9 minute read 24 Feb 2022
Ice climber canoeing narrow canyons

How financial services boards provide effective challenge

Bill Hobbs
By Bill Hobbs

Managing Director, Financial Services Consulting and Center for Board Matters, Ernst & Young LLP

Client-centric leader finely attuned to detail. Influencer of transformational change. Champion of rising stars. Community servant and youth mentor. Outdoor enthusiast. Husband. Father of five.

9 minute read 24 Feb 2022
Related topics Financial Services Risk
Upvote

Show resources

There has been much discussion in financial services about “effective challenge” by boards of directors over the last decade. But how do boards exhibit such behavior and have it resonate throughout the whole organization?

In brief:

  • Financial services regulators have increasingly put the onus on boards to exhibit and document effective challenge over management.
  • The reality is most boardroom challenge is not that easy to observe and not well documented to be “on the record.”
  • Effective challenge is part of  a broader organizational risk culture, not just something for boards.

A risk management concept that has migrated into the boardroom

The original use of the term “effective challenge” in the financial services regulatory community focused on risk management (versus board-level) matters. It still remains a concept deeply entwined with the three-lines-of-defense risk management model, especially as it relates to second-line effective challenge of the first line (e.g., the business lines and key support functions, such as technology and operations).

However, effective challenge has increasingly become synonymous with board effectiveness. A board oversees strategy, hires the CEO, oversees corporate performance and risk management, and so on. But above all, the board holds management to account for achieving the organization’s long-term strategy in line with its purpose, mission and values, and within the bounds set out in the board-approved risk appetite. It does so by credibly and effectively challenging management’s decision-making and performance.

Supervisory guidance has shifted in recent years to outline expectations more explicitly for effective challenge. For example, in its 2014 paper on risk culture, the Financial Stability Board (FSB) made their expectations explicit regarding board challenge of risk and strategy:

“The board and senior management have clear views on the business lines considered to pose the greatest challenges in the management of risk, such as business lines with unexpected or unexplained results or business lines with nonfinancial risks that may not necessarily lend themselves to immediate and easy quantification, and these are subject to constructive and credible challenge about the risk-return balance.”¹

More recently, in 2021, the U.S. Federal Reserve Board (FRB) issued guidance on attributes of board effectiveness that provided a window into the evolving regulatory expectations:

“To facilitate accountability, an effective board engages senior management in a variety of ways … Directors consider whether and how senior management's conclusions and recommendations align and support the firm's strategy and risk appetite. If weaknesses or gaps are identified, the information provided is incomplete, or as otherwise warranted, directors challenge senior management's assessments and recommendations.”²

There is no one-size-fits-all for board effective challenge

Board approval for material decisions that would significantly impact the organization’s risk profile is a key starting point for where challenge is most required. This can relate to acquisitions, aggregate credit exposures and limits, and new products and services, as well as major technology or risk management transformations.

However, boards provide effective challenge across a range of topics, not just those requiring formal approvals. Effective challenge often creates important, but imperceptible, change. For example, management may decide or shape its thinking, or choose an alternative sequence of decisions or discussions, simply on the basis of how they expect their board to react. The changes made by management as a result of board challenge or questioning may be subtle but material in the aggregate.

In practice, governance is complex. The board (and its committees) has to challenge management across a range of matters, from strategic to tactical, and business-as-usual matters and differing modes of governance are required, as shown in Table 1.
 

How EY can help

Financial services risk management

We provide risk management and regulatory services to the insurance, asset management, energy, corporate treasury and banking sectors.

Read more

Table 1: Modes of effective challenge by type of issue

Tactical: Matters that are mainly day-to-day management decisions, but where board challenge and advice will sharpen execution

Ongoing organization maturation: Matters that are typically linked to ongoing efforts to mature functional or executional capabilities, in line with industry practice and regulatory expectations

Strategic: Matters that are long-term or highly significant where ongoing board challenge, approval and advice is essential

Board wants to understand:

  • Management’s recommendation(s)
  • Logic behind management’s recommendation(s) (e.g., underlying assumptions, pros and cons)
  • Key risks and issues to be monitored and reported on, e.g., financial, executional and reputational risks
  • Understanding of peers’ actions

Topics lend themselves to management seeking guidance and advice from board members (in meetings or outside), given their own experiences.

Board wants to assess:

  • Quality, staging and progress in achieving enhancement plan(s)
  • Potential approach to address implementation challenges
  • Resourcing of plans
  • Pace of change and quality of change management
  • Alignment with industry practice and regulatory expectations

 

Board expects management to engage them across the life cycle of the decision-making process:

  • Initial issues (no recommendation(s))
  • Dialogue on options (no recommendation(s), pros and cons of options)
  • Chosen option (management’s recommendation(s), articulation of risks and issues to be monitored through execution)
  • Ongoing board and committee oversight

Board members will provide both challenge and advice – and, when relevant, approval – across the life cycle.

Minimizing factors that inhibit boardroom dialogue effective challenge

Setting the necessary conditions for effective challenge isn’t easy. It calls for credible, knowledgeable and confident directors; mature, transparent and open management; strong board and management relations, based on mutual respect and trust; and disciplined governance and decision-making processes (including effective meeting preparation, minute-taking, and follow-up on actions).

Arguably, the most important constraints to effective challenge relate to ineffective agenda-setting (too much is crammed into every meeting) and meeting management (even if the agenda is well planned and timed before the meeting, agenda items in the first half of the meeting take too much time, so the second half gets rushed or pushed to the subsequent meeting). There is often not enough distinction between critical and information-only items, in practice. Board and committee chairs have to play an essential role in making sure the agenda is realistic as well as driving meeting dialogue in line with the planned agenda.

Table 2 highlights some additional factors that constrain the quality of board and management discussion and, therefore, effective challenge.
 

Table 2: Factors inhibiting effective board and management discussion

Board-management dynamics and relations

Governance mechanics
  • Board could have questions that cross into management’s role.
  • Executives can appear defensive when challenged.
  • Management too often presents options, not recommended course(s) of action.
  • Management brings issues to the board too early or that are immaterial.
  • There is too much presentation at meetings and not enough substantive dialogue.
  • Discussions can get off track, leading to superficial dialogue of planned and critical agenda items.
  • There can be voluminous, stale, incomplete or inaccurate reporting.
  • Regulatory and onsite supervisory pressures to “inform the board” can mean that management brings unnecessary details to the board.
  • Too many board and committee meetings can make it difficult for management to produce timely, insightful reporting – and a tight meeting cycle can constrain chair and executive dialogue about draft agendas and meeting materials.
  • Director knowledge of sector, strategy and business model and relevant domain areas (e.g., accounting and finance, risk management) can be limited.

 

 

Some of these factors illustrate information flows from management to the board are a critical component of board challenge, so it is not surprising that more firms are revisiting their reporting to the board (especially on risk matters) and planning or making significant enhancements. See NextWave of financial services board risk reporting | EY - US.

Evidencing director challenge

Even when the quality of director questioning and management responses is high, meeting minutes rarely capture it well. Minutes may show what was discussed, but they don’t capture how well the board or committee chair managed the meeting, enabled inclusive and effective board and management dialogue, and kept the meeting focused on the most important matters. Similarly, directors and executive discussions between meetings can be frequent and have a material impact on management decisions or meeting agendas, but few such interactions are documented, if any.

Increasingly, financial institutions are revisiting how they document challenge, especially in minutes, with more specific efforts to memorialize when the board or committee requested an additional explanation, analysis or information; further presentations or discussions at subsequent meetings; or a delay to board (or committee) approvals. It doesn’t mean all challenge is documented, but it provides evidence for when regulators, or other stakeholders (e.g., internal audit), seek to evaluate the firm’s corporate governance.

Effective challenge is an organization-wide expectation

In its risk culture paper, the FSB highlighted the board has an important role in not only providing the effective challenge of management, but in modeling this behavior for others. It identified a number of ways effective challenge stems from the board of directors but spans the entire organization (emphasis added):

  • Tone at the top: “The board and senior management, consistently within their specific roles and responsibilities, promote through behaviors, actions and words, a risk culture that expects integrity and a sound approach to risk management as well as promotes an open exchange of views, challenge and debate. The board and senior management promote healthy skepticism that encourages and supports openness to challenge by providing alternate points of view that may result in a better decision, ensuring that all directors have the tools, resources and information to carry out their roles effectively, particularly their challenge function.”
  • Effective communication and challenge: “A sound risk culture promotes an environment of open communication and effective challenge in which decision-making processes encourage a range of views; allow for testing of current practices; stimulate a positive, critical attitude among employees; and promote an environment of open and constructive engagement.”
  • Open to alternate views: “Mechanisms are in place so that alternate views can be expressed in practice, as well as regular assessments of the openness to robust challenge at all layers of governance and how it is embedded within the decision-making process … Evidence of a culture that is open to challenge is often reflected in decision-making processes as well as broader interactions and processes.”

Challenge, balanced with support

Directors have to strike the right balance between providing effective challenge of management and building rapport with, and supporting, management. The board oversees the management team and is vested in them being a success, for the sake of all stakeholders. So, while the board must show its independence in challenging management, it must do so in a way to drive better decision-making at the management level and motivate management to succeed.

In the end, a challenging, but supportive, relationship between the board and management is what really drives board effectiveness and oversight.

  • Show references# Hide references

    ¹ “Guidance on Supervisory Interaction with Financial Institutions on Risk Culture: A Framework for Assessing Risk Culture,” FSB websitewww.fsb.org/wp-content/uploads/140407.pdf, April 2014.

    ² “SR 21-3 / CA 21-1 attachment: Supervisory Guidance for Boards of Directors of Domestic Bank and Savings and Loan Holding Companies with Total Consolidated Assets of $100 Billion or More (Excluding Intermediate Holding Companies of Foreign Banking Organizations Established Pursuant to the Federal Reserve’s Regulation YY) and Systemically Important Nonbank Financial Companies Designated by the Financial Stability Oversight Council for Supervision by the Federal Reserve,” FRB websitewww.federalreserve.gov/supervisionreg/srletters/SR2103a1.pdf, February 2021.

Summary

Effective challenge by the board is essential. Directors need to provide the insightful and credible challenge of management. Still, the challenge is that most such challenge is imperceptible, come in different forms depending on the topic being discussed and is difficult to document. In any case, effective challenge is part of a broader firmwide risk culture, not just something that is for the boardroom.

About this article

Bill Hobbs
By Bill Hobbs

Managing Director, Financial Services Consulting and Center for Board Matters, Ernst & Young LLP

Client-centric leader finely attuned to detail. Influencer of transformational change. Champion of rising stars. Community servant and youth mentor. Outdoor enthusiast. Husband. Father of five.

Related topics Financial Services Risk
Upvote