisory body.

    Every discussion with investors is a challenge for the business. It is particularly important that everyone in the organization – especially the board – speaks with a single voice and respects the rights of others to communicate. Everyone concerned should pay particular attention to matters such as the state of the business, details of strategy and the progress made in implementing it. These are areas that primarily fall within the responsibilities of the executive management.

    It is strongly recommended that the company establishes clear communication guidelines. These should set out in detail when and how discussions between investors and boards should take place. This protects the board, while at the same time making the framework for such discussions clear to investors. This is particularly important in countries that have dual-tier board systems and where the management board has the primary responsibility for external communication.

    Boards should expect increased pressure and requests for meetings from institutional investors in 2017. This is because investors are convinced that this will mean they can better understand their oversight responsibilities. On the other hand, members of boards also benefit from a better and more trusting relationship with investors, since in a dialogue with them they get to know first-hand what their expectations are. At the same time, the board member gets the opportunity to promote company-specific solutions to governance issues. Investor relations and how they are handled should be high on the agenda of boards.

    Five key questions for boards:

    • Does the board have a sufficiently open and trusting relationship with investors to enable all subjects to be broached?
    • Do you know who the top 10 investors in the organization are?
    • Are some of the investors fairly aggressive? If the answer is yes, do you know their concerns and do you have an action plan?
    • Has the company’s investor relations team established communication guidelines and processes for an open and honest dialogue with investors?
    • Have you considered introducing discussions between the chairman of the board and investors?