Throughout 2019, corporate Australia has been busy navigating a new order.
In our 2018 Directions Report issued in March 2018, we reported on the emergence of building trust as a top priority for Australian companies and Boards, based on the increasing proportion of a business' value residing in intangible assets (such as brand, market position, business systems and knowledge). We also commented on the impact of a trust deficit, and proposed our "new recipe" for trust, where we suggested:
…companies and businesses will need a well-defined and genuine purpose (or statement of what the organisation stands for) which is communicated clearly to enable the creation of deeper connections with customers, employees, investors and the community…
Trust would be further enhanced by the CEOs, Chairmen and other leaders, on behalf of their organisations, being seen to personalise and articulate the purpose and values of their organisations, explain how the purpose and values apply to the decisions and actions of their organisations, and demonstrate empathy and accountability when things go wrong.
Since then, and with the impacts of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry ("Hayne Royal Commission") (and associated fallout) still being felt, our 2019 Directions Survey reveals that corporate Australia continues to search for its new recipe for trust; the pursuit of which has been complicated by a wave of more activist regulatory intervention and enforcement actions, dramatic media headlines and pointed political commentary – generally focused on mistrust.
Consumer and community expectations are now well-entrenched as the new barometer for assessing corporate behaviour. "Disrupt or be disrupted" and "innovate or die" have been supplanted by a more cautious "can we, should we?".
Regulators are regarding (at least the threat of) the sword as mightier than the pen. This begs the question – will the resulting organisational risk aversion stymie an appropriate focus on innovation, creativity and growth in the longer-term, thereby thwarting the cultivation of ideas which could otherwise help to address the range of issues that corporate Australia is (still) facing?
We explore these themes and more in this special edition of On Board, which unpacks the results of our 2019 Directions Survey.
The big issues
Maintaining an appropriate corporate culture, managing IT/cyber risks and protecting brand and reputation were the top 3 areas of concern for Boards in 2019 – which is consistent with the results reported in our Directions Report in March 2018, and our "Pulse Check" in November 2018 (although the ranking of these 3 issues has been different in each survey).
Promoting innovation within the organisation and excessive regulation and red tape were also identified as major areas of concern in 2019, highlighting the symbiotic tension between the two.
The importance of protecting information, the state of Australia's energy policy, lack of government vision and courage to tackle necessary reform, succession planning and ESG issues rounded out the key areas of concern for Boards.
In November 2018, we commented on the apparent "shift in focus away from some of the critical elements that contribute to the future strategy and success of an organisation – promoting innovation, developing the talent pipeline and succession planning" – and our latest survey results suggest that this shift may have become more entrenched (at least in the short term).
What is keeping Directors awake?
Beyond the risk of cyber-attacks – the emergence of 'systems' risk
The linkage between culture, reputation and technology as core pillars of modern corporate governance has become abundantly clear as 2019 draws to a close.
Unsurprisingly, managing IT and cyber risks remains a top priority for most Boards and their organisations, with nearly 64% of survey respondents being either concerned or very concerned about cyber risk related issues (including data or privacy breaches) and the way their organisations are responding. Over 60% of survey respondents identified a cyber attack as the single biggest threat to their organisation's reputation.
2019 has, however, seen the emergence of broader "business model" or "systems" risks. This is illustrated by various companies needing to tackle unexpected, major compliance issues and associated reputational "blow-back" from products, services and/or business models that were thought to be innovative or customer-centric, or from complexity where the scale of their operations has magnified the impact of the issue to unanticipated gargantuan levels and challenged the notion of a "mere technical breach".
It is a vivid demonstration of the enormous challenge that companies (and those that lead them) face in ensuring systems and processes are capable of meeting ever-changing regulatory and compliance requirements, as well as delivering customer and business outcomes which meet the expectations of shareholders and other stakeholders. These challenges can be exacerbated when organisations, in the search for growth, greater customer centricity or to respond to disruptive new entrants, seek to change their business models and move beyond their core competencies.
Larger vessels can take a while to change direction, and as most CIO's will attest, technology projects (which are typically at the core of realising these shifts in business models and operations) can be inherently complex, messy and expensive. In our experience, most organisations are running multiple concurrent projects, each with competing priorities, stakeholders and risks. A missed upgrade, an integration glitch or a defective patch are things that Boards, and non-executive directors, simply cannot be across, which leads to a deeper cultural introspection.
At a time when the management of non-financial risks is squarely under the microscope, the recent manifestations of these types of issues underscore the complexity in identifying, and appropriately escalating and addressing, risk and performance issues - which, in isolation can appear to be financially and/or operationally immaterial, but in aggregate can represent "tier 1" organisational risks from a financial and reputational perspective.
We predict that successfully navigating these types of issues will become the single biggest governance challenge of the next decade.
What impact do you think the Hayne Royal Commission, and regulatory responses had on community attitudes towards corporate Australia and the role of Boards?
A lasting Royal impression
Approximately two-thirds of our survey respondents thought the Hayne Royal Commission and subsequent regulatory responses have had a material impact on community attitudes towards corporate Australia and the role of Boards.
Do you think the impact is?
The majority (58%) thought that impact was overall negative.
Why so negative?
Our survey respondents generally welcomed the post-Hayne consumer focus – "customers must now come first".
However, there is a concern that the outworkings of the Hayne Royal Commission – whose terms of reference centred on "mistrust" in the financial services sector - are having a broader impact well beyond its scope.
I rated the Hayne impact as overall negative as 'the community' seems to want to apply very specific findings for the financial services industry to the business world at large.
There is also concern regarding the broader economic and investment implications of this sentiment.
…excessive negative headlines, driven by overly litigious regulators, fanning anti-business media and political commentary will seriously damage business morale and reputation, and make Australia a less attractive destination for overseas investors.
Smarting from the Hayne Royal Commission's criticism of their perceived impotence, and emboldened by political and media calls that they toughen-up, the nation's key regulators appear to have seized corporate Australia's "culture" moment with considerable zeal.
In the 10 months since the Hayne Royal Commission's Final Report, ASIC and APRA in particular have pursued increasingly high-profile and aggressive enforcement strategies.
Numerous survey respondents expressed fears regarding the impact of this approach on investor confidence and Australia's attractiveness, and on Boards' willingness to explore creative solutions and take entrepreneurial risks.
It will create a culture of risk aversion
The governance pendulum across the board has swung too far towards the conservative," suggested another, warning that would leave Australia "at the risk of avoiding the creative solutions that can help to solve the problems in the first place.
Survey respondents also expressed particular concerns over "enforcement by litigation" and the "impact on how ASIC behaves". These are references to:
- ASIC's much-publicised "why not litigate" mantra; and
- the dramatic uptick in mandatory requests for the production of documents and information, and the confrontational approach it has adopted to making them.
Facing into the headwinds
Despite the range of challenges, most Australian companies and Boards are facing directly into the headwinds.
Over three-quarters of our survey respondents noted that the increased focus on culture and conduct had prompted their organisations to undertake a review of governance and compliance practices and the management of non-financial risks in the last 12 months. 39% engaged an external advisor or consultant to assist.
The way non-financial risks are identified, reported, escalated and followed-up is a key priority – which is not surprising given ASIC's Corporate Governance Taskforce Report and the recommendations regarding risk appetite statements, information flows and Board risk committees.
Nearly half (48.0%) of our survey respondents noted that this review has changed the way their organisations report risks to their Boards, with a significant number (39.0%) noting this has also changed the status or structure of the compliance and risk functions. Approximately one-third said it had already impacted the metrics by which the performance and remuneration of employees and executives will be assessed – an area which will receive further attention in the coming year.
What has the review of governance and compliance practices changed?
It is clear that the focus on non-financial risk management has elevated the conversation in the boardroom.
It has led to plenty of debate around the right level of governance. It has also helped to get more support for the directors in terms of better information, access to management and front line operational visits.
There remains, however, a nervousness that the current operating and regulatory environment will lead to overly conservative governance practices that will adversely impact on risk tolerance, and challenge the pursuit of innovation and growth in the face of increasing disruption from new technologies, cost pressures and competition.
Navigating the expectation gap – what of the non-executive director?
The overwhelming majority (59%) of our survey respondents agreed that the true role (and value) of the non-executive director in Australia is being eroded by the increasing necessity and expectation to become more directly involved with issues which have traditionally been management's responsibility.
Unsurprisingly, there is a strong feeling that the increasing expectations (and associated risks) are making the position unattractive for those most qualified, experienced and capable.
There is a material disconnect in the risk - reward profile to be a non-exec," one survey respondent wrote, adding "the risks vastly outweigh the remuneration paid.
Do you agree or disagree with the following statement: The true role and (and value) of the non-executive is being eroded by the increasing necessity and expectation to become more directly involved with issues which are management's responsibility.
Despite there being broad consensus as to the existence of an expectation gap, views were split as to whether or not the role of the non-executive director (which has been a cornerstone of public company governance in Australia for many years) should be redefined in some way.
With the increasing expectations being placed on non-executive directors, do you think the role should be re-defined (e.g. by limiting the number of non-executive directorships a single person can hold at any one time, but increasing the remuneration payable for each role)?
Most advocated against establishing (more) prescriptive rules, reflecting the sentiment that a "one-size-fits-all" approach is unlikely to be valuable or deliver better outcomes for shareholders and other stakeholders. Nor will a prescriptive approach be reflective of the practical reality that non-executive directors typically need to "flex" their workloads through cycles over time, depending on the needs of the organisations they serve.
There was, however, greater consensus on the topic of workloads, risk and remuneration.
…the bigger issue is that the workload of directors has materially increased over the last 4-6 years but director remuneration has not increased since the GFC.
There should be more remuneration to compensate for the risk being taken on, especially in a listed co," noted one respondent, who added they felt it "a matter of judgement on the part of the NED, the Chair and the investors as to whether the NED holds too many directorships.
'Stepping stones' – will risk aversion ultimately be a good thing?
Just over half (51.9%) of our survey respondents described themselves as "concerned" or "very concerned" about the risk of potential personal liability for a breach of their statutory duty to exercise care and diligence under section 180 of the Corporations Act, in circumstances where their organisation has contravened the law.
How concerned are you about the risk of potential litigation or enforcement action against a director personally, based on an alleged breach of their duty to exercise care and diligence where their organisation has contravened the law?
Are Boards taking climate concerns seriously?
One way or another, climate-related risks are on the agenda for most Australian companies and Boards – but the weighting of the issue is heavily influenced by sector and the attendant short and medium term exposures.
Approximately 37% of our survey respondents said they were concerned about climate-related risk issues and the way their organisations are responding, with 63% either being not concerned or neutral on the matter – potentially indicating an underlying degree of comfort in terms of the way in which their organisations are meeting these challenges.
What is driving the concern?
The key driver is environmental, social and governance ("ESG") principles. And this is not surprising, given the recent re-emergence of private capital (including in the form of index funds such as Blackrock, Vanguard and State Street, in addition to private equity and increasingly active family offices) and the influence this is having on sectoral investment and corporate activity globally. In Australia, M&A strategy is increasingly being devised around the role and influence of superannuation funds, which are taking more active roles.
A common thread amongst these institutions and investors is that where they choose to park their money is increasingly filtered through a well-calibrated and sophisticated ESG lens.
So while much has been written about the need to elevate climate-related risk disclosures and the implications for directors from a care and diligence and best interests perspective (which remain important issues), for most organisations it is about following the money as much as it is being a steward through organisationally living these ESG principles.
A new decade
It is clear that corporate Australia and Boards are navigating a new order - but there is still work to do in bridging the "trust deficit".
As this decade draws to a close, economic conditions remain uncertain, geopolitical tensions persist, disruption is the new normal and Greta Thunberg is TIME's Person of the Year.
Against this backdrop, a key issue for directors and senior executives is whether they can meet the increasing (and often divergent) investor, customer and community expectations, while complying with their legal and regulatory obligations. And still champion innovation, productivity and growth through cultivating a culture which leaves room for entrepreneurial risk-taking - which will be critical if Australia is to remain an attractive investment proposition and place to do business.
Download the PDF version of this article here.